diff --git a/.buildkite/pipeline-resource-definitions/scripts/validate-pipeline-definition.sh b/.buildkite/pipeline-resource-definitions/scripts/validate-pipeline-definition.sh index cd153b23f10ab..e60aa8ca755d9 100755 --- a/.buildkite/pipeline-resource-definitions/scripts/validate-pipeline-definition.sh +++ b/.buildkite/pipeline-resource-definitions/scripts/validate-pipeline-definition.sh @@ -1,5 +1,6 @@ #!/usr/bin/env bash +# renovate.json tracks this file for updating the pipelib docker image, update the path if you move this file # This script is used to validate a single RRE for a pipeline definition. TARGET_FILE=$1 @@ -16,7 +17,7 @@ FOLDER_NAME=$(dirname "$ABSOLUTE_PATH") docker run -it \ --mount type=bind,source="$FOLDER_NAME",target=/home/app/ \ - docker.elastic.co/ci-agent-images/pipelib \ + docker.elastic.co/ci-agent-images/pipelib:0.8.0@sha256:641d7fc6cfe473900a1fbe49876762916d804b09fdf2945f74e9f803f3073779 \ rre validate --backstage-entity-aware "/home/app/$FILE_NAME" if [ $? -ne 0 ]; then diff --git a/.buildkite/scripts/steps/checks.sh b/.buildkite/scripts/steps/checks.sh index dd7c0c0e6d69c..50ee0363ad93f 100755 --- a/.buildkite/scripts/steps/checks.sh +++ b/.buildkite/scripts/steps/checks.sh @@ -15,3 +15,4 @@ fi .buildkite/scripts/steps/code_generation/security_solution_codegen.sh .buildkite/scripts/steps/openapi_bundling/security_solution_openapi_bundling.sh .buildkite/scripts/steps/code_generation/osquery_codegen.sh +.buildkite/scripts/steps/openapi_bundling/final_merge.sh diff --git a/.buildkite/scripts/steps/checks/renovate.sh b/.buildkite/scripts/steps/checks/renovate.sh new file mode 100755 index 0000000000000..17c87254511e1 --- /dev/null +++ b/.buildkite/scripts/steps/checks/renovate.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +# renovate.json tracks this file for updating the pipelib docker image, update the path if you move this file + +set -euo pipefail + +echo --- Check renovate.json +docker run -v "$(pwd)"/renovate.json:/home/app/renovate.json docker.elastic.co/ci-agent-images/pipelib:0.8.0@sha256:641d7fc6cfe473900a1fbe49876762916d804b09fdf2945f74e9f803f3073779 renovate-config-validator diff --git a/.buildkite/scripts/steps/openapi_bundling/final_merge.sh b/.buildkite/scripts/steps/openapi_bundling/final_merge.sh new file mode 100755 index 0000000000000..41ca47aef24ee --- /dev/null +++ b/.buildkite/scripts/steps/openapi_bundling/final_merge.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/common/util.sh + +echo --- Merge Kibana OpenAPI specs + +(cd oas_docs && make api-docs && make api-docs-lint) diff --git a/.buildkite/scripts/steps/quick_checks.sh b/.buildkite/scripts/steps/quick_checks.sh index c9719e5c08fa9..eb14209f97f5a 100755 --- a/.buildkite/scripts/steps/quick_checks.sh +++ b/.buildkite/scripts/steps/quick_checks.sh @@ -23,3 +23,4 @@ export DISABLE_BOOTSTRAP_VALIDATION=false .buildkite/scripts/steps/checks/ftr_configs.sh .buildkite/scripts/steps/checks/yarn_deduplicate.sh .buildkite/scripts/steps/checks/prettier_topology.sh +.buildkite/scripts/steps/checks/renovate.sh diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e07292b2eef19..fcdfaf1fe4ef8 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -98,6 +98,8 @@ packages/kbn-config-schema @elastic/kibana-core src/plugins/console @elastic/kibana-management packages/content-management/content_editor @elastic/appex-sharedux examples/content_management_examples @elastic/appex-sharedux +packages/content-management/favorites/favorites_public @elastic/appex-sharedux +packages/content-management/favorites/favorites_server @elastic/appex-sharedux src/plugins/content_management @elastic/appex-sharedux packages/content-management/tabbed_table_list_view @elastic/appex-sharedux packages/content-management/table_list_view @elastic/appex-sharedux @@ -1277,6 +1279,9 @@ x-pack/test/observability_ai_assistant_functional @elastic/obs-ai-assistant /x-pack/test_serverless/functional/test_suites/common/home_page/ @elastic/appex-qa /x-pack/test_serverless/**/services/ @elastic/appex-qa /packages/kbn-es/src/stateful_resources/roles.yml @elastic/appex-qa +x-pack/test/api_integration/deployment_agnostic/default_configs/ @elastic/appex-qa +x-pack/test/api_integration/deployment_agnostic/services/ @elastic/appex-qa +x-pack/test/**/deployment_agnostic/ @elastic/appex-qa #temporarily to monitor tests migration # Core /config/ @elastic/kibana-core @@ -1523,18 +1528,18 @@ x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout @elastic/ ## Generative AI owner connectors # OpenAI -/x-pack/plugins/stack_connectors/public/connector_types/openai @elastic/security-generative-ai @elastic/obs-knowledge-team -/x-pack/plugins/stack_connectors/server/connector_types/openai @elastic/security-generative-ai @elastic/obs-knowledge-team -/x-pack/plugins/stack_connectors/common/openai @elastic/security-generative-ai @elastic/obs-knowledge-team +/x-pack/plugins/stack_connectors/public/connector_types/openai @elastic/security-generative-ai @elastic/obs-ai-assistant +/x-pack/plugins/stack_connectors/server/connector_types/openai @elastic/security-generative-ai @elastic/obs-ai-assistant +/x-pack/plugins/stack_connectors/common/openai @elastic/security-generative-ai @elastic/obs-ai-assistant # Bedrock -/x-pack/plugins/stack_connectors/public/connector_types/bedrock @elastic/security-generative-ai -/x-pack/plugins/stack_connectors/server/connector_types/bedrock @elastic/security-generative-ai -/x-pack/plugins/stack_connectors/common/bedrock @elastic/security-generative-ai +/x-pack/plugins/stack_connectors/public/connector_types/bedrock @elastic/security-generative-ai @elastic/obs-ai-assistant +/x-pack/plugins/stack_connectors/server/connector_types/bedrock @elastic/security-generative-ai @elastic/obs-ai-assistant +/x-pack/plugins/stack_connectors/common/bedrock @elastic/security-generative-ai @elastic/obs-ai-assistant # Gemini -/x-pack/plugins/stack_connectors/public/connector_types/gemini @elastic/security-generative-ai -/x-pack/plugins/stack_connectors/server/connector_types/gemini @elastic/security-generative-ai -/x-pack/plugins/stack_connectors/common/gemini @elastic/security-generative-ai +/x-pack/plugins/stack_connectors/public/connector_types/gemini @elastic/security-generative-ai @elastic/obs-ai-assistant +/x-pack/plugins/stack_connectors/server/connector_types/gemini @elastic/security-generative-ai @elastic/obs-ai-assistant +/x-pack/plugins/stack_connectors/common/gemini @elastic/security-generative-ai @elastic/obs-ai-assistant ## Defend Workflows owner connectors /x-pack/plugins/stack_connectors/public/connector_types/sentinelone @elastic/security-defend-workflows diff --git a/.github/workflows/alert-failed-test.yml b/.github/workflows/alert-failed-test.yml index 92916629d80f3..4d465b03dd43f 100644 --- a/.github/workflows/alert-failed-test.yml +++ b/.github/workflows/alert-failed-test.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout kibana-operations - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: 'elastic/kibana-operations' ref: main diff --git a/.github/workflows/auto-approve-api-docs.yml b/.github/workflows/auto-approve-api-docs.yml index 11e28d46d9cc2..00b814c1f699c 100644 --- a/.github/workflows/auto-approve-api-docs.yml +++ b/.github/workflows/auto-approve-api-docs.yml @@ -15,4 +15,4 @@ jobs: permissions: pull-requests: write steps: - - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 #4.0.0 + - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4.0.0 diff --git a/.github/workflows/auto-approve-backports.yml b/.github/workflows/auto-approve-backports.yml index 4c08e2bbb718c..97011de3f4675 100644 --- a/.github/workflows/auto-approve-backports.yml +++ b/.github/workflows/auto-approve-backports.yml @@ -15,4 +15,4 @@ jobs: permissions: pull-requests: write steps: - - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 #4.0.0 + - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4.0.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c4819f86fa1f9..66f99a95a3b2c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: ${{ matrix.branch }} diff --git a/.github/workflows/fix-version-gaps.yml b/.github/workflows/fix-version-gaps.yml index 77a56a268f20d..1e89ec2553457 100644 --- a/.github/workflows/fix-version-gaps.yml +++ b/.github/workflows/fix-version-gaps.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Actions - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: 'elastic/kibana-github-actions' ref: main diff --git a/.github/workflows/label-failed-test.yml b/.github/workflows/label-failed-test.yml index ec5114803639e..358ff08edecd1 100644 --- a/.github/workflows/label-failed-test.yml +++ b/.github/workflows/label-failed-test.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout kibana-operations - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: 'elastic/kibana-operations' ref: main diff --git a/.github/workflows/launchdarkly-code-references.yml b/.github/workflows/launchdarkly-code-references.yml index ab888da06c97a..3f6c4b1ead69f 100644 --- a/.github/workflows/launchdarkly-code-references.yml +++ b/.github/workflows/launchdarkly-code-references.yml @@ -16,7 +16,7 @@ jobs: if: github.event.repository.fork == false runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 11 # This value must be set if the lookback configuration option is not disabled for find-code-references. Read more: https://github.com/launchdarkly/ld-find-code-refs#searching-for-unused-flags-extinctions - name: LaunchDarkly Code References diff --git a/.github/workflows/on-merge.yml b/.github/workflows/on-merge.yml index b02129edb6fe0..421e4825d1a6a 100644 --- a/.github/workflows/on-merge.yml +++ b/.github/workflows/on-merge.yml @@ -24,7 +24,7 @@ jobs: ) steps: - name: Checkout Actions - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: 'elastic/kibana-github-actions' ref: main diff --git a/.github/workflows/skip-failed-test.yml b/.github/workflows/skip-failed-test.yml index 4c6d7c94b808d..913ba7b9648d4 100644 --- a/.github/workflows/skip-failed-test.yml +++ b/.github/workflows/skip-failed-test.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Actions - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: 'elastic/kibana-github-actions' ref: main @@ -30,7 +30,7 @@ jobs: token: ${{secrets.KIBANAMACHINE_TOKEN}} - name: Checkout kibana-operations - uses: actions/checkout@v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: 'elastic/kibana-operations' ref: main diff --git a/api_docs/actions.mdx b/api_docs/actions.mdx index 2d0e9c483fac0..4469afa2e8508 100644 --- a/api_docs/actions.mdx +++ b/api_docs/actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/actions title: "actions" image: https://source.unsplash.com/400x175/?github description: API docs for the actions plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'actions'] --- import actionsObj from './actions.devdocs.json'; diff --git a/api_docs/advanced_settings.mdx b/api_docs/advanced_settings.mdx index f5b97dd19e4d0..3902e52ecbae4 100644 --- a/api_docs/advanced_settings.mdx +++ b/api_docs/advanced_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/advancedSettings title: "advancedSettings" image: https://source.unsplash.com/400x175/?github description: API docs for the advancedSettings plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'advancedSettings'] --- import advancedSettingsObj from './advanced_settings.devdocs.json'; diff --git a/api_docs/ai_assistant_management_selection.mdx b/api_docs/ai_assistant_management_selection.mdx index e87e7fa5b44d2..28730ac0fb9d3 100644 --- a/api_docs/ai_assistant_management_selection.mdx +++ b/api_docs/ai_assistant_management_selection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiAssistantManagementSelection title: "aiAssistantManagementSelection" image: https://source.unsplash.com/400x175/?github description: API docs for the aiAssistantManagementSelection plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiAssistantManagementSelection'] --- import aiAssistantManagementSelectionObj from './ai_assistant_management_selection.devdocs.json'; diff --git a/api_docs/aiops.mdx b/api_docs/aiops.mdx index 9ce70fefa680c..ef7c9b68cf194 100644 --- a/api_docs/aiops.mdx +++ b/api_docs/aiops.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiops title: "aiops" image: https://source.unsplash.com/400x175/?github description: API docs for the aiops plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiops'] --- import aiopsObj from './aiops.devdocs.json'; diff --git a/api_docs/alerting.mdx b/api_docs/alerting.mdx index e2226f16090b1..994f67e3baca6 100644 --- a/api_docs/alerting.mdx +++ b/api_docs/alerting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/alerting title: "alerting" image: https://source.unsplash.com/400x175/?github description: API docs for the alerting plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'alerting'] --- import alertingObj from './alerting.devdocs.json'; diff --git a/api_docs/apm.mdx b/api_docs/apm.mdx index 4af7011046242..c2616561d2e20 100644 --- a/api_docs/apm.mdx +++ b/api_docs/apm.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apm title: "apm" image: https://source.unsplash.com/400x175/?github description: API docs for the apm plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apm'] --- import apmObj from './apm.devdocs.json'; diff --git a/api_docs/apm_data_access.mdx b/api_docs/apm_data_access.mdx index 3fc6a3804646e..3364fd5aceb7b 100644 --- a/api_docs/apm_data_access.mdx +++ b/api_docs/apm_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apmDataAccess title: "apmDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the apmDataAccess plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apmDataAccess'] --- import apmDataAccessObj from './apm_data_access.devdocs.json'; diff --git a/api_docs/banners.mdx b/api_docs/banners.mdx index 034cb67d60296..cf9cfbc61ab0c 100644 --- a/api_docs/banners.mdx +++ b/api_docs/banners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/banners title: "banners" image: https://source.unsplash.com/400x175/?github description: API docs for the banners plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'banners'] --- import bannersObj from './banners.devdocs.json'; diff --git a/api_docs/bfetch.mdx b/api_docs/bfetch.mdx index 0ee72a25f7fba..d1080dcd63eaf 100644 --- a/api_docs/bfetch.mdx +++ b/api_docs/bfetch.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/bfetch title: "bfetch" image: https://source.unsplash.com/400x175/?github description: API docs for the bfetch plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'bfetch'] --- import bfetchObj from './bfetch.devdocs.json'; diff --git a/api_docs/canvas.mdx b/api_docs/canvas.mdx index a1da4c6611411..1bdb61ee19099 100644 --- a/api_docs/canvas.mdx +++ b/api_docs/canvas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/canvas title: "canvas" image: https://source.unsplash.com/400x175/?github description: API docs for the canvas plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'canvas'] --- import canvasObj from './canvas.devdocs.json'; diff --git a/api_docs/cases.mdx b/api_docs/cases.mdx index d4b6be1c7632c..1e07dc2997919 100644 --- a/api_docs/cases.mdx +++ b/api_docs/cases.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cases title: "cases" image: https://source.unsplash.com/400x175/?github description: API docs for the cases plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cases'] --- import casesObj from './cases.devdocs.json'; diff --git a/api_docs/charts.mdx b/api_docs/charts.mdx index 9b1411ca8ca73..913da46da385d 100644 --- a/api_docs/charts.mdx +++ b/api_docs/charts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/charts title: "charts" image: https://source.unsplash.com/400x175/?github description: API docs for the charts plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'charts'] --- import chartsObj from './charts.devdocs.json'; diff --git a/api_docs/cloud.mdx b/api_docs/cloud.mdx index 5f4a9f6689143..ac7bc60b14c8c 100644 --- a/api_docs/cloud.mdx +++ b/api_docs/cloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloud title: "cloud" image: https://source.unsplash.com/400x175/?github description: API docs for the cloud plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloud'] --- import cloudObj from './cloud.devdocs.json'; diff --git a/api_docs/cloud_data_migration.mdx b/api_docs/cloud_data_migration.mdx index f276b384c03ca..11dac530992bc 100644 --- a/api_docs/cloud_data_migration.mdx +++ b/api_docs/cloud_data_migration.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDataMigration title: "cloudDataMigration" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDataMigration plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDataMigration'] --- import cloudDataMigrationObj from './cloud_data_migration.devdocs.json'; diff --git a/api_docs/cloud_defend.mdx b/api_docs/cloud_defend.mdx index 019d88fbc3f7a..7a1fbd6d6ed53 100644 --- a/api_docs/cloud_defend.mdx +++ b/api_docs/cloud_defend.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDefend title: "cloudDefend" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDefend plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDefend'] --- import cloudDefendObj from './cloud_defend.devdocs.json'; diff --git a/api_docs/cloud_experiments.mdx b/api_docs/cloud_experiments.mdx index ec76f500d8fdc..cd7880b96c778 100644 --- a/api_docs/cloud_experiments.mdx +++ b/api_docs/cloud_experiments.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudExperiments title: "cloudExperiments" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudExperiments plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudExperiments'] --- import cloudExperimentsObj from './cloud_experiments.devdocs.json'; diff --git a/api_docs/cloud_security_posture.mdx b/api_docs/cloud_security_posture.mdx index 909a2b96c3f15..2f3d003ebb208 100644 --- a/api_docs/cloud_security_posture.mdx +++ b/api_docs/cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudSecurityPosture title: "cloudSecurityPosture" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudSecurityPosture plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudSecurityPosture'] --- import cloudSecurityPostureObj from './cloud_security_posture.devdocs.json'; diff --git a/api_docs/console.mdx b/api_docs/console.mdx index 5a9489665e738..5cbf9631fc557 100644 --- a/api_docs/console.mdx +++ b/api_docs/console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/console title: "console" image: https://source.unsplash.com/400x175/?github description: API docs for the console plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'console'] --- import consoleObj from './console.devdocs.json'; diff --git a/api_docs/content_management.mdx b/api_docs/content_management.mdx index 85dd74c0690d8..865fee25ddf29 100644 --- a/api_docs/content_management.mdx +++ b/api_docs/content_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/contentManagement title: "contentManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the contentManagement plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'contentManagement'] --- import contentManagementObj from './content_management.devdocs.json'; diff --git a/api_docs/controls.devdocs.json b/api_docs/controls.devdocs.json index f7972270d0906..1c04186ae091e 100644 --- a/api_docs/controls.devdocs.json +++ b/api_docs/controls.devdocs.json @@ -6615,6 +6615,8 @@ "section": "def-public.HasSaveNotification", "text": "HasSaveNotification" }, + " & ", + "PublishesReload", "> & { asyncResetUnsavedChanges: () => Promise; autoApplySelections$: ", { "pluginId": "@kbn/presentation-publishing", diff --git a/api_docs/controls.mdx b/api_docs/controls.mdx index 11ea1aa151fe0..9ed4d84ac7ed7 100644 --- a/api_docs/controls.mdx +++ b/api_docs/controls.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/controls title: "controls" image: https://source.unsplash.com/400x175/?github description: API docs for the controls plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'controls'] --- import controlsObj from './controls.devdocs.json'; diff --git a/api_docs/custom_integrations.mdx b/api_docs/custom_integrations.mdx index b53222090c339..6c37cab99adea 100644 --- a/api_docs/custom_integrations.mdx +++ b/api_docs/custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/customIntegrations title: "customIntegrations" image: https://source.unsplash.com/400x175/?github description: API docs for the customIntegrations plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'customIntegrations'] --- import customIntegrationsObj from './custom_integrations.devdocs.json'; diff --git a/api_docs/dashboard.mdx b/api_docs/dashboard.mdx index fee7c63a488e5..1b781897b7a2b 100644 --- a/api_docs/dashboard.mdx +++ b/api_docs/dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboard title: "dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboard plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboard'] --- import dashboardObj from './dashboard.devdocs.json'; diff --git a/api_docs/dashboard_enhanced.mdx b/api_docs/dashboard_enhanced.mdx index 03887ca990b60..a5de868b7733d 100644 --- a/api_docs/dashboard_enhanced.mdx +++ b/api_docs/dashboard_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboardEnhanced title: "dashboardEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboardEnhanced plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboardEnhanced'] --- import dashboardEnhancedObj from './dashboard_enhanced.devdocs.json'; diff --git a/api_docs/data.mdx b/api_docs/data.mdx index 448330fddd505..2722cc2f0be5b 100644 --- a/api_docs/data.mdx +++ b/api_docs/data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data title: "data" image: https://source.unsplash.com/400x175/?github description: API docs for the data plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data'] --- import dataObj from './data.devdocs.json'; diff --git a/api_docs/data_quality.mdx b/api_docs/data_quality.mdx index 050b78e15b0f8..d31fb3025796f 100644 --- a/api_docs/data_quality.mdx +++ b/api_docs/data_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataQuality title: "dataQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the dataQuality plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataQuality'] --- import dataQualityObj from './data_quality.devdocs.json'; diff --git a/api_docs/data_query.mdx b/api_docs/data_query.mdx index d44b103b9316f..43d20508552ba 100644 --- a/api_docs/data_query.mdx +++ b/api_docs/data_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-query title: "data.query" image: https://source.unsplash.com/400x175/?github description: API docs for the data.query plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.query'] --- import dataQueryObj from './data_query.devdocs.json'; diff --git a/api_docs/data_search.mdx b/api_docs/data_search.mdx index 4c11abbb97d58..50938b3857002 100644 --- a/api_docs/data_search.mdx +++ b/api_docs/data_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-search title: "data.search" image: https://source.unsplash.com/400x175/?github description: API docs for the data.search plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.search'] --- import dataSearchObj from './data_search.devdocs.json'; diff --git a/api_docs/data_view_editor.mdx b/api_docs/data_view_editor.mdx index aee386ff5514a..3d2a1f8171a4a 100644 --- a/api_docs/data_view_editor.mdx +++ b/api_docs/data_view_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewEditor title: "dataViewEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewEditor plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewEditor'] --- import dataViewEditorObj from './data_view_editor.devdocs.json'; diff --git a/api_docs/data_view_field_editor.mdx b/api_docs/data_view_field_editor.mdx index 122c7660ba46c..7f47158264a19 100644 --- a/api_docs/data_view_field_editor.mdx +++ b/api_docs/data_view_field_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewFieldEditor title: "dataViewFieldEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewFieldEditor plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewFieldEditor'] --- import dataViewFieldEditorObj from './data_view_field_editor.devdocs.json'; diff --git a/api_docs/data_view_management.mdx b/api_docs/data_view_management.mdx index e6f76d9dcfe76..46c6de156af56 100644 --- a/api_docs/data_view_management.mdx +++ b/api_docs/data_view_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewManagement title: "dataViewManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewManagement plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewManagement'] --- import dataViewManagementObj from './data_view_management.devdocs.json'; diff --git a/api_docs/data_views.mdx b/api_docs/data_views.mdx index 6ce8f7cc8f3ec..9fa05ec9eadd0 100644 --- a/api_docs/data_views.mdx +++ b/api_docs/data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViews title: "dataViews" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViews plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViews'] --- import dataViewsObj from './data_views.devdocs.json'; diff --git a/api_docs/data_visualizer.mdx b/api_docs/data_visualizer.mdx index 6ec542d033b9e..03b29b8db8626 100644 --- a/api_docs/data_visualizer.mdx +++ b/api_docs/data_visualizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataVisualizer title: "dataVisualizer" image: https://source.unsplash.com/400x175/?github description: API docs for the dataVisualizer plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataVisualizer'] --- import dataVisualizerObj from './data_visualizer.devdocs.json'; diff --git a/api_docs/dataset_quality.mdx b/api_docs/dataset_quality.mdx index a1cb7447bf7f8..d8b1f0d27e875 100644 --- a/api_docs/dataset_quality.mdx +++ b/api_docs/dataset_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/datasetQuality title: "datasetQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the datasetQuality plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'datasetQuality'] --- import datasetQualityObj from './dataset_quality.devdocs.json'; diff --git a/api_docs/deprecations_by_api.mdx b/api_docs/deprecations_by_api.mdx index a72c07b29e365..7e748eaead0cf 100644 --- a/api_docs/deprecations_by_api.mdx +++ b/api_docs/deprecations_by_api.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByApi slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-api title: Deprecated API usage by API description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/deprecations_by_plugin.mdx b/api_docs/deprecations_by_plugin.mdx index cb97812f417ad..79cc9134de216 100644 --- a/api_docs/deprecations_by_plugin.mdx +++ b/api_docs/deprecations_by_plugin.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByPlugin slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-plugin title: Deprecated API usage by plugin description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/deprecations_by_team.mdx b/api_docs/deprecations_by_team.mdx index a092135b9907e..1767ab186d53f 100644 --- a/api_docs/deprecations_by_team.mdx +++ b/api_docs/deprecations_by_team.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsDueByTeam slug: /kibana-dev-docs/api-meta/deprecations-due-by-team title: Deprecated APIs due to be removed, by team description: Lists the teams that are referencing deprecated APIs with a remove by date. -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/dev_tools.mdx b/api_docs/dev_tools.mdx index 29421cdd19f45..f6bf395ae0f34 100644 --- a/api_docs/dev_tools.mdx +++ b/api_docs/dev_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/devTools title: "devTools" image: https://source.unsplash.com/400x175/?github description: API docs for the devTools plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'devTools'] --- import devToolsObj from './dev_tools.devdocs.json'; diff --git a/api_docs/discover.mdx b/api_docs/discover.mdx index 3098e455f5469..5669ab1d8aebc 100644 --- a/api_docs/discover.mdx +++ b/api_docs/discover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discover title: "discover" image: https://source.unsplash.com/400x175/?github description: API docs for the discover plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discover'] --- import discoverObj from './discover.devdocs.json'; diff --git a/api_docs/discover_enhanced.mdx b/api_docs/discover_enhanced.mdx index 44d445aae4d55..4253d0232c85f 100644 --- a/api_docs/discover_enhanced.mdx +++ b/api_docs/discover_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverEnhanced title: "discoverEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverEnhanced plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverEnhanced'] --- import discoverEnhancedObj from './discover_enhanced.devdocs.json'; diff --git a/api_docs/discover_shared.mdx b/api_docs/discover_shared.mdx index 055b031f2c71d..0f95045f9a597 100644 --- a/api_docs/discover_shared.mdx +++ b/api_docs/discover_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverShared title: "discoverShared" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverShared plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverShared'] --- import discoverSharedObj from './discover_shared.devdocs.json'; diff --git a/api_docs/ecs_data_quality_dashboard.mdx b/api_docs/ecs_data_quality_dashboard.mdx index 28dd537956620..447643e07670f 100644 --- a/api_docs/ecs_data_quality_dashboard.mdx +++ b/api_docs/ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ecsDataQualityDashboard title: "ecsDataQualityDashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the ecsDataQualityDashboard plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ecsDataQualityDashboard'] --- import ecsDataQualityDashboardObj from './ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/elastic_assistant.mdx b/api_docs/elastic_assistant.mdx index 3df50f4921e28..434019e1b7251 100644 --- a/api_docs/elastic_assistant.mdx +++ b/api_docs/elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/elasticAssistant title: "elasticAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the elasticAssistant plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'elasticAssistant'] --- import elasticAssistantObj from './elastic_assistant.devdocs.json'; diff --git a/api_docs/embeddable.mdx b/api_docs/embeddable.mdx index 5145bda514e87..384d0b43d5421 100644 --- a/api_docs/embeddable.mdx +++ b/api_docs/embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddable title: "embeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddable plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddable'] --- import embeddableObj from './embeddable.devdocs.json'; diff --git a/api_docs/embeddable_enhanced.mdx b/api_docs/embeddable_enhanced.mdx index d4d58d1eb88e7..bdd40b0f1f7ab 100644 --- a/api_docs/embeddable_enhanced.mdx +++ b/api_docs/embeddable_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddableEnhanced title: "embeddableEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddableEnhanced plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddableEnhanced'] --- import embeddableEnhancedObj from './embeddable_enhanced.devdocs.json'; diff --git a/api_docs/encrypted_saved_objects.mdx b/api_docs/encrypted_saved_objects.mdx index 0c886976e390d..5cedbfc206f65 100644 --- a/api_docs/encrypted_saved_objects.mdx +++ b/api_docs/encrypted_saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/encryptedSavedObjects title: "encryptedSavedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the encryptedSavedObjects plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'encryptedSavedObjects'] --- import encryptedSavedObjectsObj from './encrypted_saved_objects.devdocs.json'; diff --git a/api_docs/enterprise_search.mdx b/api_docs/enterprise_search.mdx index 56a36f276315a..b257354955e3d 100644 --- a/api_docs/enterprise_search.mdx +++ b/api_docs/enterprise_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/enterpriseSearch title: "enterpriseSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the enterpriseSearch plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'enterpriseSearch'] --- import enterpriseSearchObj from './enterprise_search.devdocs.json'; diff --git a/api_docs/entities_data_access.mdx b/api_docs/entities_data_access.mdx index 13445a2e2d27d..d7e0a6263c7a5 100644 --- a/api_docs/entities_data_access.mdx +++ b/api_docs/entities_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entitiesDataAccess title: "entitiesDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the entitiesDataAccess plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entitiesDataAccess'] --- import entitiesDataAccessObj from './entities_data_access.devdocs.json'; diff --git a/api_docs/entity_manager.mdx b/api_docs/entity_manager.mdx index 19d0b427eb5e3..dcbe4bae12c0d 100644 --- a/api_docs/entity_manager.mdx +++ b/api_docs/entity_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entityManager title: "entityManager" image: https://source.unsplash.com/400x175/?github description: API docs for the entityManager plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entityManager'] --- import entityManagerObj from './entity_manager.devdocs.json'; diff --git a/api_docs/es_ui_shared.mdx b/api_docs/es_ui_shared.mdx index b7398ec32061f..adffb55eaff37 100644 --- a/api_docs/es_ui_shared.mdx +++ b/api_docs/es_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esUiShared title: "esUiShared" image: https://source.unsplash.com/400x175/?github description: API docs for the esUiShared plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esUiShared'] --- import esUiSharedObj from './es_ui_shared.devdocs.json'; diff --git a/api_docs/esql.mdx b/api_docs/esql.mdx index 4e94497ad896e..6926658855697 100644 --- a/api_docs/esql.mdx +++ b/api_docs/esql.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esql title: "esql" image: https://source.unsplash.com/400x175/?github description: API docs for the esql plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esql'] --- import esqlObj from './esql.devdocs.json'; diff --git a/api_docs/esql_data_grid.mdx b/api_docs/esql_data_grid.mdx index 8e0c1a69cee11..53ebfc4ae29f1 100644 --- a/api_docs/esql_data_grid.mdx +++ b/api_docs/esql_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esqlDataGrid title: "esqlDataGrid" image: https://source.unsplash.com/400x175/?github description: API docs for the esqlDataGrid plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esqlDataGrid'] --- import esqlDataGridObj from './esql_data_grid.devdocs.json'; diff --git a/api_docs/event_annotation.mdx b/api_docs/event_annotation.mdx index b062a3d42b233..4aa5aab4d538a 100644 --- a/api_docs/event_annotation.mdx +++ b/api_docs/event_annotation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotation title: "eventAnnotation" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotation plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotation'] --- import eventAnnotationObj from './event_annotation.devdocs.json'; diff --git a/api_docs/event_annotation_listing.mdx b/api_docs/event_annotation_listing.mdx index 182860b30a4e2..2d3df4b949804 100644 --- a/api_docs/event_annotation_listing.mdx +++ b/api_docs/event_annotation_listing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotationListing title: "eventAnnotationListing" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotationListing plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotationListing'] --- import eventAnnotationListingObj from './event_annotation_listing.devdocs.json'; diff --git a/api_docs/event_log.mdx b/api_docs/event_log.mdx index 13340fb586eac..78f84fc0c6710 100644 --- a/api_docs/event_log.mdx +++ b/api_docs/event_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventLog title: "eventLog" image: https://source.unsplash.com/400x175/?github description: API docs for the eventLog plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventLog'] --- import eventLogObj from './event_log.devdocs.json'; diff --git a/api_docs/exploratory_view.mdx b/api_docs/exploratory_view.mdx index fe9e4f7827f29..f68b3e9956140 100644 --- a/api_docs/exploratory_view.mdx +++ b/api_docs/exploratory_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/exploratoryView title: "exploratoryView" image: https://source.unsplash.com/400x175/?github description: API docs for the exploratoryView plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'exploratoryView'] --- import exploratoryViewObj from './exploratory_view.devdocs.json'; diff --git a/api_docs/expression_error.mdx b/api_docs/expression_error.mdx index feab4322528c8..f82eaf68f5ff0 100644 --- a/api_docs/expression_error.mdx +++ b/api_docs/expression_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionError title: "expressionError" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionError plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionError'] --- import expressionErrorObj from './expression_error.devdocs.json'; diff --git a/api_docs/expression_gauge.mdx b/api_docs/expression_gauge.mdx index 7230f341a3aa6..72b23787c3540 100644 --- a/api_docs/expression_gauge.mdx +++ b/api_docs/expression_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionGauge title: "expressionGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionGauge plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionGauge'] --- import expressionGaugeObj from './expression_gauge.devdocs.json'; diff --git a/api_docs/expression_heatmap.mdx b/api_docs/expression_heatmap.mdx index b20a668be5fc2..d169d5f0fe288 100644 --- a/api_docs/expression_heatmap.mdx +++ b/api_docs/expression_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionHeatmap title: "expressionHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionHeatmap plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionHeatmap'] --- import expressionHeatmapObj from './expression_heatmap.devdocs.json'; diff --git a/api_docs/expression_image.mdx b/api_docs/expression_image.mdx index d097cc08f14ce..475949de9d619 100644 --- a/api_docs/expression_image.mdx +++ b/api_docs/expression_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionImage title: "expressionImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionImage plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionImage'] --- import expressionImageObj from './expression_image.devdocs.json'; diff --git a/api_docs/expression_legacy_metric_vis.mdx b/api_docs/expression_legacy_metric_vis.mdx index 56ab7d41f29f6..3997fd35d6466 100644 --- a/api_docs/expression_legacy_metric_vis.mdx +++ b/api_docs/expression_legacy_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionLegacyMetricVis title: "expressionLegacyMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionLegacyMetricVis plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionLegacyMetricVis'] --- import expressionLegacyMetricVisObj from './expression_legacy_metric_vis.devdocs.json'; diff --git a/api_docs/expression_metric.mdx b/api_docs/expression_metric.mdx index 6912c4b2757e5..924596f823b2a 100644 --- a/api_docs/expression_metric.mdx +++ b/api_docs/expression_metric.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetric title: "expressionMetric" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetric plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetric'] --- import expressionMetricObj from './expression_metric.devdocs.json'; diff --git a/api_docs/expression_metric_vis.mdx b/api_docs/expression_metric_vis.mdx index cfa6f799680eb..ddeedf5126ac5 100644 --- a/api_docs/expression_metric_vis.mdx +++ b/api_docs/expression_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetricVis title: "expressionMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetricVis plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetricVis'] --- import expressionMetricVisObj from './expression_metric_vis.devdocs.json'; diff --git a/api_docs/expression_partition_vis.mdx b/api_docs/expression_partition_vis.mdx index 8be7b458c3849..ba0f2ae59177a 100644 --- a/api_docs/expression_partition_vis.mdx +++ b/api_docs/expression_partition_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionPartitionVis title: "expressionPartitionVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionPartitionVis plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionPartitionVis'] --- import expressionPartitionVisObj from './expression_partition_vis.devdocs.json'; diff --git a/api_docs/expression_repeat_image.mdx b/api_docs/expression_repeat_image.mdx index 1af81fa349c61..f8ee49181b7fc 100644 --- a/api_docs/expression_repeat_image.mdx +++ b/api_docs/expression_repeat_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRepeatImage title: "expressionRepeatImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRepeatImage plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRepeatImage'] --- import expressionRepeatImageObj from './expression_repeat_image.devdocs.json'; diff --git a/api_docs/expression_reveal_image.mdx b/api_docs/expression_reveal_image.mdx index 557aaccdfbfee..24c67acb3a07e 100644 --- a/api_docs/expression_reveal_image.mdx +++ b/api_docs/expression_reveal_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRevealImage title: "expressionRevealImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRevealImage plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRevealImage'] --- import expressionRevealImageObj from './expression_reveal_image.devdocs.json'; diff --git a/api_docs/expression_shape.mdx b/api_docs/expression_shape.mdx index 5eaec336c2f70..805de1dcdd195 100644 --- a/api_docs/expression_shape.mdx +++ b/api_docs/expression_shape.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionShape title: "expressionShape" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionShape plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionShape'] --- import expressionShapeObj from './expression_shape.devdocs.json'; diff --git a/api_docs/expression_tagcloud.mdx b/api_docs/expression_tagcloud.mdx index 4078e1a80dfed..243328c151d67 100644 --- a/api_docs/expression_tagcloud.mdx +++ b/api_docs/expression_tagcloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionTagcloud title: "expressionTagcloud" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionTagcloud plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionTagcloud'] --- import expressionTagcloudObj from './expression_tagcloud.devdocs.json'; diff --git a/api_docs/expression_x_y.mdx b/api_docs/expression_x_y.mdx index 98bb58b6f1817..98528c5658027 100644 --- a/api_docs/expression_x_y.mdx +++ b/api_docs/expression_x_y.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionXY title: "expressionXY" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionXY plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionXY'] --- import expressionXYObj from './expression_x_y.devdocs.json'; diff --git a/api_docs/expressions.mdx b/api_docs/expressions.mdx index 893a59ad5d743..3eaeb9b360dad 100644 --- a/api_docs/expressions.mdx +++ b/api_docs/expressions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressions title: "expressions" image: https://source.unsplash.com/400x175/?github description: API docs for the expressions plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressions'] --- import expressionsObj from './expressions.devdocs.json'; diff --git a/api_docs/features.mdx b/api_docs/features.mdx index d7ab07c26844f..08c9556b096bf 100644 --- a/api_docs/features.mdx +++ b/api_docs/features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/features title: "features" image: https://source.unsplash.com/400x175/?github description: API docs for the features plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'features'] --- import featuresObj from './features.devdocs.json'; diff --git a/api_docs/field_formats.mdx b/api_docs/field_formats.mdx index 4f8c9c820ab50..db574772206aa 100644 --- a/api_docs/field_formats.mdx +++ b/api_docs/field_formats.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldFormats title: "fieldFormats" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldFormats plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldFormats'] --- import fieldFormatsObj from './field_formats.devdocs.json'; diff --git a/api_docs/fields_metadata.mdx b/api_docs/fields_metadata.mdx index 51ce1bfd81e97..4ae8167b5294f 100644 --- a/api_docs/fields_metadata.mdx +++ b/api_docs/fields_metadata.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldsMetadata title: "fieldsMetadata" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldsMetadata plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldsMetadata'] --- import fieldsMetadataObj from './fields_metadata.devdocs.json'; diff --git a/api_docs/file_upload.mdx b/api_docs/file_upload.mdx index 58982a21288eb..d8fddfcfb3567 100644 --- a/api_docs/file_upload.mdx +++ b/api_docs/file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fileUpload title: "fileUpload" image: https://source.unsplash.com/400x175/?github description: API docs for the fileUpload plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fileUpload'] --- import fileUploadObj from './file_upload.devdocs.json'; diff --git a/api_docs/files.mdx b/api_docs/files.mdx index 8d6cc360a1a84..bbf1f5456821c 100644 --- a/api_docs/files.mdx +++ b/api_docs/files.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/files title: "files" image: https://source.unsplash.com/400x175/?github description: API docs for the files plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'files'] --- import filesObj from './files.devdocs.json'; diff --git a/api_docs/files_management.mdx b/api_docs/files_management.mdx index 19b8764821c62..e7efa01e0b597 100644 --- a/api_docs/files_management.mdx +++ b/api_docs/files_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/filesManagement title: "filesManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the filesManagement plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'filesManagement'] --- import filesManagementObj from './files_management.devdocs.json'; diff --git a/api_docs/fleet.devdocs.json b/api_docs/fleet.devdocs.json index 54f1b16567154..26e0c62d97f40 100644 --- a/api_docs/fleet.devdocs.json +++ b/api_docs/fleet.devdocs.json @@ -1608,6 +1608,20 @@ "deprecated": false, "trackAdoption": false }, + { + "parentPluginId": "fleet", + "id": "def-public.NewPackagePolicy.output_id", + "type": "CompoundType", + "tags": [], + "label": "output_id", + "description": [], + "signature": [ + "string | null | undefined" + ], + "path": "x-pack/plugins/fleet/common/types/models/package_policy.ts", + "deprecated": false, + "trackAdoption": false + }, { "parentPluginId": "fleet", "id": "def-public.NewPackagePolicy.package", @@ -2908,7 +2922,7 @@ "The updated Integration Policy to be merged back and included in the API call" ], "signature": [ - "{ id?: string | number | undefined; name?: string | undefined; description?: string | undefined; namespace?: string | undefined; enabled?: boolean | undefined; is_managed?: boolean | undefined; policy_id?: string | undefined; policy_ids?: string[] | undefined; package?: ", + "{ id?: string | number | undefined; name?: string | undefined; description?: string | undefined; namespace?: string | undefined; enabled?: boolean | undefined; is_managed?: boolean | undefined; policy_id?: string | undefined; policy_ids?: string[] | undefined; output_id?: string | null | undefined; package?: ", { "pluginId": "fleet", "scope": "common", @@ -11683,6 +11697,98 @@ ], "returnComment": [] }, + { + "parentPluginId": "fleet", + "id": "def-server.PackagePolicyClient.removeOutputFromAll", + "type": "Function", + "tags": [], + "label": "removeOutputFromAll", + "description": [ + "\nRemove an output from all package policies that are using it, and replace the output by the default ones." + ], + "signature": [ + "(soClient: ", + { + "pluginId": "@kbn/core-saved-objects-api-server", + "scope": "server", + "docId": "kibKbnCoreSavedObjectsApiServerPluginApi", + "section": "def-server.SavedObjectsClientContract", + "text": "SavedObjectsClientContract" + }, + ", esClient: ", + { + "pluginId": "@kbn/core-elasticsearch-server", + "scope": "server", + "docId": "kibKbnCoreElasticsearchServerPluginApi", + "section": "def-server.ElasticsearchClient", + "text": "ElasticsearchClient" + }, + ", outputId: string) => Promise" + ], + "path": "x-pack/plugins/fleet/server/services/package_policy_service.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "fleet", + "id": "def-server.PackagePolicyClient.removeOutputFromAll.$1", + "type": "Object", + "tags": [], + "label": "soClient", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-saved-objects-api-server", + "scope": "server", + "docId": "kibKbnCoreSavedObjectsApiServerPluginApi", + "section": "def-server.SavedObjectsClientContract", + "text": "SavedObjectsClientContract" + } + ], + "path": "x-pack/plugins/fleet/server/services/package_policy_service.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "fleet", + "id": "def-server.PackagePolicyClient.removeOutputFromAll.$2", + "type": "Object", + "tags": [], + "label": "esClient", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-elasticsearch-server", + "scope": "server", + "docId": "kibKbnCoreElasticsearchServerPluginApi", + "section": "def-server.ElasticsearchClient", + "text": "ElasticsearchClient" + } + ], + "path": "x-pack/plugins/fleet/server/services/package_policy_service.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "fleet", + "id": "def-server.PackagePolicyClient.removeOutputFromAll.$3", + "type": "string", + "tags": [], + "label": "outputId", + "description": [], + "signature": [ + "string" + ], + "path": "x-pack/plugins/fleet/server/services/package_policy_service.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + }, { "parentPluginId": "fleet", "id": "def-server.PackagePolicyClient.fetchAllItemIds", @@ -16133,7 +16239,7 @@ "section": "def-common.PackagePolicyPackage", "text": "PackagePolicyPackage" }, - " | undefined; policy_id?: string | undefined; policy_ids?: string[] | undefined; statusCode?: number | undefined; body?: { message: string; } | undefined; }>, soClient: ", + " | undefined; policy_id?: string | undefined; policy_ids?: string[] | undefined; output_id?: string | undefined; statusCode?: number | undefined; body?: { message: string; } | undefined; }>, soClient: ", { "pluginId": "@kbn/core-saved-objects-api-server", "scope": "server", @@ -16189,7 +16295,7 @@ "section": "def-common.PackagePolicyPackage", "text": "PackagePolicyPackage" }, - " | undefined; policy_id?: string | undefined; policy_ids?: string[] | undefined; statusCode?: number | undefined; body?: { message: string; } | undefined; }>" + " | undefined; policy_id?: string | undefined; policy_ids?: string[] | undefined; output_id?: string | undefined; statusCode?: number | undefined; body?: { message: string; } | undefined; }>" ], "path": "x-pack/plugins/fleet/server/types/extensions.ts", "deprecated": false, @@ -23646,6 +23752,20 @@ "deprecated": false, "trackAdoption": false }, + { + "parentPluginId": "fleet", + "id": "def-common.NewPackagePolicy.output_id", + "type": "CompoundType", + "tags": [], + "label": "output_id", + "description": [], + "signature": [ + "string | null | undefined" + ], + "path": "x-pack/plugins/fleet/common/types/models/package_policy.ts", + "deprecated": false, + "trackAdoption": false + }, { "parentPluginId": "fleet", "id": "def-common.NewPackagePolicy.package", @@ -27678,7 +27798,7 @@ "section": "def-common.PackagePolicyPackage", "text": "PackagePolicyPackage" }, - " | undefined; policy_id?: string | undefined; policy_ids?: string[] | undefined; statusCode?: number | undefined; body?: { message: string; } | undefined; }[]" + " | undefined; policy_id?: string | undefined; policy_ids?: string[] | undefined; output_id?: string | undefined; statusCode?: number | undefined; body?: { message: string; } | undefined; }[]" ], "path": "x-pack/plugins/fleet/common/types/rest_spec/package_policy.ts", "deprecated": false, diff --git a/api_docs/fleet.mdx b/api_docs/fleet.mdx index 16adcf271500b..5b87506863f5f 100644 --- a/api_docs/fleet.mdx +++ b/api_docs/fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fleet title: "fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the fleet plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fleet'] --- import fleetObj from './fleet.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) for questi | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 1351 | 5 | 1229 | 74 | +| 1357 | 5 | 1234 | 74 | ## Client diff --git a/api_docs/global_search.mdx b/api_docs/global_search.mdx index 2af9c7e64aace..969241c90eeac 100644 --- a/api_docs/global_search.mdx +++ b/api_docs/global_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/globalSearch title: "globalSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the globalSearch plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'globalSearch'] --- import globalSearchObj from './global_search.devdocs.json'; diff --git a/api_docs/guided_onboarding.mdx b/api_docs/guided_onboarding.mdx index 0fea91e2cb65d..0f5d29c7fcf99 100644 --- a/api_docs/guided_onboarding.mdx +++ b/api_docs/guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/guidedOnboarding title: "guidedOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the guidedOnboarding plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'guidedOnboarding'] --- import guidedOnboardingObj from './guided_onboarding.devdocs.json'; diff --git a/api_docs/home.mdx b/api_docs/home.mdx index 9d0d825a078ea..2eb5aeea15cf6 100644 --- a/api_docs/home.mdx +++ b/api_docs/home.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/home title: "home" image: https://source.unsplash.com/400x175/?github description: API docs for the home plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'home'] --- import homeObj from './home.devdocs.json'; diff --git a/api_docs/image_embeddable.mdx b/api_docs/image_embeddable.mdx index 93fdfd71112f1..3db08e9aaab26 100644 --- a/api_docs/image_embeddable.mdx +++ b/api_docs/image_embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/imageEmbeddable title: "imageEmbeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the imageEmbeddable plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'imageEmbeddable'] --- import imageEmbeddableObj from './image_embeddable.devdocs.json'; diff --git a/api_docs/index_lifecycle_management.mdx b/api_docs/index_lifecycle_management.mdx index 691bb2e211ced..b1ae10d14a129 100644 --- a/api_docs/index_lifecycle_management.mdx +++ b/api_docs/index_lifecycle_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexLifecycleManagement title: "indexLifecycleManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexLifecycleManagement plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexLifecycleManagement'] --- import indexLifecycleManagementObj from './index_lifecycle_management.devdocs.json'; diff --git a/api_docs/index_management.mdx b/api_docs/index_management.mdx index f41a91b99ef0b..64cf1e62d4b1c 100644 --- a/api_docs/index_management.mdx +++ b/api_docs/index_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexManagement title: "indexManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexManagement plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexManagement'] --- import indexManagementObj from './index_management.devdocs.json'; diff --git a/api_docs/inference.mdx b/api_docs/inference.mdx index 66079391876a8..b22fd063c90d3 100644 --- a/api_docs/inference.mdx +++ b/api_docs/inference.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inference title: "inference" image: https://source.unsplash.com/400x175/?github description: API docs for the inference plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inference'] --- import inferenceObj from './inference.devdocs.json'; diff --git a/api_docs/infra.mdx b/api_docs/infra.mdx index 94836d135224b..92ef577ade8a9 100644 --- a/api_docs/infra.mdx +++ b/api_docs/infra.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/infra title: "infra" image: https://source.unsplash.com/400x175/?github description: API docs for the infra plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'infra'] --- import infraObj from './infra.devdocs.json'; diff --git a/api_docs/ingest_pipelines.mdx b/api_docs/ingest_pipelines.mdx index 21275e4ccd0c1..ff80df769a641 100644 --- a/api_docs/ingest_pipelines.mdx +++ b/api_docs/ingest_pipelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ingestPipelines title: "ingestPipelines" image: https://source.unsplash.com/400x175/?github description: API docs for the ingestPipelines plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ingestPipelines'] --- import ingestPipelinesObj from './ingest_pipelines.devdocs.json'; diff --git a/api_docs/inspector.mdx b/api_docs/inspector.mdx index 0ee70733c7a48..17c37334896f6 100644 --- a/api_docs/inspector.mdx +++ b/api_docs/inspector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inspector title: "inspector" image: https://source.unsplash.com/400x175/?github description: API docs for the inspector plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inspector'] --- import inspectorObj from './inspector.devdocs.json'; diff --git a/api_docs/integration_assistant.mdx b/api_docs/integration_assistant.mdx index 9cca3a90b054e..100c3cc2d1d50 100644 --- a/api_docs/integration_assistant.mdx +++ b/api_docs/integration_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/integrationAssistant title: "integrationAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the integrationAssistant plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'integrationAssistant'] --- import integrationAssistantObj from './integration_assistant.devdocs.json'; diff --git a/api_docs/interactive_setup.mdx b/api_docs/interactive_setup.mdx index 9f4f83739213c..15fe7a0a1a008 100644 --- a/api_docs/interactive_setup.mdx +++ b/api_docs/interactive_setup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/interactiveSetup title: "interactiveSetup" image: https://source.unsplash.com/400x175/?github description: API docs for the interactiveSetup plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'interactiveSetup'] --- import interactiveSetupObj from './interactive_setup.devdocs.json'; diff --git a/api_docs/investigate.devdocs.json b/api_docs/investigate.devdocs.json index 84d3ffbb38d41..9fa79e2fc3c7b 100644 --- a/api_docs/investigate.devdocs.json +++ b/api_docs/investigate.devdocs.json @@ -688,10 +688,10 @@ }, { "parentPluginId": "investigate", - "id": "def-public.Investigation.timestamp", + "id": "def-public.Investigation.createdAt", "type": "number", "tags": [], - "label": "'@timestamp'", + "label": "createdAt", "description": [], "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", "deprecated": false, @@ -749,6 +749,27 @@ "deprecated": false, "trackAdoption": false }, + { + "parentPluginId": "investigate", + "id": "def-public.Investigation.notes", + "type": "Array", + "tags": [], + "label": "notes", + "description": [], + "signature": [ + { + "pluginId": "investigate", + "scope": "common", + "docId": "kibInvestigatePluginApi", + "section": "def-common.InvestigationNote", + "text": "InvestigationNote" + }, + "[]" + ], + "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", + "deprecated": false, + "trackAdoption": false + }, { "parentPluginId": "investigate", "id": "def-public.Investigation.parameters", @@ -1633,10 +1654,10 @@ }, { "parentPluginId": "investigate", - "id": "def-common.Investigation.timestamp", + "id": "def-common.Investigation.createdAt", "type": "number", "tags": [], - "label": "'@timestamp'", + "label": "createdAt", "description": [], "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", "deprecated": false, @@ -1694,6 +1715,27 @@ "deprecated": false, "trackAdoption": false }, + { + "parentPluginId": "investigate", + "id": "def-common.Investigation.notes", + "type": "Array", + "tags": [], + "label": "notes", + "description": [], + "signature": [ + { + "pluginId": "investigate", + "scope": "common", + "docId": "kibInvestigatePluginApi", + "section": "def-common.InvestigationNote", + "text": "InvestigationNote" + }, + "[]" + ], + "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", + "deprecated": false, + "trackAdoption": false + }, { "parentPluginId": "investigate", "id": "def-common.Investigation.parameters", @@ -1710,6 +1752,73 @@ } ], "initialIsOpen": false + }, + { + "parentPluginId": "investigate", + "id": "def-common.InvestigationNote", + "type": "Interface", + "tags": [], + "label": "InvestigationNote", + "description": [], + "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "investigate", + "id": "def-common.InvestigationNote.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "investigate", + "id": "def-common.InvestigationNote.createdAt", + "type": "number", + "tags": [], + "label": "createdAt", + "description": [], + "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "investigate", + "id": "def-common.InvestigationNote.createdBy", + "type": "Object", + "tags": [], + "label": "createdBy", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-security-common", + "scope": "common", + "docId": "kibKbnCoreSecurityCommonPluginApi", + "section": "def-common.AuthenticatedUser", + "text": "AuthenticatedUser" + } + ], + "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "investigate", + "id": "def-common.InvestigationNote.content", + "type": "string", + "tags": [], + "label": "content", + "description": [], + "path": "x-pack/plugins/observability_solution/investigate/common/types.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false } ], "enums": [ diff --git a/api_docs/investigate.mdx b/api_docs/investigate.mdx index 689e92313ecb3..011097d14e40c 100644 --- a/api_docs/investigate.mdx +++ b/api_docs/investigate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigate title: "investigate" image: https://source.unsplash.com/400x175/?github description: API docs for the investigate plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigate'] --- import investigateObj from './investigate.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/ | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 105 | 0 | 105 | 6 | +| 112 | 0 | 112 | 6 | ## Client diff --git a/api_docs/investigate_app.mdx b/api_docs/investigate_app.mdx index 9bc0fed42bee5..0a293531d288d 100644 --- a/api_docs/investigate_app.mdx +++ b/api_docs/investigate_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigateApp title: "investigateApp" image: https://source.unsplash.com/400x175/?github description: API docs for the investigateApp plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigateApp'] --- import investigateAppObj from './investigate_app.devdocs.json'; diff --git a/api_docs/kbn_ace.mdx b/api_docs/kbn_ace.mdx index c263ed648017a..6945fca8517fd 100644 --- a/api_docs/kbn_ace.mdx +++ b/api_docs/kbn_ace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ace title: "@kbn/ace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ace plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ace'] --- import kbnAceObj from './kbn_ace.devdocs.json'; diff --git a/api_docs/kbn_actions_types.mdx b/api_docs/kbn_actions_types.mdx index 719037ef36428..d825c18507e05 100644 --- a/api_docs/kbn_actions_types.mdx +++ b/api_docs/kbn_actions_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-actions-types title: "@kbn/actions-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/actions-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/actions-types'] --- import kbnActionsTypesObj from './kbn_actions_types.devdocs.json'; diff --git a/api_docs/kbn_aiops_components.mdx b/api_docs/kbn_aiops_components.mdx index 778879e941912..a7cf39daf17e9 100644 --- a/api_docs/kbn_aiops_components.mdx +++ b/api_docs/kbn_aiops_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-components title: "@kbn/aiops-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-components plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-components'] --- import kbnAiopsComponentsObj from './kbn_aiops_components.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_pattern_analysis.mdx b/api_docs/kbn_aiops_log_pattern_analysis.mdx index 9326381c7a9f4..cf190be499623 100644 --- a/api_docs/kbn_aiops_log_pattern_analysis.mdx +++ b/api_docs/kbn_aiops_log_pattern_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-pattern-analysis title: "@kbn/aiops-log-pattern-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-pattern-analysis plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-pattern-analysis'] --- import kbnAiopsLogPatternAnalysisObj from './kbn_aiops_log_pattern_analysis.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_rate_analysis.mdx b/api_docs/kbn_aiops_log_rate_analysis.mdx index a14edcd6f18a0..9ce12851d693c 100644 --- a/api_docs/kbn_aiops_log_rate_analysis.mdx +++ b/api_docs/kbn_aiops_log_rate_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-rate-analysis title: "@kbn/aiops-log-rate-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-rate-analysis plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-rate-analysis'] --- import kbnAiopsLogRateAnalysisObj from './kbn_aiops_log_rate_analysis.devdocs.json'; diff --git a/api_docs/kbn_alerting_api_integration_helpers.mdx b/api_docs/kbn_alerting_api_integration_helpers.mdx index d1b138b6b3980..c29dfeff9b5a1 100644 --- a/api_docs/kbn_alerting_api_integration_helpers.mdx +++ b/api_docs/kbn_alerting_api_integration_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-api-integration-helpers title: "@kbn/alerting-api-integration-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-api-integration-helpers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-api-integration-helpers'] --- import kbnAlertingApiIntegrationHelpersObj from './kbn_alerting_api_integration_helpers.devdocs.json'; diff --git a/api_docs/kbn_alerting_comparators.mdx b/api_docs/kbn_alerting_comparators.mdx index 8279e1e69910c..b9d1c3e3c4a54 100644 --- a/api_docs/kbn_alerting_comparators.mdx +++ b/api_docs/kbn_alerting_comparators.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-comparators title: "@kbn/alerting-comparators" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-comparators plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-comparators'] --- import kbnAlertingComparatorsObj from './kbn_alerting_comparators.devdocs.json'; diff --git a/api_docs/kbn_alerting_state_types.mdx b/api_docs/kbn_alerting_state_types.mdx index abd118777e4a1..ff4c8e52f7432 100644 --- a/api_docs/kbn_alerting_state_types.mdx +++ b/api_docs/kbn_alerting_state_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-state-types title: "@kbn/alerting-state-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-state-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-state-types'] --- import kbnAlertingStateTypesObj from './kbn_alerting_state_types.devdocs.json'; diff --git a/api_docs/kbn_alerting_types.mdx b/api_docs/kbn_alerting_types.mdx index 48dfb96f8cbe0..c0f51ae3b546a 100644 --- a/api_docs/kbn_alerting_types.mdx +++ b/api_docs/kbn_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-types title: "@kbn/alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-types'] --- import kbnAlertingTypesObj from './kbn_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_alerts_as_data_utils.mdx b/api_docs/kbn_alerts_as_data_utils.mdx index b6be95bf2bd6a..f76d9fe54a2bc 100644 --- a/api_docs/kbn_alerts_as_data_utils.mdx +++ b/api_docs/kbn_alerts_as_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-as-data-utils title: "@kbn/alerts-as-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-as-data-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-as-data-utils'] --- import kbnAlertsAsDataUtilsObj from './kbn_alerts_as_data_utils.devdocs.json'; diff --git a/api_docs/kbn_alerts_grouping.mdx b/api_docs/kbn_alerts_grouping.mdx index 71602e641dc2d..ce8c8702492a0 100644 --- a/api_docs/kbn_alerts_grouping.mdx +++ b/api_docs/kbn_alerts_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-grouping title: "@kbn/alerts-grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-grouping plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-grouping'] --- import kbnAlertsGroupingObj from './kbn_alerts_grouping.devdocs.json'; diff --git a/api_docs/kbn_alerts_ui_shared.mdx b/api_docs/kbn_alerts_ui_shared.mdx index 1d584fead24a1..05f194fc71c74 100644 --- a/api_docs/kbn_alerts_ui_shared.mdx +++ b/api_docs/kbn_alerts_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-ui-shared title: "@kbn/alerts-ui-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-ui-shared plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-ui-shared'] --- import kbnAlertsUiSharedObj from './kbn_alerts_ui_shared.devdocs.json'; diff --git a/api_docs/kbn_analytics.mdx b/api_docs/kbn_analytics.mdx index 43d9a7a3e99bb..03a590c496c4b 100644 --- a/api_docs/kbn_analytics.mdx +++ b/api_docs/kbn_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics title: "@kbn/analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics'] --- import kbnAnalyticsObj from './kbn_analytics.devdocs.json'; diff --git a/api_docs/kbn_analytics_collection_utils.mdx b/api_docs/kbn_analytics_collection_utils.mdx index 9827e7b1d8a20..8e5199c3c9771 100644 --- a/api_docs/kbn_analytics_collection_utils.mdx +++ b/api_docs/kbn_analytics_collection_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-collection-utils title: "@kbn/analytics-collection-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-collection-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-collection-utils'] --- import kbnAnalyticsCollectionUtilsObj from './kbn_analytics_collection_utils.devdocs.json'; diff --git a/api_docs/kbn_apm_config_loader.mdx b/api_docs/kbn_apm_config_loader.mdx index 63ad40f98dece..cd255e8aba329 100644 --- a/api_docs/kbn_apm_config_loader.mdx +++ b/api_docs/kbn_apm_config_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-config-loader title: "@kbn/apm-config-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-config-loader plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-config-loader'] --- import kbnApmConfigLoaderObj from './kbn_apm_config_loader.devdocs.json'; diff --git a/api_docs/kbn_apm_data_view.mdx b/api_docs/kbn_apm_data_view.mdx index 4f42509e19135..c5e02ed95ee2f 100644 --- a/api_docs/kbn_apm_data_view.mdx +++ b/api_docs/kbn_apm_data_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-data-view title: "@kbn/apm-data-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-data-view plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-data-view'] --- import kbnApmDataViewObj from './kbn_apm_data_view.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace.devdocs.json b/api_docs/kbn_apm_synthtrace.devdocs.json index 26ccc25ade717..d1fa4a2a3ee91 100644 --- a/api_docs/kbn_apm_synthtrace.devdocs.json +++ b/api_docs/kbn_apm_synthtrace.devdocs.json @@ -704,6 +704,40 @@ } ], "returnComment": [] + }, + { + "parentPluginId": "@kbn/apm-synthtrace", + "id": "def-server.LogsSynthtraceEsClient.createIndexTemplate", + "type": "Function", + "tags": [], + "label": "createIndexTemplate", + "description": [], + "signature": [ + "(name: ", + "IndexTemplateName", + ") => Promise" + ], + "path": "packages/kbn-apm-synthtrace/src/lib/logs/logs_synthtrace_es_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace", + "id": "def-server.LogsSynthtraceEsClient.createIndexTemplate.$1", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "signature": [ + "IndexTemplateName" + ], + "path": "packages/kbn-apm-synthtrace/src/lib/logs/logs_synthtrace_es_client.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] } ], "initialIsOpen": false diff --git a/api_docs/kbn_apm_synthtrace.mdx b/api_docs/kbn_apm_synthtrace.mdx index c37b8b086c0c2..5afe53bce34ad 100644 --- a/api_docs/kbn_apm_synthtrace.mdx +++ b/api_docs/kbn_apm_synthtrace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace title: "@kbn/apm-synthtrace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace'] --- import kbnApmSynthtraceObj from './kbn_apm_synthtrace.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/te | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 49 | 0 | 49 | 8 | +| 51 | 0 | 51 | 9 | ## Server diff --git a/api_docs/kbn_apm_synthtrace_client.devdocs.json b/api_docs/kbn_apm_synthtrace_client.devdocs.json index 2c1979907d982..d7755119aa2c2 100644 --- a/api_docs/kbn_apm_synthtrace_client.devdocs.json +++ b/api_docs/kbn_apm_synthtrace_client.devdocs.json @@ -3158,13 +3158,28 @@ "label": "create", "description": [], "signature": [ - "() => Log" + "(logsOptions?: LogsOptions) => Log" ], "path": "packages/kbn-apm-synthtrace-client/src/lib/logs/index.ts", "deprecated": false, "trackAdoption": false, "returnComment": [], - "children": [] + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.log.create.$1", + "type": "Object", + "tags": [], + "label": "logsOptions", + "description": [], + "signature": [ + "LogsOptions" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/logs/index.ts", + "deprecated": false, + "trackAdoption": false + } + ] } ], "initialIsOpen": false diff --git a/api_docs/kbn_apm_synthtrace_client.mdx b/api_docs/kbn_apm_synthtrace_client.mdx index 0a95edf2b12b1..ba486da2e413e 100644 --- a/api_docs/kbn_apm_synthtrace_client.mdx +++ b/api_docs/kbn_apm_synthtrace_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace-client title: "@kbn/apm-synthtrace-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace-client plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace-client'] --- import kbnApmSynthtraceClientObj from './kbn_apm_synthtrace_client.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/te | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 200 | 0 | 200 | 31 | +| 201 | 0 | 201 | 31 | ## Common diff --git a/api_docs/kbn_apm_types.mdx b/api_docs/kbn_apm_types.mdx index 05036d60001a7..28855d2d82fb5 100644 --- a/api_docs/kbn_apm_types.mdx +++ b/api_docs/kbn_apm_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-types title: "@kbn/apm-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-types'] --- import kbnApmTypesObj from './kbn_apm_types.devdocs.json'; diff --git a/api_docs/kbn_apm_utils.mdx b/api_docs/kbn_apm_utils.mdx index df14028e3fe95..700f89e83d28a 100644 --- a/api_docs/kbn_apm_utils.mdx +++ b/api_docs/kbn_apm_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-utils title: "@kbn/apm-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-utils'] --- import kbnApmUtilsObj from './kbn_apm_utils.devdocs.json'; diff --git a/api_docs/kbn_avc_banner.mdx b/api_docs/kbn_avc_banner.mdx index 42f27f8145eef..6ba33f6911c82 100644 --- a/api_docs/kbn_avc_banner.mdx +++ b/api_docs/kbn_avc_banner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-avc-banner title: "@kbn/avc-banner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/avc-banner plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/avc-banner'] --- import kbnAvcBannerObj from './kbn_avc_banner.devdocs.json'; diff --git a/api_docs/kbn_axe_config.mdx b/api_docs/kbn_axe_config.mdx index 3de15f77a2574..868cd848f99ae 100644 --- a/api_docs/kbn_axe_config.mdx +++ b/api_docs/kbn_axe_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-axe-config title: "@kbn/axe-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/axe-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/axe-config'] --- import kbnAxeConfigObj from './kbn_axe_config.devdocs.json'; diff --git a/api_docs/kbn_bfetch_error.mdx b/api_docs/kbn_bfetch_error.mdx index 9dc88e62cfe18..5c971fb508c8c 100644 --- a/api_docs/kbn_bfetch_error.mdx +++ b/api_docs/kbn_bfetch_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-bfetch-error title: "@kbn/bfetch-error" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/bfetch-error plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/bfetch-error'] --- import kbnBfetchErrorObj from './kbn_bfetch_error.devdocs.json'; diff --git a/api_docs/kbn_calculate_auto.mdx b/api_docs/kbn_calculate_auto.mdx index dcd7abcaa62dc..182bea3782238 100644 --- a/api_docs/kbn_calculate_auto.mdx +++ b/api_docs/kbn_calculate_auto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-auto title: "@kbn/calculate-auto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-auto plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-auto'] --- import kbnCalculateAutoObj from './kbn_calculate_auto.devdocs.json'; diff --git a/api_docs/kbn_calculate_width_from_char_count.mdx b/api_docs/kbn_calculate_width_from_char_count.mdx index ecef209a06d93..f787c0fcab79e 100644 --- a/api_docs/kbn_calculate_width_from_char_count.mdx +++ b/api_docs/kbn_calculate_width_from_char_count.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-width-from-char-count title: "@kbn/calculate-width-from-char-count" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-width-from-char-count plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-width-from-char-count'] --- import kbnCalculateWidthFromCharCountObj from './kbn_calculate_width_from_char_count.devdocs.json'; diff --git a/api_docs/kbn_cases_components.mdx b/api_docs/kbn_cases_components.mdx index 8698f3137f035..d36f034425ff9 100644 --- a/api_docs/kbn_cases_components.mdx +++ b/api_docs/kbn_cases_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cases-components title: "@kbn/cases-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cases-components plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cases-components'] --- import kbnCasesComponentsObj from './kbn_cases_components.devdocs.json'; diff --git a/api_docs/kbn_cell_actions.mdx b/api_docs/kbn_cell_actions.mdx index c4e28f77dd135..545c880b21b33 100644 --- a/api_docs/kbn_cell_actions.mdx +++ b/api_docs/kbn_cell_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cell-actions title: "@kbn/cell-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cell-actions plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cell-actions'] --- import kbnCellActionsObj from './kbn_cell_actions.devdocs.json'; diff --git a/api_docs/kbn_chart_expressions_common.mdx b/api_docs/kbn_chart_expressions_common.mdx index b2a943efc3405..f273d7e884bc7 100644 --- a/api_docs/kbn_chart_expressions_common.mdx +++ b/api_docs/kbn_chart_expressions_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-expressions-common title: "@kbn/chart-expressions-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-expressions-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-expressions-common'] --- import kbnChartExpressionsCommonObj from './kbn_chart_expressions_common.devdocs.json'; diff --git a/api_docs/kbn_chart_icons.mdx b/api_docs/kbn_chart_icons.mdx index 6a9627b1d17f7..5eeca824aae90 100644 --- a/api_docs/kbn_chart_icons.mdx +++ b/api_docs/kbn_chart_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-icons title: "@kbn/chart-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-icons plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-icons'] --- import kbnChartIconsObj from './kbn_chart_icons.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_core.mdx b/api_docs/kbn_ci_stats_core.mdx index 68dc27b1d068f..95aaccf8a209e 100644 --- a/api_docs/kbn_ci_stats_core.mdx +++ b/api_docs/kbn_ci_stats_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-core title: "@kbn/ci-stats-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-core plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-core'] --- import kbnCiStatsCoreObj from './kbn_ci_stats_core.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_performance_metrics.mdx b/api_docs/kbn_ci_stats_performance_metrics.mdx index f3be7508a9266..89b97e15d61c4 100644 --- a/api_docs/kbn_ci_stats_performance_metrics.mdx +++ b/api_docs/kbn_ci_stats_performance_metrics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-performance-metrics title: "@kbn/ci-stats-performance-metrics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-performance-metrics plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-performance-metrics'] --- import kbnCiStatsPerformanceMetricsObj from './kbn_ci_stats_performance_metrics.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_reporter.mdx b/api_docs/kbn_ci_stats_reporter.mdx index cac1b133dbbc1..f16268fc691b9 100644 --- a/api_docs/kbn_ci_stats_reporter.mdx +++ b/api_docs/kbn_ci_stats_reporter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-reporter title: "@kbn/ci-stats-reporter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-reporter plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-reporter'] --- import kbnCiStatsReporterObj from './kbn_ci_stats_reporter.devdocs.json'; diff --git a/api_docs/kbn_cli_dev_mode.mdx b/api_docs/kbn_cli_dev_mode.mdx index d49977e9e09c7..1ddfd772fbe60 100644 --- a/api_docs/kbn_cli_dev_mode.mdx +++ b/api_docs/kbn_cli_dev_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cli-dev-mode title: "@kbn/cli-dev-mode" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cli-dev-mode plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cli-dev-mode'] --- import kbnCliDevModeObj from './kbn_cli_dev_mode.devdocs.json'; diff --git a/api_docs/kbn_code_editor.mdx b/api_docs/kbn_code_editor.mdx index 005db16c0d5bd..f841b4f1dedae 100644 --- a/api_docs/kbn_code_editor.mdx +++ b/api_docs/kbn_code_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor title: "@kbn/code-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor'] --- import kbnCodeEditorObj from './kbn_code_editor.devdocs.json'; diff --git a/api_docs/kbn_code_editor_mock.mdx b/api_docs/kbn_code_editor_mock.mdx index c4bd87f3abb66..c009e2996c45f 100644 --- a/api_docs/kbn_code_editor_mock.mdx +++ b/api_docs/kbn_code_editor_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor-mock title: "@kbn/code-editor-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor-mock plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor-mock'] --- import kbnCodeEditorMockObj from './kbn_code_editor_mock.devdocs.json'; diff --git a/api_docs/kbn_code_owners.mdx b/api_docs/kbn_code_owners.mdx index 85b4626f4aa89..975989cb17a70 100644 --- a/api_docs/kbn_code_owners.mdx +++ b/api_docs/kbn_code_owners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-owners title: "@kbn/code-owners" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-owners plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-owners'] --- import kbnCodeOwnersObj from './kbn_code_owners.devdocs.json'; diff --git a/api_docs/kbn_coloring.mdx b/api_docs/kbn_coloring.mdx index 307e7126dc60f..0537d907829c2 100644 --- a/api_docs/kbn_coloring.mdx +++ b/api_docs/kbn_coloring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-coloring title: "@kbn/coloring" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/coloring plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/coloring'] --- import kbnColoringObj from './kbn_coloring.devdocs.json'; diff --git a/api_docs/kbn_config.mdx b/api_docs/kbn_config.mdx index 43b2cd32fa6a6..422c9dc3ecd3e 100644 --- a/api_docs/kbn_config.mdx +++ b/api_docs/kbn_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config title: "@kbn/config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config'] --- import kbnConfigObj from './kbn_config.devdocs.json'; diff --git a/api_docs/kbn_config_mocks.mdx b/api_docs/kbn_config_mocks.mdx index f09687a2fccd1..d65a147f530a2 100644 --- a/api_docs/kbn_config_mocks.mdx +++ b/api_docs/kbn_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-mocks title: "@kbn/config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-mocks'] --- import kbnConfigMocksObj from './kbn_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_config_schema.devdocs.json b/api_docs/kbn_config_schema.devdocs.json index bf268d7f43e1e..409941bbe1c88 100644 --- a/api_docs/kbn_config_schema.devdocs.json +++ b/api_docs/kbn_config_schema.devdocs.json @@ -1056,7 +1056,7 @@ { "parentPluginId": "@kbn/config-schema", "id": "def-common.Type.internalSchema", - "type": "Object", + "type": "CompoundType", "tags": [ "type" ], @@ -1066,6 +1066,28 @@ ], "signature": [ "AnySchema", + " | ", + "ArraySchema", + " | ", + "AlternativesSchema", + " | ", + "BinarySchema", + " | ", + "BooleanSchema", + " | ", + "DateSchema", + " | ", + "FunctionSchema", + " | ", + "NumberSchema", + " | ", + "ObjectSchema", + " | ", + "StringSchema", + " | ", + "LinkSchema", + " | ", + "SymbolSchema", "" ], "path": "packages/kbn-config-schema/src/types/type.ts", @@ -1089,12 +1111,12 @@ { "parentPluginId": "@kbn/config-schema", "id": "def-common.Type.Unnamed.$1", - "type": "Object", + "type": "CompoundType", "tags": [], "label": "schema", "description": [], "signature": [ - "AnySchema", + "Schema", "" ], "path": "packages/kbn-config-schema/src/types/type.ts", @@ -1268,7 +1290,7 @@ "description": [], "signature": [ "() => ", - "AnySchema", + "Schema", "" ], "path": "packages/kbn-config-schema/src/types/type.ts", diff --git a/api_docs/kbn_config_schema.mdx b/api_docs/kbn_config_schema.mdx index ab58ad5a9e374..f0af22686cb55 100644 --- a/api_docs/kbn_config_schema.mdx +++ b/api_docs/kbn_config_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-schema title: "@kbn/config-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-schema plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-schema'] --- import kbnConfigSchemaObj from './kbn_config_schema.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_editor.mdx b/api_docs/kbn_content_management_content_editor.mdx index 758879688bbb9..1a6d0496fb185 100644 --- a/api_docs/kbn_content_management_content_editor.mdx +++ b/api_docs/kbn_content_management_content_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-editor title: "@kbn/content-management-content-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-editor plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-editor'] --- import kbnContentManagementContentEditorObj from './kbn_content_management_content_editor.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_public.devdocs.json b/api_docs/kbn_content_management_favorites_public.devdocs.json new file mode 100644 index 0000000000000..9d7837ee1cfd2 --- /dev/null +++ b/api_docs/kbn_content_management_favorites_public.devdocs.json @@ -0,0 +1,702 @@ +{ + "id": "@kbn/content-management-favorites-public", + "client": { + "classes": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient", + "type": "Class", + "tags": [], + "label": "FavoritesClient", + "description": [], + "signature": [ + { + "pluginId": "@kbn/content-management-favorites-public", + "scope": "public", + "docId": "kibKbnContentManagementFavoritesPublicPluginApi", + "section": "def-public.FavoritesClient", + "text": "FavoritesClient" + }, + " implements ", + { + "pluginId": "@kbn/content-management-favorites-public", + "scope": "public", + "docId": "kibKbnContentManagementFavoritesPublicPluginApi", + "section": "def-public.FavoritesClientPublic", + "text": "FavoritesClientPublic" + } + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.Unnamed", + "type": "Function", + "tags": [], + "label": "Constructor", + "description": [], + "signature": [ + "any" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.Unnamed.$1", + "type": "string", + "tags": [], + "label": "favoriteObjectType", + "description": [], + "signature": [ + "string" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.Unnamed.$2", + "type": "Object", + "tags": [], + "label": "deps", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.Unnamed.$2.http", + "type": "Object", + "tags": [], + "label": "http", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-http-browser", + "scope": "public", + "docId": "kibKbnCoreHttpBrowserPluginApi", + "section": "def-public.HttpSetup", + "text": "HttpSetup" + } + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [] + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.getFavorites", + "type": "Function", + "tags": [], + "label": "getFavorites", + "description": [], + "signature": [ + "() => Promise<", + { + "pluginId": "@kbn/content-management-favorites-server", + "scope": "server", + "docId": "kibKbnContentManagementFavoritesServerPluginApi", + "section": "def-server.GetFavoritesResponse", + "text": "GetFavoritesResponse" + }, + ">" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.addFavorite", + "type": "Function", + "tags": [], + "label": "addFavorite", + "description": [], + "signature": [ + "({ id }: { id: string; }) => Promise<", + { + "pluginId": "@kbn/content-management-favorites-server", + "scope": "server", + "docId": "kibKbnContentManagementFavoritesServerPluginApi", + "section": "def-server.GetFavoritesResponse", + "text": "GetFavoritesResponse" + }, + ">" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.addFavorite.$1", + "type": "Object", + "tags": [], + "label": "{ id }", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.addFavorite.$1.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [] + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.removeFavorite", + "type": "Function", + "tags": [], + "label": "removeFavorite", + "description": [], + "signature": [ + "({ id }: { id: string; }) => Promise<", + { + "pluginId": "@kbn/content-management-favorites-server", + "scope": "server", + "docId": "kibKbnContentManagementFavoritesServerPluginApi", + "section": "def-server.GetFavoritesResponse", + "text": "GetFavoritesResponse" + }, + ">" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.removeFavorite.$1", + "type": "Object", + "tags": [], + "label": "{ id }", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.removeFavorite.$1.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [] + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClient.getFavoriteType", + "type": "Function", + "tags": [], + "label": "getFavoriteType", + "description": [], + "signature": [ + "() => string" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] + } + ], + "initialIsOpen": false + } + ], + "functions": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.cssFavoriteHoverWithinEuiTableRow", + "type": "Function", + "tags": [], + "label": "cssFavoriteHoverWithinEuiTableRow", + "description": [ + "\nCSS to apply to euiTable to show the favorite button on hover or when active" + ], + "signature": [ + "(euiTheme: ", + "EuiThemeComputed", + "<{}>) => ", + "SerializedStyles" + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.cssFavoriteHoverWithinEuiTableRow.$1", + "type": "CompoundType", + "tags": [], + "label": "euiTheme", + "description": [], + "signature": [ + "EuiThemeComputed", + "<{}>" + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoriteButton", + "type": "Function", + "tags": [], + "label": "FavoriteButton", + "description": [], + "signature": [ + "({ id, className }: ", + { + "pluginId": "@kbn/content-management-favorites-public", + "scope": "public", + "docId": "kibKbnContentManagementFavoritesPublicPluginApi", + "section": "def-public.FavoriteButtonProps", + "text": "FavoriteButtonProps" + }, + ") => JSX.Element | null" + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoriteButton.$1", + "type": "Object", + "tags": [], + "label": "{ id, className }", + "description": [], + "signature": [ + { + "pluginId": "@kbn/content-management-favorites-public", + "scope": "public", + "docId": "kibKbnContentManagementFavoritesPublicPluginApi", + "section": "def-public.FavoriteButtonProps", + "text": "FavoriteButtonProps" + } + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesContextProvider", + "type": "Function", + "tags": [], + "label": "FavoritesContextProvider", + "description": [], + "signature": [ + "({ favoritesClient, notifyError, children, }: React.PropsWithChildren) => JSX.Element" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_context.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesContextProvider.$1", + "type": "CompoundType", + "tags": [], + "label": "{\n favoritesClient,\n notifyError,\n children,\n}", + "description": [], + "signature": [ + "React.PropsWithChildren" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_context.tsx", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesEmptyState", + "type": "Function", + "tags": [], + "label": "FavoritesEmptyState", + "description": [], + "signature": [ + "({ emptyStateType, entityNamePlural, entityName, }: { emptyStateType: \"noItems\" | \"noMatchingItems\"; entityNamePlural?: string | undefined; entityName?: string | undefined; }) => JSX.Element" + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorites_empty_state.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesEmptyState.$1", + "type": "Object", + "tags": [], + "label": "{\n emptyStateType = 'noItems',\n entityNamePlural = i18n.translate('contentManagement.favorites.defaultEntityNamePlural', {\n defaultMessage: 'items',\n }),\n entityName = i18n.translate('contentManagement.favorites.defaultEntityName', {\n defaultMessage: 'item',\n }),\n}", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/components/favorites_empty_state.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesEmptyState.$1.emptyStateType", + "type": "CompoundType", + "tags": [], + "label": "emptyStateType", + "description": [], + "signature": [ + "\"noItems\" | \"noMatchingItems\"" + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorites_empty_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesEmptyState.$1.entityNamePlural", + "type": "string", + "tags": [], + "label": "entityNamePlural", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorites_empty_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesEmptyState.$1.entityName", + "type": "string", + "tags": [], + "label": "entityName", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorites_empty_state.tsx", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.useFavorites", + "type": "Function", + "tags": [], + "label": "useFavorites", + "description": [], + "signature": [ + "({ enabled }?: { enabled?: boolean | undefined; }) => ", + "UseQueryResult", + "<", + { + "pluginId": "@kbn/content-management-favorites-server", + "scope": "server", + "docId": "kibKbnContentManagementFavoritesServerPluginApi", + "section": "def-server.GetFavoritesResponse", + "text": "GetFavoritesResponse" + }, + ", unknown>" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_query.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.useFavorites.$1", + "type": "Object", + "tags": [], + "label": "{ enabled = true }", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_query.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.useFavorites.$1.enabled", + "type": "CompoundType", + "tags": [], + "label": "enabled", + "description": [], + "signature": [ + "boolean | undefined" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_query.tsx", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [], + "initialIsOpen": false + } + ], + "interfaces": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoriteButtonProps", + "type": "Interface", + "tags": [], + "label": "FavoriteButtonProps", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoriteButtonProps.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoriteButtonProps.className", + "type": "string", + "tags": [], + "label": "className", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic", + "type": "Interface", + "tags": [], + "label": "FavoritesClientPublic", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic.getFavorites", + "type": "Function", + "tags": [], + "label": "getFavorites", + "description": [], + "signature": [ + "() => Promise<", + { + "pluginId": "@kbn/content-management-favorites-server", + "scope": "server", + "docId": "kibKbnContentManagementFavoritesServerPluginApi", + "section": "def-server.GetFavoritesResponse", + "text": "GetFavoritesResponse" + }, + ">" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic.addFavorite", + "type": "Function", + "tags": [], + "label": "addFavorite", + "description": [], + "signature": [ + "({ id }: { id: string; }) => Promise<", + { + "pluginId": "@kbn/content-management-favorites-server", + "scope": "server", + "docId": "kibKbnContentManagementFavoritesServerPluginApi", + "section": "def-server.GetFavoritesResponse", + "text": "GetFavoritesResponse" + }, + ">" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic.addFavorite.$1", + "type": "Object", + "tags": [], + "label": "{ id }", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic.addFavorite.$1.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [] + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic.removeFavorite", + "type": "Function", + "tags": [], + "label": "removeFavorite", + "description": [], + "signature": [ + "({ id }: { id: string; }) => Promise<", + { + "pluginId": "@kbn/content-management-favorites-server", + "scope": "server", + "docId": "kibKbnContentManagementFavoritesServerPluginApi", + "section": "def-server.GetFavoritesResponse", + "text": "GetFavoritesResponse" + }, + ">" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic.removeFavorite.$1", + "type": "Object", + "tags": [], + "label": "{ id }", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic.removeFavorite.$1.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [] + }, + { + "parentPluginId": "@kbn/content-management-favorites-public", + "id": "def-public.FavoritesClientPublic.getFavoriteType", + "type": "Function", + "tags": [], + "label": "getFavoriteType", + "description": [], + "signature": [ + "() => string" + ], + "path": "packages/content-management/favorites/favorites_public/src/favorites_client.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] + } + ], + "initialIsOpen": false + } + ], + "enums": [], + "misc": [], + "objects": [] + }, + "server": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + }, + "common": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + } +} \ No newline at end of file diff --git a/api_docs/kbn_content_management_favorites_public.mdx b/api_docs/kbn_content_management_favorites_public.mdx new file mode 100644 index 0000000000000..386db5e5499f0 --- /dev/null +++ b/api_docs/kbn_content_management_favorites_public.mdx @@ -0,0 +1,36 @@ +--- +#### +#### This document is auto-generated and is meant to be viewed inside our experimental, new docs system. +#### Reach out in #docs-engineering for more info. +#### +id: kibKbnContentManagementFavoritesPublicPluginApi +slug: /kibana-dev-docs/api/kbn-content-management-favorites-public +title: "@kbn/content-management-favorites-public" +image: https://source.unsplash.com/400x175/?github +description: API docs for the @kbn/content-management-favorites-public plugin +date: 2024-08-14 +tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-public'] +--- +import kbnContentManagementFavoritesPublicObj from './kbn_content_management_favorites_public.devdocs.json'; + + + +Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) for questions regarding this plugin. + +**Code health stats** + +| Public API count | Any count | Items lacking comments | Missing exports | +|-------------------|-----------|------------------------|-----------------| +| 39 | 0 | 38 | 0 | + +## Client + +### Functions + + +### Classes + + +### Interfaces + + diff --git a/api_docs/kbn_content_management_favorites_server.devdocs.json b/api_docs/kbn_content_management_favorites_server.devdocs.json new file mode 100644 index 0000000000000..2ddd581cc7caa --- /dev/null +++ b/api_docs/kbn_content_management_favorites_server.devdocs.json @@ -0,0 +1,145 @@ +{ + "id": "@kbn/content-management-favorites-server", + "client": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + }, + "server": { + "classes": [], + "functions": [ + { + "parentPluginId": "@kbn/content-management-favorites-server", + "id": "def-server.registerFavorites", + "type": "Function", + "tags": [], + "label": "registerFavorites", + "description": [], + "signature": [ + "({ logger, core }: { core: ", + { + "pluginId": "@kbn/core-lifecycle-server", + "scope": "server", + "docId": "kibKbnCoreLifecycleServerPluginApi", + "section": "def-server.CoreSetup", + "text": "CoreSetup" + }, + "; logger: ", + { + "pluginId": "@kbn/logging", + "scope": "common", + "docId": "kibKbnLoggingPluginApi", + "section": "def-common.Logger", + "text": "Logger" + }, + "; }) => void" + ], + "path": "packages/content-management/favorites/favorites_server/src/index.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-server", + "id": "def-server.registerFavorites.$1", + "type": "Object", + "tags": [], + "label": "{ logger, core }", + "description": [], + "path": "packages/content-management/favorites/favorites_server/src/index.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-server", + "id": "def-server.registerFavorites.$1.core", + "type": "Object", + "tags": [], + "label": "core", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-lifecycle-server", + "scope": "server", + "docId": "kibKbnCoreLifecycleServerPluginApi", + "section": "def-server.CoreSetup", + "text": "CoreSetup" + }, + "" + ], + "path": "packages/content-management/favorites/favorites_server/src/index.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/content-management-favorites-server", + "id": "def-server.registerFavorites.$1.logger", + "type": "Object", + "tags": [], + "label": "logger", + "description": [], + "signature": [ + { + "pluginId": "@kbn/logging", + "scope": "common", + "docId": "kibKbnLoggingPluginApi", + "section": "def-common.Logger", + "text": "Logger" + } + ], + "path": "packages/content-management/favorites/favorites_server/src/index.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [], + "initialIsOpen": false + } + ], + "interfaces": [ + { + "parentPluginId": "@kbn/content-management-favorites-server", + "id": "def-server.GetFavoritesResponse", + "type": "Interface", + "tags": [], + "label": "GetFavoritesResponse", + "description": [], + "path": "packages/content-management/favorites/favorites_server/src/favorites_routes.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/content-management-favorites-server", + "id": "def-server.GetFavoritesResponse.favoriteIds", + "type": "Array", + "tags": [], + "label": "favoriteIds", + "description": [], + "signature": [ + "string[]" + ], + "path": "packages/content-management/favorites/favorites_server/src/favorites_routes.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + } + ], + "enums": [], + "misc": [], + "objects": [] + }, + "common": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + } +} \ No newline at end of file diff --git a/api_docs/kbn_content_management_favorites_server.mdx b/api_docs/kbn_content_management_favorites_server.mdx new file mode 100644 index 0000000000000..e040ecd7e6341 --- /dev/null +++ b/api_docs/kbn_content_management_favorites_server.mdx @@ -0,0 +1,33 @@ +--- +#### +#### This document is auto-generated and is meant to be viewed inside our experimental, new docs system. +#### Reach out in #docs-engineering for more info. +#### +id: kibKbnContentManagementFavoritesServerPluginApi +slug: /kibana-dev-docs/api/kbn-content-management-favorites-server +title: "@kbn/content-management-favorites-server" +image: https://source.unsplash.com/400x175/?github +description: API docs for the @kbn/content-management-favorites-server plugin +date: 2024-08-14 +tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-server'] +--- +import kbnContentManagementFavoritesServerObj from './kbn_content_management_favorites_server.devdocs.json'; + + + +Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) for questions regarding this plugin. + +**Code health stats** + +| Public API count | Any count | Items lacking comments | Missing exports | +|-------------------|-----------|------------------------|-----------------| +| 6 | 0 | 6 | 0 | + +## Server + +### Functions + + +### Interfaces + + diff --git a/api_docs/kbn_content_management_tabbed_table_list_view.mdx b/api_docs/kbn_content_management_tabbed_table_list_view.mdx index 3d235f8dc56af..e48b3e2666143 100644 --- a/api_docs/kbn_content_management_tabbed_table_list_view.mdx +++ b/api_docs/kbn_content_management_tabbed_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-tabbed-table-list-view title: "@kbn/content-management-tabbed-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-tabbed-table-list-view plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-tabbed-table-list-view'] --- import kbnContentManagementTabbedTableListViewObj from './kbn_content_management_tabbed_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view.mdx b/api_docs/kbn_content_management_table_list_view.mdx index c0385184834f1..f4b9decbc851c 100644 --- a/api_docs/kbn_content_management_table_list_view.mdx +++ b/api_docs/kbn_content_management_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view title: "@kbn/content-management-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view'] --- import kbnContentManagementTableListViewObj from './kbn_content_management_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_common.mdx b/api_docs/kbn_content_management_table_list_view_common.mdx index a32c3a215b138..bcb522f8a92a2 100644 --- a/api_docs/kbn_content_management_table_list_view_common.mdx +++ b/api_docs/kbn_content_management_table_list_view_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-common title: "@kbn/content-management-table-list-view-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-common'] --- import kbnContentManagementTableListViewCommonObj from './kbn_content_management_table_list_view_common.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_table.devdocs.json b/api_docs/kbn_content_management_table_list_view_table.devdocs.json index 62a0a06a9bdd3..4159e15e02447 100644 --- a/api_docs/kbn_content_management_table_list_view_table.devdocs.json +++ b/api_docs/kbn_content_management_table_list_view_table.devdocs.json @@ -325,6 +325,29 @@ "trackAdoption": false } ] + }, + { + "parentPluginId": "@kbn/content-management-table-list-view-table", + "id": "def-public.TableListViewKibanaDependencies.favorites", + "type": "Object", + "tags": [], + "label": "favorites", + "description": [ + "\nThe favorites client to enable the favorites feature." + ], + "signature": [ + { + "pluginId": "@kbn/content-management-favorites-public", + "scope": "public", + "docId": "kibKbnContentManagementFavoritesPublicPluginApi", + "section": "def-public.FavoritesClientPublic", + "text": "FavoritesClientPublic" + }, + " | undefined" + ], + "path": "packages/content-management/table_list_view_table/src/services.tsx", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/kbn_content_management_table_list_view_table.mdx b/api_docs/kbn_content_management_table_list_view_table.mdx index b5a422a97e9c0..b7ea73b69039c 100644 --- a/api_docs/kbn_content_management_table_list_view_table.mdx +++ b/api_docs/kbn_content_management_table_list_view_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-table title: "@kbn/content-management-table-list-view-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-table plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-table'] --- import kbnContentManagementTableListViewTableObj from './kbn_content_management_table_list_view_table.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 49 | 0 | 33 | 3 | +| 50 | 0 | 33 | 3 | ## Client diff --git a/api_docs/kbn_content_management_user_profiles.mdx b/api_docs/kbn_content_management_user_profiles.mdx index cc351f6020cd0..44f736994f0c8 100644 --- a/api_docs/kbn_content_management_user_profiles.mdx +++ b/api_docs/kbn_content_management_user_profiles.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-user-profiles title: "@kbn/content-management-user-profiles" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-user-profiles plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-user-profiles'] --- import kbnContentManagementUserProfilesObj from './kbn_content_management_user_profiles.devdocs.json'; diff --git a/api_docs/kbn_content_management_utils.mdx b/api_docs/kbn_content_management_utils.mdx index 84d01dd68d1c8..0d4f902971d1d 100644 --- a/api_docs/kbn_content_management_utils.mdx +++ b/api_docs/kbn_content_management_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-utils title: "@kbn/content-management-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-utils'] --- import kbnContentManagementUtilsObj from './kbn_content_management_utils.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser.mdx b/api_docs/kbn_core_analytics_browser.mdx index f8e7201dee1f9..e4ad35b4fd80b 100644 --- a/api_docs/kbn_core_analytics_browser.mdx +++ b/api_docs/kbn_core_analytics_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser title: "@kbn/core-analytics-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser'] --- import kbnCoreAnalyticsBrowserObj from './kbn_core_analytics_browser.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_internal.mdx b/api_docs/kbn_core_analytics_browser_internal.mdx index 601a0cbf8a9bc..29dfa47a7a005 100644 --- a/api_docs/kbn_core_analytics_browser_internal.mdx +++ b/api_docs/kbn_core_analytics_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-internal title: "@kbn/core-analytics-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-internal'] --- import kbnCoreAnalyticsBrowserInternalObj from './kbn_core_analytics_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_mocks.mdx b/api_docs/kbn_core_analytics_browser_mocks.mdx index 97067d8baedb9..79e2e94a469cf 100644 --- a/api_docs/kbn_core_analytics_browser_mocks.mdx +++ b/api_docs/kbn_core_analytics_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-mocks title: "@kbn/core-analytics-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-mocks'] --- import kbnCoreAnalyticsBrowserMocksObj from './kbn_core_analytics_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server.mdx b/api_docs/kbn_core_analytics_server.mdx index d4de886057840..833722768ab41 100644 --- a/api_docs/kbn_core_analytics_server.mdx +++ b/api_docs/kbn_core_analytics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server title: "@kbn/core-analytics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server'] --- import kbnCoreAnalyticsServerObj from './kbn_core_analytics_server.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_internal.mdx b/api_docs/kbn_core_analytics_server_internal.mdx index 4de907c9e09e0..dad7a733b9377 100644 --- a/api_docs/kbn_core_analytics_server_internal.mdx +++ b/api_docs/kbn_core_analytics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-internal title: "@kbn/core-analytics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-internal'] --- import kbnCoreAnalyticsServerInternalObj from './kbn_core_analytics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_mocks.mdx b/api_docs/kbn_core_analytics_server_mocks.mdx index e3032d287d1e1..b8b89e6d381be 100644 --- a/api_docs/kbn_core_analytics_server_mocks.mdx +++ b/api_docs/kbn_core_analytics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-mocks title: "@kbn/core-analytics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-mocks'] --- import kbnCoreAnalyticsServerMocksObj from './kbn_core_analytics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser.mdx b/api_docs/kbn_core_application_browser.mdx index 46798cdf3c407..202e7c21775b0 100644 --- a/api_docs/kbn_core_application_browser.mdx +++ b/api_docs/kbn_core_application_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser title: "@kbn/core-application-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser'] --- import kbnCoreApplicationBrowserObj from './kbn_core_application_browser.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_internal.mdx b/api_docs/kbn_core_application_browser_internal.mdx index ba4afee732ccb..995ec4f0b75d1 100644 --- a/api_docs/kbn_core_application_browser_internal.mdx +++ b/api_docs/kbn_core_application_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-internal title: "@kbn/core-application-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-internal'] --- import kbnCoreApplicationBrowserInternalObj from './kbn_core_application_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_mocks.mdx b/api_docs/kbn_core_application_browser_mocks.mdx index b2858c445aed2..47736149cf1d2 100644 --- a/api_docs/kbn_core_application_browser_mocks.mdx +++ b/api_docs/kbn_core_application_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-mocks title: "@kbn/core-application-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-mocks'] --- import kbnCoreApplicationBrowserMocksObj from './kbn_core_application_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_common.mdx b/api_docs/kbn_core_application_common.mdx index ff2c5bda17d9c..eeff041b83163 100644 --- a/api_docs/kbn_core_application_common.mdx +++ b/api_docs/kbn_core_application_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-common title: "@kbn/core-application-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-common'] --- import kbnCoreApplicationCommonObj from './kbn_core_application_common.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_internal.mdx b/api_docs/kbn_core_apps_browser_internal.mdx index d1e3efac15399..918b4897c1c82 100644 --- a/api_docs/kbn_core_apps_browser_internal.mdx +++ b/api_docs/kbn_core_apps_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-internal title: "@kbn/core-apps-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-internal'] --- import kbnCoreAppsBrowserInternalObj from './kbn_core_apps_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_mocks.mdx b/api_docs/kbn_core_apps_browser_mocks.mdx index b73bac0786684..32df345b857a7 100644 --- a/api_docs/kbn_core_apps_browser_mocks.mdx +++ b/api_docs/kbn_core_apps_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-mocks title: "@kbn/core-apps-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-mocks'] --- import kbnCoreAppsBrowserMocksObj from './kbn_core_apps_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_apps_server_internal.mdx b/api_docs/kbn_core_apps_server_internal.mdx index 6819984d3b1e8..d5aef7fee726a 100644 --- a/api_docs/kbn_core_apps_server_internal.mdx +++ b/api_docs/kbn_core_apps_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-server-internal title: "@kbn/core-apps-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-server-internal'] --- import kbnCoreAppsServerInternalObj from './kbn_core_apps_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_browser_mocks.mdx b/api_docs/kbn_core_base_browser_mocks.mdx index c9c5736320580..1c9738541c275 100644 --- a/api_docs/kbn_core_base_browser_mocks.mdx +++ b/api_docs/kbn_core_base_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-browser-mocks title: "@kbn/core-base-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-browser-mocks'] --- import kbnCoreBaseBrowserMocksObj from './kbn_core_base_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_base_common.mdx b/api_docs/kbn_core_base_common.mdx index 60001988cb466..1584ffcd7379b 100644 --- a/api_docs/kbn_core_base_common.mdx +++ b/api_docs/kbn_core_base_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-common title: "@kbn/core-base-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-common'] --- import kbnCoreBaseCommonObj from './kbn_core_base_common.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_internal.mdx b/api_docs/kbn_core_base_server_internal.mdx index 01fa97101c329..25eae5c1c4c16 100644 --- a/api_docs/kbn_core_base_server_internal.mdx +++ b/api_docs/kbn_core_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-internal title: "@kbn/core-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-internal'] --- import kbnCoreBaseServerInternalObj from './kbn_core_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_mocks.mdx b/api_docs/kbn_core_base_server_mocks.mdx index e8806faae57c2..ebc51615d9e8e 100644 --- a/api_docs/kbn_core_base_server_mocks.mdx +++ b/api_docs/kbn_core_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-mocks title: "@kbn/core-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-mocks'] --- import kbnCoreBaseServerMocksObj from './kbn_core_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_browser_mocks.mdx b/api_docs/kbn_core_capabilities_browser_mocks.mdx index abd57f9603eb7..df1235c5105f8 100644 --- a/api_docs/kbn_core_capabilities_browser_mocks.mdx +++ b/api_docs/kbn_core_capabilities_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-browser-mocks title: "@kbn/core-capabilities-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-browser-mocks'] --- import kbnCoreCapabilitiesBrowserMocksObj from './kbn_core_capabilities_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_common.mdx b/api_docs/kbn_core_capabilities_common.mdx index f5f5f1be6a41b..1022a8f5d48f2 100644 --- a/api_docs/kbn_core_capabilities_common.mdx +++ b/api_docs/kbn_core_capabilities_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-common title: "@kbn/core-capabilities-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-common'] --- import kbnCoreCapabilitiesCommonObj from './kbn_core_capabilities_common.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server.mdx b/api_docs/kbn_core_capabilities_server.mdx index 2899313fe130e..6141fe740a194 100644 --- a/api_docs/kbn_core_capabilities_server.mdx +++ b/api_docs/kbn_core_capabilities_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server title: "@kbn/core-capabilities-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server'] --- import kbnCoreCapabilitiesServerObj from './kbn_core_capabilities_server.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server_mocks.mdx b/api_docs/kbn_core_capabilities_server_mocks.mdx index fd883291a2132..08632fba94c16 100644 --- a/api_docs/kbn_core_capabilities_server_mocks.mdx +++ b/api_docs/kbn_core_capabilities_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server-mocks title: "@kbn/core-capabilities-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server-mocks'] --- import kbnCoreCapabilitiesServerMocksObj from './kbn_core_capabilities_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser.mdx b/api_docs/kbn_core_chrome_browser.mdx index e2dbc018432a0..a129ab5dc1f49 100644 --- a/api_docs/kbn_core_chrome_browser.mdx +++ b/api_docs/kbn_core_chrome_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser title: "@kbn/core-chrome-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser'] --- import kbnCoreChromeBrowserObj from './kbn_core_chrome_browser.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser_mocks.mdx b/api_docs/kbn_core_chrome_browser_mocks.mdx index 30ad05a4e9e70..cd6d96f92af9b 100644 --- a/api_docs/kbn_core_chrome_browser_mocks.mdx +++ b/api_docs/kbn_core_chrome_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser-mocks title: "@kbn/core-chrome-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser-mocks'] --- import kbnCoreChromeBrowserMocksObj from './kbn_core_chrome_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_config_server_internal.mdx b/api_docs/kbn_core_config_server_internal.mdx index 7612bfc78bf1e..4517d9a92da86 100644 --- a/api_docs/kbn_core_config_server_internal.mdx +++ b/api_docs/kbn_core_config_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-config-server-internal title: "@kbn/core-config-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-config-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-config-server-internal'] --- import kbnCoreConfigServerInternalObj from './kbn_core_config_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser.mdx b/api_docs/kbn_core_custom_branding_browser.mdx index 1524254001c6f..d7671e366d0cc 100644 --- a/api_docs/kbn_core_custom_branding_browser.mdx +++ b/api_docs/kbn_core_custom_branding_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser title: "@kbn/core-custom-branding-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser'] --- import kbnCoreCustomBrandingBrowserObj from './kbn_core_custom_branding_browser.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_internal.mdx b/api_docs/kbn_core_custom_branding_browser_internal.mdx index 8ff2c9a90e4cd..d5b7d7a8cbcfb 100644 --- a/api_docs/kbn_core_custom_branding_browser_internal.mdx +++ b/api_docs/kbn_core_custom_branding_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-internal title: "@kbn/core-custom-branding-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-internal'] --- import kbnCoreCustomBrandingBrowserInternalObj from './kbn_core_custom_branding_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_mocks.mdx b/api_docs/kbn_core_custom_branding_browser_mocks.mdx index e22550841a8de..72a8aee0893e9 100644 --- a/api_docs/kbn_core_custom_branding_browser_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-mocks title: "@kbn/core-custom-branding-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-mocks'] --- import kbnCoreCustomBrandingBrowserMocksObj from './kbn_core_custom_branding_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_common.mdx b/api_docs/kbn_core_custom_branding_common.mdx index bfbd979d07637..17478f4586535 100644 --- a/api_docs/kbn_core_custom_branding_common.mdx +++ b/api_docs/kbn_core_custom_branding_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-common title: "@kbn/core-custom-branding-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-common'] --- import kbnCoreCustomBrandingCommonObj from './kbn_core_custom_branding_common.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server.mdx b/api_docs/kbn_core_custom_branding_server.mdx index 494f6ca18df81..91ae8c25d3159 100644 --- a/api_docs/kbn_core_custom_branding_server.mdx +++ b/api_docs/kbn_core_custom_branding_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server title: "@kbn/core-custom-branding-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server'] --- import kbnCoreCustomBrandingServerObj from './kbn_core_custom_branding_server.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_internal.mdx b/api_docs/kbn_core_custom_branding_server_internal.mdx index 14c433c683189..1d088c96b46ef 100644 --- a/api_docs/kbn_core_custom_branding_server_internal.mdx +++ b/api_docs/kbn_core_custom_branding_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-internal title: "@kbn/core-custom-branding-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-internal'] --- import kbnCoreCustomBrandingServerInternalObj from './kbn_core_custom_branding_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_mocks.mdx b/api_docs/kbn_core_custom_branding_server_mocks.mdx index 435f8de318c42..3085393b972d9 100644 --- a/api_docs/kbn_core_custom_branding_server_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-mocks title: "@kbn/core-custom-branding-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-mocks'] --- import kbnCoreCustomBrandingServerMocksObj from './kbn_core_custom_branding_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser.mdx b/api_docs/kbn_core_deprecations_browser.mdx index 2b42db41ad0c9..6df41573214d3 100644 --- a/api_docs/kbn_core_deprecations_browser.mdx +++ b/api_docs/kbn_core_deprecations_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser title: "@kbn/core-deprecations-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser'] --- import kbnCoreDeprecationsBrowserObj from './kbn_core_deprecations_browser.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_internal.mdx b/api_docs/kbn_core_deprecations_browser_internal.mdx index 014e24e94e3f3..419860d3edd0e 100644 --- a/api_docs/kbn_core_deprecations_browser_internal.mdx +++ b/api_docs/kbn_core_deprecations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-internal title: "@kbn/core-deprecations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-internal'] --- import kbnCoreDeprecationsBrowserInternalObj from './kbn_core_deprecations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_mocks.mdx b/api_docs/kbn_core_deprecations_browser_mocks.mdx index d00ce77c7f129..c96b55d4eeb8e 100644 --- a/api_docs/kbn_core_deprecations_browser_mocks.mdx +++ b/api_docs/kbn_core_deprecations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-mocks title: "@kbn/core-deprecations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-mocks'] --- import kbnCoreDeprecationsBrowserMocksObj from './kbn_core_deprecations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_common.mdx b/api_docs/kbn_core_deprecations_common.mdx index c094cb3438e52..d36424f8390be 100644 --- a/api_docs/kbn_core_deprecations_common.mdx +++ b/api_docs/kbn_core_deprecations_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-common title: "@kbn/core-deprecations-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-common'] --- import kbnCoreDeprecationsCommonObj from './kbn_core_deprecations_common.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server.mdx b/api_docs/kbn_core_deprecations_server.mdx index 490a64e4df36a..4437cc885cc11 100644 --- a/api_docs/kbn_core_deprecations_server.mdx +++ b/api_docs/kbn_core_deprecations_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server title: "@kbn/core-deprecations-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server'] --- import kbnCoreDeprecationsServerObj from './kbn_core_deprecations_server.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_internal.mdx b/api_docs/kbn_core_deprecations_server_internal.mdx index 387b9bf63ef32..e3e90d7e6dc45 100644 --- a/api_docs/kbn_core_deprecations_server_internal.mdx +++ b/api_docs/kbn_core_deprecations_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-internal title: "@kbn/core-deprecations-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-internal'] --- import kbnCoreDeprecationsServerInternalObj from './kbn_core_deprecations_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_mocks.mdx b/api_docs/kbn_core_deprecations_server_mocks.mdx index a4190cf2dd312..e4c0e68bc150c 100644 --- a/api_docs/kbn_core_deprecations_server_mocks.mdx +++ b/api_docs/kbn_core_deprecations_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-mocks title: "@kbn/core-deprecations-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-mocks'] --- import kbnCoreDeprecationsServerMocksObj from './kbn_core_deprecations_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser.mdx b/api_docs/kbn_core_doc_links_browser.mdx index b08279e025b71..3e312d0285c39 100644 --- a/api_docs/kbn_core_doc_links_browser.mdx +++ b/api_docs/kbn_core_doc_links_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser title: "@kbn/core-doc-links-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser'] --- import kbnCoreDocLinksBrowserObj from './kbn_core_doc_links_browser.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser_mocks.mdx b/api_docs/kbn_core_doc_links_browser_mocks.mdx index 686df9c4946b5..59c581155479a 100644 --- a/api_docs/kbn_core_doc_links_browser_mocks.mdx +++ b/api_docs/kbn_core_doc_links_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser-mocks title: "@kbn/core-doc-links-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser-mocks'] --- import kbnCoreDocLinksBrowserMocksObj from './kbn_core_doc_links_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server.mdx b/api_docs/kbn_core_doc_links_server.mdx index daaa349e06ad9..9d3f6025521e2 100644 --- a/api_docs/kbn_core_doc_links_server.mdx +++ b/api_docs/kbn_core_doc_links_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server title: "@kbn/core-doc-links-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server'] --- import kbnCoreDocLinksServerObj from './kbn_core_doc_links_server.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server_mocks.mdx b/api_docs/kbn_core_doc_links_server_mocks.mdx index 7489fc9200e91..2a06b64c257ad 100644 --- a/api_docs/kbn_core_doc_links_server_mocks.mdx +++ b/api_docs/kbn_core_doc_links_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server-mocks title: "@kbn/core-doc-links-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server-mocks'] --- import kbnCoreDocLinksServerMocksObj from './kbn_core_doc_links_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx index af600b5805abc..300f2e8c35d81 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-internal title: "@kbn/core-elasticsearch-client-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-internal'] --- import kbnCoreElasticsearchClientServerInternalObj from './kbn_core_elasticsearch_client_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx index f92c21b5f8180..e6a23c3d779c9 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-mocks title: "@kbn/core-elasticsearch-client-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-mocks'] --- import kbnCoreElasticsearchClientServerMocksObj from './kbn_core_elasticsearch_client_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server.mdx b/api_docs/kbn_core_elasticsearch_server.mdx index 9f59734a27f7f..a1784310cea1c 100644 --- a/api_docs/kbn_core_elasticsearch_server.mdx +++ b/api_docs/kbn_core_elasticsearch_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server title: "@kbn/core-elasticsearch-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server'] --- import kbnCoreElasticsearchServerObj from './kbn_core_elasticsearch_server.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_internal.mdx b/api_docs/kbn_core_elasticsearch_server_internal.mdx index 8b8db8b8d91cb..c6127eea237e9 100644 --- a/api_docs/kbn_core_elasticsearch_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-internal title: "@kbn/core-elasticsearch-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-internal'] --- import kbnCoreElasticsearchServerInternalObj from './kbn_core_elasticsearch_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_server_mocks.mdx index 9e5a464d732d2..fa12213bdc9ec 100644 --- a/api_docs/kbn_core_elasticsearch_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-mocks title: "@kbn/core-elasticsearch-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-mocks'] --- import kbnCoreElasticsearchServerMocksObj from './kbn_core_elasticsearch_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_internal.mdx b/api_docs/kbn_core_environment_server_internal.mdx index 5cfa143d32c8b..687b453d68012 100644 --- a/api_docs/kbn_core_environment_server_internal.mdx +++ b/api_docs/kbn_core_environment_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-internal title: "@kbn/core-environment-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-internal'] --- import kbnCoreEnvironmentServerInternalObj from './kbn_core_environment_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_mocks.mdx b/api_docs/kbn_core_environment_server_mocks.mdx index 32a96539f15c1..1d3c14efd9e25 100644 --- a/api_docs/kbn_core_environment_server_mocks.mdx +++ b/api_docs/kbn_core_environment_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-mocks title: "@kbn/core-environment-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-mocks'] --- import kbnCoreEnvironmentServerMocksObj from './kbn_core_environment_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser.mdx b/api_docs/kbn_core_execution_context_browser.mdx index 34bc8c9c2ec3c..610549aac909a 100644 --- a/api_docs/kbn_core_execution_context_browser.mdx +++ b/api_docs/kbn_core_execution_context_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser title: "@kbn/core-execution-context-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser'] --- import kbnCoreExecutionContextBrowserObj from './kbn_core_execution_context_browser.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_internal.mdx b/api_docs/kbn_core_execution_context_browser_internal.mdx index ef31936db5f13..82a78960e36d0 100644 --- a/api_docs/kbn_core_execution_context_browser_internal.mdx +++ b/api_docs/kbn_core_execution_context_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-internal title: "@kbn/core-execution-context-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-internal'] --- import kbnCoreExecutionContextBrowserInternalObj from './kbn_core_execution_context_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_mocks.mdx b/api_docs/kbn_core_execution_context_browser_mocks.mdx index bd8fc5a101f36..0ba664d6f4b61 100644 --- a/api_docs/kbn_core_execution_context_browser_mocks.mdx +++ b/api_docs/kbn_core_execution_context_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-mocks title: "@kbn/core-execution-context-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-mocks'] --- import kbnCoreExecutionContextBrowserMocksObj from './kbn_core_execution_context_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_common.mdx b/api_docs/kbn_core_execution_context_common.mdx index 22fe182567882..c3414513cc3fe 100644 --- a/api_docs/kbn_core_execution_context_common.mdx +++ b/api_docs/kbn_core_execution_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-common title: "@kbn/core-execution-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-common'] --- import kbnCoreExecutionContextCommonObj from './kbn_core_execution_context_common.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server.mdx b/api_docs/kbn_core_execution_context_server.mdx index 5c46d3c554e3e..8949dd69d12de 100644 --- a/api_docs/kbn_core_execution_context_server.mdx +++ b/api_docs/kbn_core_execution_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server title: "@kbn/core-execution-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server'] --- import kbnCoreExecutionContextServerObj from './kbn_core_execution_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_internal.mdx b/api_docs/kbn_core_execution_context_server_internal.mdx index da3c5a9770626..c8861c20020f0 100644 --- a/api_docs/kbn_core_execution_context_server_internal.mdx +++ b/api_docs/kbn_core_execution_context_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-internal title: "@kbn/core-execution-context-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-internal'] --- import kbnCoreExecutionContextServerInternalObj from './kbn_core_execution_context_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_mocks.mdx b/api_docs/kbn_core_execution_context_server_mocks.mdx index ce5b60b2e9444..17b957f5f90ce 100644 --- a/api_docs/kbn_core_execution_context_server_mocks.mdx +++ b/api_docs/kbn_core_execution_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-mocks title: "@kbn/core-execution-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-mocks'] --- import kbnCoreExecutionContextServerMocksObj from './kbn_core_execution_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser.mdx b/api_docs/kbn_core_fatal_errors_browser.mdx index d76acfe28ea7d..6fc8034ebbe8c 100644 --- a/api_docs/kbn_core_fatal_errors_browser.mdx +++ b/api_docs/kbn_core_fatal_errors_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser title: "@kbn/core-fatal-errors-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser'] --- import kbnCoreFatalErrorsBrowserObj from './kbn_core_fatal_errors_browser.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx index 0347c62cb2852..920c9d63e00e1 100644 --- a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx +++ b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser-mocks title: "@kbn/core-fatal-errors-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser-mocks'] --- import kbnCoreFatalErrorsBrowserMocksObj from './kbn_core_fatal_errors_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser.mdx b/api_docs/kbn_core_http_browser.mdx index 6366d25319bbf..62d89d074e84f 100644 --- a/api_docs/kbn_core_http_browser.mdx +++ b/api_docs/kbn_core_http_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser title: "@kbn/core-http-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser'] --- import kbnCoreHttpBrowserObj from './kbn_core_http_browser.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_internal.mdx b/api_docs/kbn_core_http_browser_internal.mdx index ab41703f871e4..e3c1893c81ad3 100644 --- a/api_docs/kbn_core_http_browser_internal.mdx +++ b/api_docs/kbn_core_http_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-internal title: "@kbn/core-http-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-internal'] --- import kbnCoreHttpBrowserInternalObj from './kbn_core_http_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_mocks.mdx b/api_docs/kbn_core_http_browser_mocks.mdx index 78af590e6341d..8677378bbeadb 100644 --- a/api_docs/kbn_core_http_browser_mocks.mdx +++ b/api_docs/kbn_core_http_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-mocks title: "@kbn/core-http-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-mocks'] --- import kbnCoreHttpBrowserMocksObj from './kbn_core_http_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_common.mdx b/api_docs/kbn_core_http_common.mdx index 2d67dee7cb31c..5581c3377785a 100644 --- a/api_docs/kbn_core_http_common.mdx +++ b/api_docs/kbn_core_http_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-common title: "@kbn/core-http-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-common'] --- import kbnCoreHttpCommonObj from './kbn_core_http_common.devdocs.json'; diff --git a/api_docs/kbn_core_http_context_server_mocks.mdx b/api_docs/kbn_core_http_context_server_mocks.mdx index df9a82436725a..6bc52a068c6c0 100644 --- a/api_docs/kbn_core_http_context_server_mocks.mdx +++ b/api_docs/kbn_core_http_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-context-server-mocks title: "@kbn/core-http-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-context-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-context-server-mocks'] --- import kbnCoreHttpContextServerMocksObj from './kbn_core_http_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_request_handler_context_server.mdx b/api_docs/kbn_core_http_request_handler_context_server.mdx index 89ccdef79a5f5..fe95460dde003 100644 --- a/api_docs/kbn_core_http_request_handler_context_server.mdx +++ b/api_docs/kbn_core_http_request_handler_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-request-handler-context-server title: "@kbn/core-http-request-handler-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-request-handler-context-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-request-handler-context-server'] --- import kbnCoreHttpRequestHandlerContextServerObj from './kbn_core_http_request_handler_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server.mdx b/api_docs/kbn_core_http_resources_server.mdx index 46d9e0b84c396..3093cbbc4078d 100644 --- a/api_docs/kbn_core_http_resources_server.mdx +++ b/api_docs/kbn_core_http_resources_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server title: "@kbn/core-http-resources-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server'] --- import kbnCoreHttpResourcesServerObj from './kbn_core_http_resources_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_internal.mdx b/api_docs/kbn_core_http_resources_server_internal.mdx index 19c3fa513b358..eb10dce094e62 100644 --- a/api_docs/kbn_core_http_resources_server_internal.mdx +++ b/api_docs/kbn_core_http_resources_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-internal title: "@kbn/core-http-resources-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-internal'] --- import kbnCoreHttpResourcesServerInternalObj from './kbn_core_http_resources_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_mocks.mdx b/api_docs/kbn_core_http_resources_server_mocks.mdx index 4200290640757..e5929c5f55ac9 100644 --- a/api_docs/kbn_core_http_resources_server_mocks.mdx +++ b/api_docs/kbn_core_http_resources_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-mocks title: "@kbn/core-http-resources-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-mocks'] --- import kbnCoreHttpResourcesServerMocksObj from './kbn_core_http_resources_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_internal.mdx b/api_docs/kbn_core_http_router_server_internal.mdx index 14cb758ead89d..30b19ede4a9c9 100644 --- a/api_docs/kbn_core_http_router_server_internal.mdx +++ b/api_docs/kbn_core_http_router_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-internal title: "@kbn/core-http-router-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-internal'] --- import kbnCoreHttpRouterServerInternalObj from './kbn_core_http_router_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_mocks.mdx b/api_docs/kbn_core_http_router_server_mocks.mdx index dc0253790ec2a..3c916b4e48532 100644 --- a/api_docs/kbn_core_http_router_server_mocks.mdx +++ b/api_docs/kbn_core_http_router_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-mocks title: "@kbn/core-http-router-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-mocks'] --- import kbnCoreHttpRouterServerMocksObj from './kbn_core_http_router_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_server.devdocs.json b/api_docs/kbn_core_http_server.devdocs.json index cc5185b0ceb81..9c76bd94dbc44 100644 --- a/api_docs/kbn_core_http_server.devdocs.json +++ b/api_docs/kbn_core_http_server.devdocs.json @@ -3698,6 +3698,10 @@ "plugin": "actions", "path": "x-pack/plugins/actions/server/routes/legacy/list_action_types.ts" }, + { + "plugin": "@kbn/content-management-favorites-server", + "path": "packages/content-management/favorites/favorites_server/src/favorites_routes.ts" + }, { "plugin": "share", "path": "src/plugins/share/server/url_service/http/short_urls/register_get_route.ts" @@ -6360,6 +6364,14 @@ "plugin": "actions", "path": "x-pack/plugins/actions/server/routes/get_global_execution_kpi.ts" }, + { + "plugin": "@kbn/content-management-favorites-server", + "path": "packages/content-management/favorites/favorites_server/src/favorites_routes.ts" + }, + { + "plugin": "@kbn/content-management-favorites-server", + "path": "packages/content-management/favorites/favorites_server/src/favorites_routes.ts" + }, { "plugin": "contentManagement", "path": "src/plugins/content_management/server/rpc/routes/routes.ts" @@ -7384,10 +7396,6 @@ "plugin": "contentManagement", "path": "src/plugins/content_management/server/plugin.test.ts" }, - { - "plugin": "contentManagement", - "path": "src/plugins/content_management/server/plugin.test.ts" - }, { "plugin": "dataViewManagement", "path": "src/plugins/data_view_management/server/routes/preview_scripted_field.ts" diff --git a/api_docs/kbn_core_http_server.mdx b/api_docs/kbn_core_http_server.mdx index 21f3bb901bbc6..e0fe8c084cf7e 100644 --- a/api_docs/kbn_core_http_server.mdx +++ b/api_docs/kbn_core_http_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server title: "@kbn/core-http-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server'] --- import kbnCoreHttpServerObj from './kbn_core_http_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_internal.mdx b/api_docs/kbn_core_http_server_internal.mdx index 9a4eb9dc33a47..55dfd59543221 100644 --- a/api_docs/kbn_core_http_server_internal.mdx +++ b/api_docs/kbn_core_http_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-internal title: "@kbn/core-http-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-internal'] --- import kbnCoreHttpServerInternalObj from './kbn_core_http_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_mocks.mdx b/api_docs/kbn_core_http_server_mocks.mdx index f7909af9a4795..6cc6a9ec278a4 100644 --- a/api_docs/kbn_core_http_server_mocks.mdx +++ b/api_docs/kbn_core_http_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-mocks title: "@kbn/core-http-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-mocks'] --- import kbnCoreHttpServerMocksObj from './kbn_core_http_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser.mdx b/api_docs/kbn_core_i18n_browser.mdx index dabf55fde826e..4c12007e55a76 100644 --- a/api_docs/kbn_core_i18n_browser.mdx +++ b/api_docs/kbn_core_i18n_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser title: "@kbn/core-i18n-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser'] --- import kbnCoreI18nBrowserObj from './kbn_core_i18n_browser.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser_mocks.mdx b/api_docs/kbn_core_i18n_browser_mocks.mdx index f85837815257d..d0d12389c7178 100644 --- a/api_docs/kbn_core_i18n_browser_mocks.mdx +++ b/api_docs/kbn_core_i18n_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser-mocks title: "@kbn/core-i18n-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser-mocks'] --- import kbnCoreI18nBrowserMocksObj from './kbn_core_i18n_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server.mdx b/api_docs/kbn_core_i18n_server.mdx index 707cd156d4fc4..ce2686c649a3a 100644 --- a/api_docs/kbn_core_i18n_server.mdx +++ b/api_docs/kbn_core_i18n_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server title: "@kbn/core-i18n-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server'] --- import kbnCoreI18nServerObj from './kbn_core_i18n_server.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_internal.mdx b/api_docs/kbn_core_i18n_server_internal.mdx index 2f0e3c9745871..b783cc4194086 100644 --- a/api_docs/kbn_core_i18n_server_internal.mdx +++ b/api_docs/kbn_core_i18n_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-internal title: "@kbn/core-i18n-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-internal'] --- import kbnCoreI18nServerInternalObj from './kbn_core_i18n_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_mocks.mdx b/api_docs/kbn_core_i18n_server_mocks.mdx index 0f3bd01371918..5728e3cc005f6 100644 --- a/api_docs/kbn_core_i18n_server_mocks.mdx +++ b/api_docs/kbn_core_i18n_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-mocks title: "@kbn/core-i18n-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-mocks'] --- import kbnCoreI18nServerMocksObj from './kbn_core_i18n_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx index 92550ce2e0a46..bb20be08ad4c8 100644 --- a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx +++ b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-injected-metadata-browser-mocks title: "@kbn/core-injected-metadata-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-injected-metadata-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-injected-metadata-browser-mocks'] --- import kbnCoreInjectedMetadataBrowserMocksObj from './kbn_core_injected_metadata_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_internal.mdx b/api_docs/kbn_core_integrations_browser_internal.mdx index 1f7584261fa00..547ffdd69eca2 100644 --- a/api_docs/kbn_core_integrations_browser_internal.mdx +++ b/api_docs/kbn_core_integrations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-internal title: "@kbn/core-integrations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-internal'] --- import kbnCoreIntegrationsBrowserInternalObj from './kbn_core_integrations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_mocks.mdx b/api_docs/kbn_core_integrations_browser_mocks.mdx index adfb5ab90b917..d0edef79a76b2 100644 --- a/api_docs/kbn_core_integrations_browser_mocks.mdx +++ b/api_docs/kbn_core_integrations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-mocks title: "@kbn/core-integrations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-mocks'] --- import kbnCoreIntegrationsBrowserMocksObj from './kbn_core_integrations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser.mdx b/api_docs/kbn_core_lifecycle_browser.mdx index 3c23d4746d64d..7d77d5e24fb6f 100644 --- a/api_docs/kbn_core_lifecycle_browser.mdx +++ b/api_docs/kbn_core_lifecycle_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser title: "@kbn/core-lifecycle-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser'] --- import kbnCoreLifecycleBrowserObj from './kbn_core_lifecycle_browser.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser_mocks.mdx b/api_docs/kbn_core_lifecycle_browser_mocks.mdx index 932ec467fe282..5fdbc8055d3b4 100644 --- a/api_docs/kbn_core_lifecycle_browser_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser-mocks title: "@kbn/core-lifecycle-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser-mocks'] --- import kbnCoreLifecycleBrowserMocksObj from './kbn_core_lifecycle_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server.mdx b/api_docs/kbn_core_lifecycle_server.mdx index acfe01f8a7557..191a32521fc66 100644 --- a/api_docs/kbn_core_lifecycle_server.mdx +++ b/api_docs/kbn_core_lifecycle_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server title: "@kbn/core-lifecycle-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server'] --- import kbnCoreLifecycleServerObj from './kbn_core_lifecycle_server.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server_mocks.mdx b/api_docs/kbn_core_lifecycle_server_mocks.mdx index e416530d7b696..399da03b2b657 100644 --- a/api_docs/kbn_core_lifecycle_server_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server-mocks title: "@kbn/core-lifecycle-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server-mocks'] --- import kbnCoreLifecycleServerMocksObj from './kbn_core_lifecycle_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_browser_mocks.mdx b/api_docs/kbn_core_logging_browser_mocks.mdx index 8d800f6bbac92..fc06e2b33f6d8 100644 --- a/api_docs/kbn_core_logging_browser_mocks.mdx +++ b/api_docs/kbn_core_logging_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-browser-mocks title: "@kbn/core-logging-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-browser-mocks'] --- import kbnCoreLoggingBrowserMocksObj from './kbn_core_logging_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_common_internal.mdx b/api_docs/kbn_core_logging_common_internal.mdx index 8f5a9a49cfb7f..6be785521f4b1 100644 --- a/api_docs/kbn_core_logging_common_internal.mdx +++ b/api_docs/kbn_core_logging_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-common-internal title: "@kbn/core-logging-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-common-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-common-internal'] --- import kbnCoreLoggingCommonInternalObj from './kbn_core_logging_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server.mdx b/api_docs/kbn_core_logging_server.mdx index af41aa7559038..5fbda638427ff 100644 --- a/api_docs/kbn_core_logging_server.mdx +++ b/api_docs/kbn_core_logging_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server title: "@kbn/core-logging-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server'] --- import kbnCoreLoggingServerObj from './kbn_core_logging_server.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_internal.mdx b/api_docs/kbn_core_logging_server_internal.mdx index c2b11f471fef7..7df6828c40885 100644 --- a/api_docs/kbn_core_logging_server_internal.mdx +++ b/api_docs/kbn_core_logging_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-internal title: "@kbn/core-logging-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-internal'] --- import kbnCoreLoggingServerInternalObj from './kbn_core_logging_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_mocks.mdx b/api_docs/kbn_core_logging_server_mocks.mdx index 5460389b1e7d0..b409ba8d206f3 100644 --- a/api_docs/kbn_core_logging_server_mocks.mdx +++ b/api_docs/kbn_core_logging_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-mocks title: "@kbn/core-logging-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-mocks'] --- import kbnCoreLoggingServerMocksObj from './kbn_core_logging_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_internal.mdx b/api_docs/kbn_core_metrics_collectors_server_internal.mdx index e178cbaa1e626..d61be66e9d4a5 100644 --- a/api_docs/kbn_core_metrics_collectors_server_internal.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-internal title: "@kbn/core-metrics-collectors-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-internal'] --- import kbnCoreMetricsCollectorsServerInternalObj from './kbn_core_metrics_collectors_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx index 882ed6f848090..a0ff22b30f19d 100644 --- a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-mocks title: "@kbn/core-metrics-collectors-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-mocks'] --- import kbnCoreMetricsCollectorsServerMocksObj from './kbn_core_metrics_collectors_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server.mdx b/api_docs/kbn_core_metrics_server.mdx index 5d89b322df721..530de0043c591 100644 --- a/api_docs/kbn_core_metrics_server.mdx +++ b/api_docs/kbn_core_metrics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server title: "@kbn/core-metrics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server'] --- import kbnCoreMetricsServerObj from './kbn_core_metrics_server.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_internal.mdx b/api_docs/kbn_core_metrics_server_internal.mdx index 9ebac1eb04ffc..8e98ac9abf9ed 100644 --- a/api_docs/kbn_core_metrics_server_internal.mdx +++ b/api_docs/kbn_core_metrics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-internal title: "@kbn/core-metrics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-internal'] --- import kbnCoreMetricsServerInternalObj from './kbn_core_metrics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_mocks.mdx b/api_docs/kbn_core_metrics_server_mocks.mdx index 93380e0602c71..31c4059faaf8c 100644 --- a/api_docs/kbn_core_metrics_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-mocks title: "@kbn/core-metrics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-mocks'] --- import kbnCoreMetricsServerMocksObj from './kbn_core_metrics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_mount_utils_browser.mdx b/api_docs/kbn_core_mount_utils_browser.mdx index 645f220be703e..5a08ad6e8c54b 100644 --- a/api_docs/kbn_core_mount_utils_browser.mdx +++ b/api_docs/kbn_core_mount_utils_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-mount-utils-browser title: "@kbn/core-mount-utils-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-mount-utils-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-mount-utils-browser'] --- import kbnCoreMountUtilsBrowserObj from './kbn_core_mount_utils_browser.devdocs.json'; diff --git a/api_docs/kbn_core_node_server.mdx b/api_docs/kbn_core_node_server.mdx index e732f75fd7337..02784c7ce719d 100644 --- a/api_docs/kbn_core_node_server.mdx +++ b/api_docs/kbn_core_node_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server title: "@kbn/core-node-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server'] --- import kbnCoreNodeServerObj from './kbn_core_node_server.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_internal.mdx b/api_docs/kbn_core_node_server_internal.mdx index 7e4dc96cc7823..c267b3c51d2aa 100644 --- a/api_docs/kbn_core_node_server_internal.mdx +++ b/api_docs/kbn_core_node_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-internal title: "@kbn/core-node-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-internal'] --- import kbnCoreNodeServerInternalObj from './kbn_core_node_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_mocks.mdx b/api_docs/kbn_core_node_server_mocks.mdx index 88e2a7fb4ee14..7a5e9bf191bce 100644 --- a/api_docs/kbn_core_node_server_mocks.mdx +++ b/api_docs/kbn_core_node_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-mocks title: "@kbn/core-node-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-mocks'] --- import kbnCoreNodeServerMocksObj from './kbn_core_node_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser.mdx b/api_docs/kbn_core_notifications_browser.mdx index a08da2c740d7d..80d3af1a45f69 100644 --- a/api_docs/kbn_core_notifications_browser.mdx +++ b/api_docs/kbn_core_notifications_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser title: "@kbn/core-notifications-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser'] --- import kbnCoreNotificationsBrowserObj from './kbn_core_notifications_browser.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_internal.mdx b/api_docs/kbn_core_notifications_browser_internal.mdx index ab81c5cb42026..736b1ed0c9a2a 100644 --- a/api_docs/kbn_core_notifications_browser_internal.mdx +++ b/api_docs/kbn_core_notifications_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-internal title: "@kbn/core-notifications-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-internal'] --- import kbnCoreNotificationsBrowserInternalObj from './kbn_core_notifications_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_mocks.mdx b/api_docs/kbn_core_notifications_browser_mocks.mdx index 9b6c543db88ff..afc2ed420002e 100644 --- a/api_docs/kbn_core_notifications_browser_mocks.mdx +++ b/api_docs/kbn_core_notifications_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-mocks title: "@kbn/core-notifications-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-mocks'] --- import kbnCoreNotificationsBrowserMocksObj from './kbn_core_notifications_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser.mdx b/api_docs/kbn_core_overlays_browser.mdx index fd516c7117a71..2f5c05145c957 100644 --- a/api_docs/kbn_core_overlays_browser.mdx +++ b/api_docs/kbn_core_overlays_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser title: "@kbn/core-overlays-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser'] --- import kbnCoreOverlaysBrowserObj from './kbn_core_overlays_browser.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_internal.mdx b/api_docs/kbn_core_overlays_browser_internal.mdx index 459f33f442e64..3ffe1a9932e38 100644 --- a/api_docs/kbn_core_overlays_browser_internal.mdx +++ b/api_docs/kbn_core_overlays_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-internal title: "@kbn/core-overlays-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-internal'] --- import kbnCoreOverlaysBrowserInternalObj from './kbn_core_overlays_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_mocks.mdx b/api_docs/kbn_core_overlays_browser_mocks.mdx index 1226b68f959d8..c2ffa734b753d 100644 --- a/api_docs/kbn_core_overlays_browser_mocks.mdx +++ b/api_docs/kbn_core_overlays_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-mocks title: "@kbn/core-overlays-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-mocks'] --- import kbnCoreOverlaysBrowserMocksObj from './kbn_core_overlays_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser.mdx b/api_docs/kbn_core_plugins_browser.mdx index 4e681964ae875..331f91c4bf7f4 100644 --- a/api_docs/kbn_core_plugins_browser.mdx +++ b/api_docs/kbn_core_plugins_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser title: "@kbn/core-plugins-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser'] --- import kbnCorePluginsBrowserObj from './kbn_core_plugins_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser_mocks.mdx b/api_docs/kbn_core_plugins_browser_mocks.mdx index 68d6ecfff7548..e91da1f10ac6c 100644 --- a/api_docs/kbn_core_plugins_browser_mocks.mdx +++ b/api_docs/kbn_core_plugins_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser-mocks title: "@kbn/core-plugins-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser-mocks'] --- import kbnCorePluginsBrowserMocksObj from './kbn_core_plugins_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_browser.mdx b/api_docs/kbn_core_plugins_contracts_browser.mdx index 81f27aba7417b..f19bee48cd072 100644 --- a/api_docs/kbn_core_plugins_contracts_browser.mdx +++ b/api_docs/kbn_core_plugins_contracts_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-browser title: "@kbn/core-plugins-contracts-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-browser'] --- import kbnCorePluginsContractsBrowserObj from './kbn_core_plugins_contracts_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_server.mdx b/api_docs/kbn_core_plugins_contracts_server.mdx index 31080f4c27ce8..4dda3179e08d8 100644 --- a/api_docs/kbn_core_plugins_contracts_server.mdx +++ b/api_docs/kbn_core_plugins_contracts_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-server title: "@kbn/core-plugins-contracts-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-server'] --- import kbnCorePluginsContractsServerObj from './kbn_core_plugins_contracts_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server.mdx b/api_docs/kbn_core_plugins_server.mdx index 382a328df52f0..e43c863367b03 100644 --- a/api_docs/kbn_core_plugins_server.mdx +++ b/api_docs/kbn_core_plugins_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server title: "@kbn/core-plugins-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server'] --- import kbnCorePluginsServerObj from './kbn_core_plugins_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server_mocks.mdx b/api_docs/kbn_core_plugins_server_mocks.mdx index 45e39955d7aa3..7126f822719ac 100644 --- a/api_docs/kbn_core_plugins_server_mocks.mdx +++ b/api_docs/kbn_core_plugins_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server-mocks title: "@kbn/core-plugins-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server-mocks'] --- import kbnCorePluginsServerMocksObj from './kbn_core_plugins_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server.mdx b/api_docs/kbn_core_preboot_server.mdx index 5a3ed19e6ed5e..60ca129133b24 100644 --- a/api_docs/kbn_core_preboot_server.mdx +++ b/api_docs/kbn_core_preboot_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server title: "@kbn/core-preboot-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server'] --- import kbnCorePrebootServerObj from './kbn_core_preboot_server.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server_mocks.mdx b/api_docs/kbn_core_preboot_server_mocks.mdx index 1bb565f751ef1..24a9342d5a678 100644 --- a/api_docs/kbn_core_preboot_server_mocks.mdx +++ b/api_docs/kbn_core_preboot_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server-mocks title: "@kbn/core-preboot-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server-mocks'] --- import kbnCorePrebootServerMocksObj from './kbn_core_preboot_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_browser_mocks.mdx b/api_docs/kbn_core_rendering_browser_mocks.mdx index 292836231e289..10160a2967e71 100644 --- a/api_docs/kbn_core_rendering_browser_mocks.mdx +++ b/api_docs/kbn_core_rendering_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-browser-mocks title: "@kbn/core-rendering-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-browser-mocks'] --- import kbnCoreRenderingBrowserMocksObj from './kbn_core_rendering_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_internal.mdx b/api_docs/kbn_core_rendering_server_internal.mdx index 9a0ae548fc7be..69b558602c886 100644 --- a/api_docs/kbn_core_rendering_server_internal.mdx +++ b/api_docs/kbn_core_rendering_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-internal title: "@kbn/core-rendering-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-internal'] --- import kbnCoreRenderingServerInternalObj from './kbn_core_rendering_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_mocks.mdx b/api_docs/kbn_core_rendering_server_mocks.mdx index 3e6ba9697a690..cf3e1c0866b29 100644 --- a/api_docs/kbn_core_rendering_server_mocks.mdx +++ b/api_docs/kbn_core_rendering_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-mocks title: "@kbn/core-rendering-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-mocks'] --- import kbnCoreRenderingServerMocksObj from './kbn_core_rendering_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_root_server_internal.mdx b/api_docs/kbn_core_root_server_internal.mdx index e7c73925f30b9..0b0a7d5bd13c8 100644 --- a/api_docs/kbn_core_root_server_internal.mdx +++ b/api_docs/kbn_core_root_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-root-server-internal title: "@kbn/core-root-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-root-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-root-server-internal'] --- import kbnCoreRootServerInternalObj from './kbn_core_root_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_browser.mdx b/api_docs/kbn_core_saved_objects_api_browser.mdx index 7a9ea17c278d2..309c558ce9318 100644 --- a/api_docs/kbn_core_saved_objects_api_browser.mdx +++ b/api_docs/kbn_core_saved_objects_api_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-browser title: "@kbn/core-saved-objects-api-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-browser'] --- import kbnCoreSavedObjectsApiBrowserObj from './kbn_core_saved_objects_api_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server.mdx b/api_docs/kbn_core_saved_objects_api_server.mdx index e42b8d49a5a68..a609abf7602e7 100644 --- a/api_docs/kbn_core_saved_objects_api_server.mdx +++ b/api_docs/kbn_core_saved_objects_api_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server title: "@kbn/core-saved-objects-api-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server'] --- import kbnCoreSavedObjectsApiServerObj from './kbn_core_saved_objects_api_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx index 2c98d7aaeca06..e708581e009af 100644 --- a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server-mocks title: "@kbn/core-saved-objects-api-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server-mocks'] --- import kbnCoreSavedObjectsApiServerMocksObj from './kbn_core_saved_objects_api_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_internal.mdx b/api_docs/kbn_core_saved_objects_base_server_internal.mdx index 42f8be8f40236..5ef725ee9ab40 100644 --- a/api_docs/kbn_core_saved_objects_base_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-internal title: "@kbn/core-saved-objects-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-internal'] --- import kbnCoreSavedObjectsBaseServerInternalObj from './kbn_core_saved_objects_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx index f9df6295a260f..0fa8a985d4dd8 100644 --- a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-mocks title: "@kbn/core-saved-objects-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-mocks'] --- import kbnCoreSavedObjectsBaseServerMocksObj from './kbn_core_saved_objects_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser.mdx b/api_docs/kbn_core_saved_objects_browser.mdx index 4e03077757855..b85f34fceaa18 100644 --- a/api_docs/kbn_core_saved_objects_browser.mdx +++ b/api_docs/kbn_core_saved_objects_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser title: "@kbn/core-saved-objects-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser'] --- import kbnCoreSavedObjectsBrowserObj from './kbn_core_saved_objects_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_internal.mdx b/api_docs/kbn_core_saved_objects_browser_internal.mdx index fc94e168b3ab4..c82f9fb065933 100644 --- a/api_docs/kbn_core_saved_objects_browser_internal.mdx +++ b/api_docs/kbn_core_saved_objects_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-internal title: "@kbn/core-saved-objects-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-internal'] --- import kbnCoreSavedObjectsBrowserInternalObj from './kbn_core_saved_objects_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_mocks.mdx b/api_docs/kbn_core_saved_objects_browser_mocks.mdx index 38fc0e600f1bb..c7bb08a67399c 100644 --- a/api_docs/kbn_core_saved_objects_browser_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-mocks title: "@kbn/core-saved-objects-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-mocks'] --- import kbnCoreSavedObjectsBrowserMocksObj from './kbn_core_saved_objects_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_common.mdx b/api_docs/kbn_core_saved_objects_common.mdx index 3f407c5547c1f..f2545251537ae 100644 --- a/api_docs/kbn_core_saved_objects_common.mdx +++ b/api_docs/kbn_core_saved_objects_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-common title: "@kbn/core-saved-objects-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-common'] --- import kbnCoreSavedObjectsCommonObj from './kbn_core_saved_objects_common.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx index b90444ec407d4..781d2095018b4 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-internal title: "@kbn/core-saved-objects-import-export-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-internal'] --- import kbnCoreSavedObjectsImportExportServerInternalObj from './kbn_core_saved_objects_import_export_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx index 87141463e752d..79d015f2c125d 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-mocks title: "@kbn/core-saved-objects-import-export-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-mocks'] --- import kbnCoreSavedObjectsImportExportServerMocksObj from './kbn_core_saved_objects_import_export_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx index 0c3b4dcc42756..028db3c5261fb 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-internal title: "@kbn/core-saved-objects-migration-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-internal'] --- import kbnCoreSavedObjectsMigrationServerInternalObj from './kbn_core_saved_objects_migration_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx index fdbe2bbfc655a..ce791980c09ed 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-mocks title: "@kbn/core-saved-objects-migration-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-mocks'] --- import kbnCoreSavedObjectsMigrationServerMocksObj from './kbn_core_saved_objects_migration_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server.mdx b/api_docs/kbn_core_saved_objects_server.mdx index b6774178cd0c2..594679420732f 100644 --- a/api_docs/kbn_core_saved_objects_server.mdx +++ b/api_docs/kbn_core_saved_objects_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server title: "@kbn/core-saved-objects-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server'] --- import kbnCoreSavedObjectsServerObj from './kbn_core_saved_objects_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_internal.mdx b/api_docs/kbn_core_saved_objects_server_internal.mdx index 5b64b4a42ffd8..ae4e0f437aabd 100644 --- a/api_docs/kbn_core_saved_objects_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-internal title: "@kbn/core-saved-objects-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-internal'] --- import kbnCoreSavedObjectsServerInternalObj from './kbn_core_saved_objects_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_mocks.mdx b/api_docs/kbn_core_saved_objects_server_mocks.mdx index b1b69fea36455..b53eb72fa03b5 100644 --- a/api_docs/kbn_core_saved_objects_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-mocks title: "@kbn/core-saved-objects-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-mocks'] --- import kbnCoreSavedObjectsServerMocksObj from './kbn_core_saved_objects_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_utils_server.mdx b/api_docs/kbn_core_saved_objects_utils_server.mdx index 519fd3e1548ca..933e6ec6c02df 100644 --- a/api_docs/kbn_core_saved_objects_utils_server.mdx +++ b/api_docs/kbn_core_saved_objects_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-utils-server title: "@kbn/core-saved-objects-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-utils-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-utils-server'] --- import kbnCoreSavedObjectsUtilsServerObj from './kbn_core_saved_objects_utils_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser.mdx b/api_docs/kbn_core_security_browser.mdx index 837c12032788e..d84d2e403efca 100644 --- a/api_docs/kbn_core_security_browser.mdx +++ b/api_docs/kbn_core_security_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser title: "@kbn/core-security-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser'] --- import kbnCoreSecurityBrowserObj from './kbn_core_security_browser.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_internal.mdx b/api_docs/kbn_core_security_browser_internal.mdx index 1e44be330b342..b3968ed953bce 100644 --- a/api_docs/kbn_core_security_browser_internal.mdx +++ b/api_docs/kbn_core_security_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-internal title: "@kbn/core-security-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-internal'] --- import kbnCoreSecurityBrowserInternalObj from './kbn_core_security_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_mocks.mdx b/api_docs/kbn_core_security_browser_mocks.mdx index 8bd0f75be9426..d0d0854b6e6d4 100644 --- a/api_docs/kbn_core_security_browser_mocks.mdx +++ b/api_docs/kbn_core_security_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-mocks title: "@kbn/core-security-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-mocks'] --- import kbnCoreSecurityBrowserMocksObj from './kbn_core_security_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_security_common.mdx b/api_docs/kbn_core_security_common.mdx index 9f95066d6ccdc..d626994ebfcc1 100644 --- a/api_docs/kbn_core_security_common.mdx +++ b/api_docs/kbn_core_security_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-common title: "@kbn/core-security-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-common'] --- import kbnCoreSecurityCommonObj from './kbn_core_security_common.devdocs.json'; diff --git a/api_docs/kbn_core_security_server.mdx b/api_docs/kbn_core_security_server.mdx index d4cf19a1d3cf4..299cc88feb601 100644 --- a/api_docs/kbn_core_security_server.mdx +++ b/api_docs/kbn_core_security_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server title: "@kbn/core-security-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server'] --- import kbnCoreSecurityServerObj from './kbn_core_security_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_internal.mdx b/api_docs/kbn_core_security_server_internal.mdx index b56f03ae38958..5688d6ea29bbf 100644 --- a/api_docs/kbn_core_security_server_internal.mdx +++ b/api_docs/kbn_core_security_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-internal title: "@kbn/core-security-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-internal'] --- import kbnCoreSecurityServerInternalObj from './kbn_core_security_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_mocks.mdx b/api_docs/kbn_core_security_server_mocks.mdx index 18137e9a1722e..98e8ffa3b3d97 100644 --- a/api_docs/kbn_core_security_server_mocks.mdx +++ b/api_docs/kbn_core_security_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-mocks title: "@kbn/core-security-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-mocks'] --- import kbnCoreSecurityServerMocksObj from './kbn_core_security_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_status_common.mdx b/api_docs/kbn_core_status_common.mdx index bec498fe6462a..f1871608d728f 100644 --- a/api_docs/kbn_core_status_common.mdx +++ b/api_docs/kbn_core_status_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common title: "@kbn/core-status-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common'] --- import kbnCoreStatusCommonObj from './kbn_core_status_common.devdocs.json'; diff --git a/api_docs/kbn_core_status_common_internal.mdx b/api_docs/kbn_core_status_common_internal.mdx index 5bc8a2e17d630..49a5aebb95f10 100644 --- a/api_docs/kbn_core_status_common_internal.mdx +++ b/api_docs/kbn_core_status_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common-internal title: "@kbn/core-status-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common-internal'] --- import kbnCoreStatusCommonInternalObj from './kbn_core_status_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server.mdx b/api_docs/kbn_core_status_server.mdx index 274dc2618893a..2dee59e6983f3 100644 --- a/api_docs/kbn_core_status_server.mdx +++ b/api_docs/kbn_core_status_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server title: "@kbn/core-status-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server'] --- import kbnCoreStatusServerObj from './kbn_core_status_server.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_internal.mdx b/api_docs/kbn_core_status_server_internal.mdx index ddf250463d140..402dcbfc2d281 100644 --- a/api_docs/kbn_core_status_server_internal.mdx +++ b/api_docs/kbn_core_status_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-internal title: "@kbn/core-status-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-internal'] --- import kbnCoreStatusServerInternalObj from './kbn_core_status_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_mocks.mdx b/api_docs/kbn_core_status_server_mocks.mdx index f9633bbe372f6..587624d5a1bc5 100644 --- a/api_docs/kbn_core_status_server_mocks.mdx +++ b/api_docs/kbn_core_status_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-mocks title: "@kbn/core-status-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-mocks'] --- import kbnCoreStatusServerMocksObj from './kbn_core_status_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx index 6c488038f7120..3addae91cc20b 100644 --- a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx +++ b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-deprecations-getters title: "@kbn/core-test-helpers-deprecations-getters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-deprecations-getters plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-deprecations-getters'] --- import kbnCoreTestHelpersDeprecationsGettersObj from './kbn_core_test_helpers_deprecations_getters.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx index fb672b7432a8d..de5e8575ef6b3 100644 --- a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx +++ b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-http-setup-browser title: "@kbn/core-test-helpers-http-setup-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-http-setup-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-http-setup-browser'] --- import kbnCoreTestHelpersHttpSetupBrowserObj from './kbn_core_test_helpers_http_setup_browser.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_kbn_server.mdx b/api_docs/kbn_core_test_helpers_kbn_server.mdx index b05b5a397de4a..56a2d343acb6e 100644 --- a/api_docs/kbn_core_test_helpers_kbn_server.mdx +++ b/api_docs/kbn_core_test_helpers_kbn_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-kbn-server title: "@kbn/core-test-helpers-kbn-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-kbn-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-kbn-server'] --- import kbnCoreTestHelpersKbnServerObj from './kbn_core_test_helpers_kbn_server.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_model_versions.mdx b/api_docs/kbn_core_test_helpers_model_versions.mdx index e794a276aeb12..947791ceb6cae 100644 --- a/api_docs/kbn_core_test_helpers_model_versions.mdx +++ b/api_docs/kbn_core_test_helpers_model_versions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-model-versions title: "@kbn/core-test-helpers-model-versions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-model-versions plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-model-versions'] --- import kbnCoreTestHelpersModelVersionsObj from './kbn_core_test_helpers_model_versions.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx index af83842d5f64c..62af46d086f92 100644 --- a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx +++ b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-so-type-serializer title: "@kbn/core-test-helpers-so-type-serializer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-so-type-serializer plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-so-type-serializer'] --- import kbnCoreTestHelpersSoTypeSerializerObj from './kbn_core_test_helpers_so_type_serializer.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_test_utils.mdx b/api_docs/kbn_core_test_helpers_test_utils.mdx index 4e44d559fb2ac..e39e2c5a2e491 100644 --- a/api_docs/kbn_core_test_helpers_test_utils.mdx +++ b/api_docs/kbn_core_test_helpers_test_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-test-utils title: "@kbn/core-test-helpers-test-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-test-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-test-utils'] --- import kbnCoreTestHelpersTestUtilsObj from './kbn_core_test_helpers_test_utils.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser.mdx b/api_docs/kbn_core_theme_browser.mdx index e7ce9c2631ce7..96d4e4b50ba95 100644 --- a/api_docs/kbn_core_theme_browser.mdx +++ b/api_docs/kbn_core_theme_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser title: "@kbn/core-theme-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser'] --- import kbnCoreThemeBrowserObj from './kbn_core_theme_browser.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser_mocks.mdx b/api_docs/kbn_core_theme_browser_mocks.mdx index 9ce26dc434533..100b3d39141dd 100644 --- a/api_docs/kbn_core_theme_browser_mocks.mdx +++ b/api_docs/kbn_core_theme_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser-mocks title: "@kbn/core-theme-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser-mocks'] --- import kbnCoreThemeBrowserMocksObj from './kbn_core_theme_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser.mdx b/api_docs/kbn_core_ui_settings_browser.mdx index 1ccf840a147c3..a0ade194dc49f 100644 --- a/api_docs/kbn_core_ui_settings_browser.mdx +++ b/api_docs/kbn_core_ui_settings_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser title: "@kbn/core-ui-settings-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser'] --- import kbnCoreUiSettingsBrowserObj from './kbn_core_ui_settings_browser.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_internal.mdx b/api_docs/kbn_core_ui_settings_browser_internal.mdx index c065366d3ff94..b760ba42d3f7b 100644 --- a/api_docs/kbn_core_ui_settings_browser_internal.mdx +++ b/api_docs/kbn_core_ui_settings_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-internal title: "@kbn/core-ui-settings-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-internal'] --- import kbnCoreUiSettingsBrowserInternalObj from './kbn_core_ui_settings_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_mocks.mdx b/api_docs/kbn_core_ui_settings_browser_mocks.mdx index 03e6de6d226d8..fb17694a3bbf4 100644 --- a/api_docs/kbn_core_ui_settings_browser_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-mocks title: "@kbn/core-ui-settings-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-mocks'] --- import kbnCoreUiSettingsBrowserMocksObj from './kbn_core_ui_settings_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_common.mdx b/api_docs/kbn_core_ui_settings_common.mdx index 004417e795bbc..3b9167822ecce 100644 --- a/api_docs/kbn_core_ui_settings_common.mdx +++ b/api_docs/kbn_core_ui_settings_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-common title: "@kbn/core-ui-settings-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-common'] --- import kbnCoreUiSettingsCommonObj from './kbn_core_ui_settings_common.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server.mdx b/api_docs/kbn_core_ui_settings_server.mdx index bdbdfb5f41c18..73be4ba662ba3 100644 --- a/api_docs/kbn_core_ui_settings_server.mdx +++ b/api_docs/kbn_core_ui_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server title: "@kbn/core-ui-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server'] --- import kbnCoreUiSettingsServerObj from './kbn_core_ui_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_internal.mdx b/api_docs/kbn_core_ui_settings_server_internal.mdx index 31b128008d374..27b8b39f22210 100644 --- a/api_docs/kbn_core_ui_settings_server_internal.mdx +++ b/api_docs/kbn_core_ui_settings_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-internal title: "@kbn/core-ui-settings-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-internal'] --- import kbnCoreUiSettingsServerInternalObj from './kbn_core_ui_settings_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_mocks.mdx b/api_docs/kbn_core_ui_settings_server_mocks.mdx index 34cb8287a96e1..9321c70959802 100644 --- a/api_docs/kbn_core_ui_settings_server_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-mocks title: "@kbn/core-ui-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-mocks'] --- import kbnCoreUiSettingsServerMocksObj from './kbn_core_ui_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server.mdx b/api_docs/kbn_core_usage_data_server.mdx index 1ca6c0d2af7e3..4597e28f87b8a 100644 --- a/api_docs/kbn_core_usage_data_server.mdx +++ b/api_docs/kbn_core_usage_data_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server title: "@kbn/core-usage-data-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server'] --- import kbnCoreUsageDataServerObj from './kbn_core_usage_data_server.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_internal.mdx b/api_docs/kbn_core_usage_data_server_internal.mdx index ffe51df1768bb..8d0afabeaaac2 100644 --- a/api_docs/kbn_core_usage_data_server_internal.mdx +++ b/api_docs/kbn_core_usage_data_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-internal title: "@kbn/core-usage-data-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-internal'] --- import kbnCoreUsageDataServerInternalObj from './kbn_core_usage_data_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_mocks.mdx b/api_docs/kbn_core_usage_data_server_mocks.mdx index ecfd482c79876..e8bf5cbe3661c 100644 --- a/api_docs/kbn_core_usage_data_server_mocks.mdx +++ b/api_docs/kbn_core_usage_data_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-mocks title: "@kbn/core-usage-data-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-mocks'] --- import kbnCoreUsageDataServerMocksObj from './kbn_core_usage_data_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser.mdx b/api_docs/kbn_core_user_profile_browser.mdx index 5841c4cf69c49..696f252dad7e7 100644 --- a/api_docs/kbn_core_user_profile_browser.mdx +++ b/api_docs/kbn_core_user_profile_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser title: "@kbn/core-user-profile-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser'] --- import kbnCoreUserProfileBrowserObj from './kbn_core_user_profile_browser.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_internal.mdx b/api_docs/kbn_core_user_profile_browser_internal.mdx index 93357f0872c00..0ffdc2a445247 100644 --- a/api_docs/kbn_core_user_profile_browser_internal.mdx +++ b/api_docs/kbn_core_user_profile_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-internal title: "@kbn/core-user-profile-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-internal'] --- import kbnCoreUserProfileBrowserInternalObj from './kbn_core_user_profile_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_mocks.mdx b/api_docs/kbn_core_user_profile_browser_mocks.mdx index c4fe0be939dd1..ebae6b16abbd7 100644 --- a/api_docs/kbn_core_user_profile_browser_mocks.mdx +++ b/api_docs/kbn_core_user_profile_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-mocks title: "@kbn/core-user-profile-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-mocks'] --- import kbnCoreUserProfileBrowserMocksObj from './kbn_core_user_profile_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_common.mdx b/api_docs/kbn_core_user_profile_common.mdx index cb25813de2de2..b515d4a51064f 100644 --- a/api_docs/kbn_core_user_profile_common.mdx +++ b/api_docs/kbn_core_user_profile_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-common title: "@kbn/core-user-profile-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-common'] --- import kbnCoreUserProfileCommonObj from './kbn_core_user_profile_common.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server.mdx b/api_docs/kbn_core_user_profile_server.mdx index 002034cffd15e..fcc903e125836 100644 --- a/api_docs/kbn_core_user_profile_server.mdx +++ b/api_docs/kbn_core_user_profile_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server title: "@kbn/core-user-profile-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server'] --- import kbnCoreUserProfileServerObj from './kbn_core_user_profile_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_internal.mdx b/api_docs/kbn_core_user_profile_server_internal.mdx index a71dc8502b04c..069dfd9617928 100644 --- a/api_docs/kbn_core_user_profile_server_internal.mdx +++ b/api_docs/kbn_core_user_profile_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-internal title: "@kbn/core-user-profile-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-internal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-internal'] --- import kbnCoreUserProfileServerInternalObj from './kbn_core_user_profile_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_mocks.mdx b/api_docs/kbn_core_user_profile_server_mocks.mdx index 9a50305b08901..ff9423e85ef3b 100644 --- a/api_docs/kbn_core_user_profile_server_mocks.mdx +++ b/api_docs/kbn_core_user_profile_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-mocks title: "@kbn/core-user-profile-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-mocks'] --- import kbnCoreUserProfileServerMocksObj from './kbn_core_user_profile_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server.mdx b/api_docs/kbn_core_user_settings_server.mdx index 152cf89d8c983..3a5896d7b9354 100644 --- a/api_docs/kbn_core_user_settings_server.mdx +++ b/api_docs/kbn_core_user_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server title: "@kbn/core-user-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server'] --- import kbnCoreUserSettingsServerObj from './kbn_core_user_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server_mocks.mdx b/api_docs/kbn_core_user_settings_server_mocks.mdx index 8fb8d2e62138e..8342a8b987325 100644 --- a/api_docs/kbn_core_user_settings_server_mocks.mdx +++ b/api_docs/kbn_core_user_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server-mocks title: "@kbn/core-user-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server-mocks'] --- import kbnCoreUserSettingsServerMocksObj from './kbn_core_user_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_crypto.mdx b/api_docs/kbn_crypto.mdx index 1598b7de796f3..f3138f5bd215b 100644 --- a/api_docs/kbn_crypto.mdx +++ b/api_docs/kbn_crypto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto title: "@kbn/crypto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto'] --- import kbnCryptoObj from './kbn_crypto.devdocs.json'; diff --git a/api_docs/kbn_crypto_browser.mdx b/api_docs/kbn_crypto_browser.mdx index b3afdaeb5845f..4a2bbd73cb4cd 100644 --- a/api_docs/kbn_crypto_browser.mdx +++ b/api_docs/kbn_crypto_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto-browser title: "@kbn/crypto-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto-browser'] --- import kbnCryptoBrowserObj from './kbn_crypto_browser.devdocs.json'; diff --git a/api_docs/kbn_custom_icons.mdx b/api_docs/kbn_custom_icons.mdx index 7d779d13692d3..e87adb3748950 100644 --- a/api_docs/kbn_custom_icons.mdx +++ b/api_docs/kbn_custom_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-icons title: "@kbn/custom-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-icons plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-icons'] --- import kbnCustomIconsObj from './kbn_custom_icons.devdocs.json'; diff --git a/api_docs/kbn_custom_integrations.mdx b/api_docs/kbn_custom_integrations.mdx index 8269e3cfe0635..d7df137332a95 100644 --- a/api_docs/kbn_custom_integrations.mdx +++ b/api_docs/kbn_custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-integrations title: "@kbn/custom-integrations" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-integrations plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-integrations'] --- import kbnCustomIntegrationsObj from './kbn_custom_integrations.devdocs.json'; diff --git a/api_docs/kbn_cypress_config.mdx b/api_docs/kbn_cypress_config.mdx index 01699825414b5..a692461e615d6 100644 --- a/api_docs/kbn_cypress_config.mdx +++ b/api_docs/kbn_cypress_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cypress-config title: "@kbn/cypress-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cypress-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cypress-config'] --- import kbnCypressConfigObj from './kbn_cypress_config.devdocs.json'; diff --git a/api_docs/kbn_data_forge.mdx b/api_docs/kbn_data_forge.mdx index 00382a2c4b193..ae8832af213d2 100644 --- a/api_docs/kbn_data_forge.mdx +++ b/api_docs/kbn_data_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-forge title: "@kbn/data-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-forge plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-forge'] --- import kbnDataForgeObj from './kbn_data_forge.devdocs.json'; diff --git a/api_docs/kbn_data_service.mdx b/api_docs/kbn_data_service.mdx index 85ee79091aab5..cfe809c8edf57 100644 --- a/api_docs/kbn_data_service.mdx +++ b/api_docs/kbn_data_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-service title: "@kbn/data-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-service plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-service'] --- import kbnDataServiceObj from './kbn_data_service.devdocs.json'; diff --git a/api_docs/kbn_data_stream_adapter.mdx b/api_docs/kbn_data_stream_adapter.mdx index d31c2d3632902..b54eccd484701 100644 --- a/api_docs/kbn_data_stream_adapter.mdx +++ b/api_docs/kbn_data_stream_adapter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-stream-adapter title: "@kbn/data-stream-adapter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-stream-adapter plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-stream-adapter'] --- import kbnDataStreamAdapterObj from './kbn_data_stream_adapter.devdocs.json'; diff --git a/api_docs/kbn_data_view_utils.mdx b/api_docs/kbn_data_view_utils.mdx index 00e06a609cfdf..0d88da1c80548 100644 --- a/api_docs/kbn_data_view_utils.mdx +++ b/api_docs/kbn_data_view_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-view-utils title: "@kbn/data-view-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-view-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-view-utils'] --- import kbnDataViewUtilsObj from './kbn_data_view_utils.devdocs.json'; diff --git a/api_docs/kbn_datemath.mdx b/api_docs/kbn_datemath.mdx index 0c0c754c270cf..dc589862d7278 100644 --- a/api_docs/kbn_datemath.mdx +++ b/api_docs/kbn_datemath.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-datemath title: "@kbn/datemath" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/datemath plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/datemath'] --- import kbnDatemathObj from './kbn_datemath.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_analytics.mdx b/api_docs/kbn_deeplinks_analytics.mdx index e0f57c4c2cda5..c6abd45474915 100644 --- a/api_docs/kbn_deeplinks_analytics.mdx +++ b/api_docs/kbn_deeplinks_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-analytics title: "@kbn/deeplinks-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-analytics plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-analytics'] --- import kbnDeeplinksAnalyticsObj from './kbn_deeplinks_analytics.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_devtools.mdx b/api_docs/kbn_deeplinks_devtools.mdx index e71198d238f66..94c60229a108b 100644 --- a/api_docs/kbn_deeplinks_devtools.mdx +++ b/api_docs/kbn_deeplinks_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-devtools title: "@kbn/deeplinks-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-devtools plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-devtools'] --- import kbnDeeplinksDevtoolsObj from './kbn_deeplinks_devtools.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_fleet.mdx b/api_docs/kbn_deeplinks_fleet.mdx index 0b51dea6a84b9..873c5768789b4 100644 --- a/api_docs/kbn_deeplinks_fleet.mdx +++ b/api_docs/kbn_deeplinks_fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-fleet title: "@kbn/deeplinks-fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-fleet plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-fleet'] --- import kbnDeeplinksFleetObj from './kbn_deeplinks_fleet.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_management.mdx b/api_docs/kbn_deeplinks_management.mdx index 7a249f3a4ebff..c76d3bcb8d2f7 100644 --- a/api_docs/kbn_deeplinks_management.mdx +++ b/api_docs/kbn_deeplinks_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-management title: "@kbn/deeplinks-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-management plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-management'] --- import kbnDeeplinksManagementObj from './kbn_deeplinks_management.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_ml.mdx b/api_docs/kbn_deeplinks_ml.mdx index 74422525d97c8..d05ec31a86b8c 100644 --- a/api_docs/kbn_deeplinks_ml.mdx +++ b/api_docs/kbn_deeplinks_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-ml title: "@kbn/deeplinks-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-ml plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-ml'] --- import kbnDeeplinksMlObj from './kbn_deeplinks_ml.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_observability.mdx b/api_docs/kbn_deeplinks_observability.mdx index 5154ce9cbe022..ade73e0c6af2f 100644 --- a/api_docs/kbn_deeplinks_observability.mdx +++ b/api_docs/kbn_deeplinks_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-observability title: "@kbn/deeplinks-observability" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-observability plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-observability'] --- import kbnDeeplinksObservabilityObj from './kbn_deeplinks_observability.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_search.mdx b/api_docs/kbn_deeplinks_search.mdx index 3b540c0d038a8..a4fd365ef9d00 100644 --- a/api_docs/kbn_deeplinks_search.mdx +++ b/api_docs/kbn_deeplinks_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-search title: "@kbn/deeplinks-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-search plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-search'] --- import kbnDeeplinksSearchObj from './kbn_deeplinks_search.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_security.mdx b/api_docs/kbn_deeplinks_security.mdx index 7a970ab816c93..c1d7721c05830 100644 --- a/api_docs/kbn_deeplinks_security.mdx +++ b/api_docs/kbn_deeplinks_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-security title: "@kbn/deeplinks-security" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-security plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-security'] --- import kbnDeeplinksSecurityObj from './kbn_deeplinks_security.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_shared.mdx b/api_docs/kbn_deeplinks_shared.mdx index 2dafa43580e1a..fe310f0fde92e 100644 --- a/api_docs/kbn_deeplinks_shared.mdx +++ b/api_docs/kbn_deeplinks_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-shared title: "@kbn/deeplinks-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-shared plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-shared'] --- import kbnDeeplinksSharedObj from './kbn_deeplinks_shared.devdocs.json'; diff --git a/api_docs/kbn_default_nav_analytics.mdx b/api_docs/kbn_default_nav_analytics.mdx index 135210ce4690f..a4baea4b5f448 100644 --- a/api_docs/kbn_default_nav_analytics.mdx +++ b/api_docs/kbn_default_nav_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-analytics title: "@kbn/default-nav-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-analytics plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-analytics'] --- import kbnDefaultNavAnalyticsObj from './kbn_default_nav_analytics.devdocs.json'; diff --git a/api_docs/kbn_default_nav_devtools.mdx b/api_docs/kbn_default_nav_devtools.mdx index 2fcf7fff7348a..64249431ef31a 100644 --- a/api_docs/kbn_default_nav_devtools.mdx +++ b/api_docs/kbn_default_nav_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-devtools title: "@kbn/default-nav-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-devtools plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-devtools'] --- import kbnDefaultNavDevtoolsObj from './kbn_default_nav_devtools.devdocs.json'; diff --git a/api_docs/kbn_default_nav_management.mdx b/api_docs/kbn_default_nav_management.mdx index 5111a620e9e8c..e235a1bc75cc2 100644 --- a/api_docs/kbn_default_nav_management.mdx +++ b/api_docs/kbn_default_nav_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-management title: "@kbn/default-nav-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-management plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-management'] --- import kbnDefaultNavManagementObj from './kbn_default_nav_management.devdocs.json'; diff --git a/api_docs/kbn_default_nav_ml.mdx b/api_docs/kbn_default_nav_ml.mdx index 0ccd754455279..8c8b9d3173808 100644 --- a/api_docs/kbn_default_nav_ml.mdx +++ b/api_docs/kbn_default_nav_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-ml title: "@kbn/default-nav-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-ml plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-ml'] --- import kbnDefaultNavMlObj from './kbn_default_nav_ml.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_errors.mdx b/api_docs/kbn_dev_cli_errors.mdx index 040a1d23f8b58..42528ac8c24e7 100644 --- a/api_docs/kbn_dev_cli_errors.mdx +++ b/api_docs/kbn_dev_cli_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-errors title: "@kbn/dev-cli-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-errors plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-errors'] --- import kbnDevCliErrorsObj from './kbn_dev_cli_errors.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_runner.mdx b/api_docs/kbn_dev_cli_runner.mdx index 0fb79ffc336e7..2e43f5d965680 100644 --- a/api_docs/kbn_dev_cli_runner.mdx +++ b/api_docs/kbn_dev_cli_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-runner title: "@kbn/dev-cli-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-runner plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-runner'] --- import kbnDevCliRunnerObj from './kbn_dev_cli_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_proc_runner.mdx b/api_docs/kbn_dev_proc_runner.mdx index f5d4248ea2400..3b1ac9bf8ae1b 100644 --- a/api_docs/kbn_dev_proc_runner.mdx +++ b/api_docs/kbn_dev_proc_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-proc-runner title: "@kbn/dev-proc-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-proc-runner plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-proc-runner'] --- import kbnDevProcRunnerObj from './kbn_dev_proc_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_utils.mdx b/api_docs/kbn_dev_utils.mdx index 29765396edb02..fe3dac4a5c7a2 100644 --- a/api_docs/kbn_dev_utils.mdx +++ b/api_docs/kbn_dev_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-utils title: "@kbn/dev-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-utils'] --- import kbnDevUtilsObj from './kbn_dev_utils.devdocs.json'; diff --git a/api_docs/kbn_discover_utils.devdocs.json b/api_docs/kbn_discover_utils.devdocs.json index fff4f4ef79982..6fdce1d53b5e2 100644 --- a/api_docs/kbn_discover_utils.devdocs.json +++ b/api_docs/kbn_discover_utils.devdocs.json @@ -279,6 +279,56 @@ "returnComment": [], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/discover-utils", + "id": "def-common.calcFieldCounts", + "type": "Function", + "tags": [], + "label": "calcFieldCounts", + "description": [ + "\nThis function is calculating stats of the available fields, for usage in sidebar and sharing\nNote that this values aren't displayed, but used for internal calculations" + ], + "signature": [ + "(rows: ", + { + "pluginId": "@kbn/discover-utils", + "scope": "common", + "docId": "kibKbnDiscoverUtilsPluginApi", + "section": "def-common.DataTableRecord", + "text": "DataTableRecord" + }, + "[] | undefined) => Record" + ], + "path": "packages/kbn-discover-utils/src/utils/calc_field_counts.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/discover-utils", + "id": "def-common.calcFieldCounts.$1", + "type": "Array", + "tags": [], + "label": "rows", + "description": [], + "signature": [ + { + "pluginId": "@kbn/discover-utils", + "scope": "common", + "docId": "kibKbnDiscoverUtilsPluginApi", + "section": "def-common.DataTableRecord", + "text": "DataTableRecord" + }, + "[] | undefined" + ], + "path": "packages/kbn-discover-utils/src/utils/calc_field_counts.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": false + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/discover-utils", "id": "def-common.createLogsContextService", diff --git a/api_docs/kbn_discover_utils.mdx b/api_docs/kbn_discover_utils.mdx index cf6c05a4f0d6d..53dccec4d6cda 100644 --- a/api_docs/kbn_discover_utils.mdx +++ b/api_docs/kbn_discover_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-discover-utils title: "@kbn/discover-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/discover-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/discover-utils'] --- import kbnDiscoverUtilsObj from './kbn_discover_utils.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/k | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 131 | 0 | 105 | 1 | +| 133 | 0 | 106 | 1 | ## Common diff --git a/api_docs/kbn_doc_links.mdx b/api_docs/kbn_doc_links.mdx index 4323f37024bb0..ec6492ec70767 100644 --- a/api_docs/kbn_doc_links.mdx +++ b/api_docs/kbn_doc_links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-doc-links title: "@kbn/doc-links" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/doc-links plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/doc-links'] --- import kbnDocLinksObj from './kbn_doc_links.devdocs.json'; diff --git a/api_docs/kbn_docs_utils.mdx b/api_docs/kbn_docs_utils.mdx index f8cec2405c810..94d6ea6b5ce0d 100644 --- a/api_docs/kbn_docs_utils.mdx +++ b/api_docs/kbn_docs_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-docs-utils title: "@kbn/docs-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/docs-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/docs-utils'] --- import kbnDocsUtilsObj from './kbn_docs_utils.devdocs.json'; diff --git a/api_docs/kbn_dom_drag_drop.mdx b/api_docs/kbn_dom_drag_drop.mdx index e23e8b6d4fb0f..578a627c5084b 100644 --- a/api_docs/kbn_dom_drag_drop.mdx +++ b/api_docs/kbn_dom_drag_drop.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dom-drag-drop title: "@kbn/dom-drag-drop" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dom-drag-drop plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dom-drag-drop'] --- import kbnDomDragDropObj from './kbn_dom_drag_drop.devdocs.json'; diff --git a/api_docs/kbn_ebt_tools.mdx b/api_docs/kbn_ebt_tools.mdx index 6522b09157b53..0e07b9e495a0d 100644 --- a/api_docs/kbn_ebt_tools.mdx +++ b/api_docs/kbn_ebt_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ebt-tools title: "@kbn/ebt-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ebt-tools plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ebt-tools'] --- import kbnEbtToolsObj from './kbn_ebt_tools.devdocs.json'; diff --git a/api_docs/kbn_ecs_data_quality_dashboard.mdx b/api_docs/kbn_ecs_data_quality_dashboard.mdx index 6f113dba47d11..90ebb41f3b151 100644 --- a/api_docs/kbn_ecs_data_quality_dashboard.mdx +++ b/api_docs/kbn_ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ecs-data-quality-dashboard title: "@kbn/ecs-data-quality-dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ecs-data-quality-dashboard plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ecs-data-quality-dashboard'] --- import kbnEcsDataQualityDashboardObj from './kbn_ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/kbn_elastic_agent_utils.mdx b/api_docs/kbn_elastic_agent_utils.mdx index d3d067bac6a9b..acf97f7bfa45a 100644 --- a/api_docs/kbn_elastic_agent_utils.mdx +++ b/api_docs/kbn_elastic_agent_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-agent-utils title: "@kbn/elastic-agent-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-agent-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-agent-utils'] --- import kbnElasticAgentUtilsObj from './kbn_elastic_agent_utils.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant.mdx b/api_docs/kbn_elastic_assistant.mdx index e06dbbcd4d2e7..8bd9ca40cfd94 100644 --- a/api_docs/kbn_elastic_assistant.mdx +++ b/api_docs/kbn_elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant title: "@kbn/elastic-assistant" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant'] --- import kbnElasticAssistantObj from './kbn_elastic_assistant.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant_common.mdx b/api_docs/kbn_elastic_assistant_common.mdx index 501a8204e27a1..a0687d3a26f68 100644 --- a/api_docs/kbn_elastic_assistant_common.mdx +++ b/api_docs/kbn_elastic_assistant_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant-common title: "@kbn/elastic-assistant-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant-common'] --- import kbnElasticAssistantCommonObj from './kbn_elastic_assistant_common.devdocs.json'; diff --git a/api_docs/kbn_entities_schema.devdocs.json b/api_docs/kbn_entities_schema.devdocs.json index 2d1ad602d26cc..29fa10784d55b 100644 --- a/api_docs/kbn_entities_schema.devdocs.json +++ b/api_docs/kbn_entities_schema.devdocs.json @@ -135,6 +135,36 @@ } ], "misc": [ + { + "parentPluginId": "@kbn/entities-schema", + "id": "def-common.CreateEntityDefinitionQuery", + "type": "Type", + "tags": [], + "label": "CreateEntityDefinitionQuery", + "description": [], + "signature": [ + "{ installOnly: boolean; }" + ], + "path": "x-pack/packages/kbn-entities-schema/src/rest_spec/create.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/entities-schema", + "id": "def-common.DeleteEntityDefinitionQuery", + "type": "Type", + "tags": [], + "label": "DeleteEntityDefinitionQuery", + "description": [], + "signature": [ + "{ deleteData?: boolean | undefined; }" + ], + "path": "x-pack/packages/kbn-entities-schema/src/rest_spec/delete.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/entities-schema", "id": "def-common.ENTITY_BASE_PREFIX", @@ -343,6 +373,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/entities-schema", + "id": "def-common.createEntityDefinitionQuerySchema", + "type": "Object", + "tags": [], + "label": "createEntityDefinitionQuerySchema", + "description": [], + "signature": [ + "Zod.ZodObject<{ installOnly: Zod.ZodDefault>; }, \"strip\", Zod.ZodTypeAny, { installOnly: boolean; }, { installOnly?: boolean | undefined; }>" + ], + "path": "x-pack/packages/kbn-entities-schema/src/rest_spec/create.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/entities-schema", "id": "def-common.deleteEntityDefinitionParamsSchema", diff --git a/api_docs/kbn_entities_schema.mdx b/api_docs/kbn_entities_schema.mdx index 7be852e159ef5..b1d666abb4493 100644 --- a/api_docs/kbn_entities_schema.mdx +++ b/api_docs/kbn_entities_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-entities-schema title: "@kbn/entities-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/entities-schema plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/entities-schema'] --- import kbnEntitiesSchemaObj from './kbn_entities_schema.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entiti | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 34 | 0 | 34 | 0 | +| 37 | 0 | 37 | 0 | ## Common diff --git a/api_docs/kbn_es.mdx b/api_docs/kbn_es.mdx index 46cb01353c296..ecfa0afae0860 100644 --- a/api_docs/kbn_es.mdx +++ b/api_docs/kbn_es.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es title: "@kbn/es" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es'] --- import kbnEsObj from './kbn_es.devdocs.json'; diff --git a/api_docs/kbn_es_archiver.mdx b/api_docs/kbn_es_archiver.mdx index a9b654e026a6b..66fd1bb3ef5c1 100644 --- a/api_docs/kbn_es_archiver.mdx +++ b/api_docs/kbn_es_archiver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-archiver title: "@kbn/es-archiver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-archiver plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-archiver'] --- import kbnEsArchiverObj from './kbn_es_archiver.devdocs.json'; diff --git a/api_docs/kbn_es_errors.mdx b/api_docs/kbn_es_errors.mdx index f59675a8a5abe..2ba3d435e777d 100644 --- a/api_docs/kbn_es_errors.mdx +++ b/api_docs/kbn_es_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-errors title: "@kbn/es-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-errors plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-errors'] --- import kbnEsErrorsObj from './kbn_es_errors.devdocs.json'; diff --git a/api_docs/kbn_es_query.mdx b/api_docs/kbn_es_query.mdx index 1ef6a10fd7cb2..33a923dbb3157 100644 --- a/api_docs/kbn_es_query.mdx +++ b/api_docs/kbn_es_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-query title: "@kbn/es-query" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-query plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-query'] --- import kbnEsQueryObj from './kbn_es_query.devdocs.json'; diff --git a/api_docs/kbn_es_types.mdx b/api_docs/kbn_es_types.mdx index 1cffb595596a9..35a129281b3b8 100644 --- a/api_docs/kbn_es_types.mdx +++ b/api_docs/kbn_es_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-types title: "@kbn/es-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-types'] --- import kbnEsTypesObj from './kbn_es_types.devdocs.json'; diff --git a/api_docs/kbn_eslint_plugin_imports.mdx b/api_docs/kbn_eslint_plugin_imports.mdx index d92a0a7c66b89..b82e944d5faab 100644 --- a/api_docs/kbn_eslint_plugin_imports.mdx +++ b/api_docs/kbn_eslint_plugin_imports.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-eslint-plugin-imports title: "@kbn/eslint-plugin-imports" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/eslint-plugin-imports plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/eslint-plugin-imports'] --- import kbnEslintPluginImportsObj from './kbn_eslint_plugin_imports.devdocs.json'; diff --git a/api_docs/kbn_esql_ast.mdx b/api_docs/kbn_esql_ast.mdx index f43c5381d6206..a8e7f0fce6851 100644 --- a/api_docs/kbn_esql_ast.mdx +++ b/api_docs/kbn_esql_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-ast title: "@kbn/esql-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-ast plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-ast'] --- import kbnEsqlAstObj from './kbn_esql_ast.devdocs.json'; diff --git a/api_docs/kbn_esql_utils.devdocs.json b/api_docs/kbn_esql_utils.devdocs.json index d8d67ceb112ba..1dbf86dc50e2f 100644 --- a/api_docs/kbn_esql_utils.devdocs.json +++ b/api_docs/kbn_esql_utils.devdocs.json @@ -1173,7 +1173,7 @@ "section": "def-common.TimeRange", "text": "TimeRange" }, - " | undefined) => ({ start: string; end?: undefined; } | { end: string; start?: undefined; })[]" + " | undefined) => ({ t_start: string; t_end?: undefined; } | { t_end: string; t_start?: undefined; })[]" ], "path": "packages/kbn-esql-utils/src/utils/run_query.ts", "deprecated": false, @@ -1227,7 +1227,7 @@ "tags": [], "label": "getTimeFieldFromESQLQuery", "description": [ - "\nWhen the ?start and ?end params are used, we want to retrieve the timefield from the query." + "\nWhen the ?t_start and ?t_end params are used, we want to retrieve the timefield from the query." ], "signature": [ "(esql: string) => string | undefined" diff --git a/api_docs/kbn_esql_utils.mdx b/api_docs/kbn_esql_utils.mdx index 4031a32982330..0b75ef3a77bea 100644 --- a/api_docs/kbn_esql_utils.mdx +++ b/api_docs/kbn_esql_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-utils title: "@kbn/esql-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-utils'] --- import kbnEsqlUtilsObj from './kbn_esql_utils.devdocs.json'; diff --git a/api_docs/kbn_esql_validation_autocomplete.devdocs.json b/api_docs/kbn_esql_validation_autocomplete.devdocs.json index 9c4af05a18969..fb68172942ca5 100644 --- a/api_docs/kbn_esql_validation_autocomplete.devdocs.json +++ b/api_docs/kbn_esql_validation_autocomplete.devdocs.json @@ -3193,7 +3193,7 @@ "label": "type", "description": [], "signature": [ - "\"boolean\" | \"geo_point\" | \"geo_shape\" | \"ip\" | \"keyword\" | \"text\" | \"date\" | \"version\" | \"integer\" | \"long\" | \"double\" | \"unsigned_long\" | \"cartesian_point\" | \"cartesian_shape\" | \"counter_integer\" | \"counter_long\" | \"counter_double\" | \"unsupported\"" + "\"boolean\" | \"geo_point\" | \"geo_shape\" | \"ip\" | \"keyword\" | \"text\" | \"date\" | \"date_nanos\" | \"version\" | \"integer\" | \"long\" | \"double\" | \"unsigned_long\" | \"cartesian_point\" | \"cartesian_shape\" | \"counter_integer\" | \"counter_long\" | \"counter_double\" | \"unsupported\"" ], "path": "packages/kbn-esql-validation-autocomplete/src/validation/types.ts", "deprecated": false, diff --git a/api_docs/kbn_esql_validation_autocomplete.mdx b/api_docs/kbn_esql_validation_autocomplete.mdx index 2bf86d64d7873..21c9216cbfbc8 100644 --- a/api_docs/kbn_esql_validation_autocomplete.mdx +++ b/api_docs/kbn_esql_validation_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-validation-autocomplete title: "@kbn/esql-validation-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-validation-autocomplete plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-validation-autocomplete'] --- import kbnEsqlValidationAutocompleteObj from './kbn_esql_validation_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_common.mdx b/api_docs/kbn_event_annotation_common.mdx index 4711978096b21..a16d216be6c13 100644 --- a/api_docs/kbn_event_annotation_common.mdx +++ b/api_docs/kbn_event_annotation_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-common title: "@kbn/event-annotation-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-common'] --- import kbnEventAnnotationCommonObj from './kbn_event_annotation_common.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_components.mdx b/api_docs/kbn_event_annotation_components.mdx index d53d7dd4278ef..3204e42868163 100644 --- a/api_docs/kbn_event_annotation_components.mdx +++ b/api_docs/kbn_event_annotation_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-components title: "@kbn/event-annotation-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-components plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-components'] --- import kbnEventAnnotationComponentsObj from './kbn_event_annotation_components.devdocs.json'; diff --git a/api_docs/kbn_expandable_flyout.mdx b/api_docs/kbn_expandable_flyout.mdx index a81a7669c9f18..d56616e3ecaa3 100644 --- a/api_docs/kbn_expandable_flyout.mdx +++ b/api_docs/kbn_expandable_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-expandable-flyout title: "@kbn/expandable-flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/expandable-flyout plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/expandable-flyout'] --- import kbnExpandableFlyoutObj from './kbn_expandable_flyout.devdocs.json'; diff --git a/api_docs/kbn_field_types.mdx b/api_docs/kbn_field_types.mdx index 845a1ab14381f..bc313f154c9f5 100644 --- a/api_docs/kbn_field_types.mdx +++ b/api_docs/kbn_field_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-types title: "@kbn/field-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-types'] --- import kbnFieldTypesObj from './kbn_field_types.devdocs.json'; diff --git a/api_docs/kbn_field_utils.mdx b/api_docs/kbn_field_utils.mdx index 024492c10f8c6..c203cd6f22e54 100644 --- a/api_docs/kbn_field_utils.mdx +++ b/api_docs/kbn_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-utils title: "@kbn/field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-utils'] --- import kbnFieldUtilsObj from './kbn_field_utils.devdocs.json'; diff --git a/api_docs/kbn_find_used_node_modules.mdx b/api_docs/kbn_find_used_node_modules.mdx index 29b4e67731077..cdc5ae55aa801 100644 --- a/api_docs/kbn_find_used_node_modules.mdx +++ b/api_docs/kbn_find_used_node_modules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-find-used-node-modules title: "@kbn/find-used-node-modules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/find-used-node-modules plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/find-used-node-modules'] --- import kbnFindUsedNodeModulesObj from './kbn_find_used_node_modules.devdocs.json'; diff --git a/api_docs/kbn_formatters.mdx b/api_docs/kbn_formatters.mdx index 0d9df0af48a81..4041820fc7153 100644 --- a/api_docs/kbn_formatters.mdx +++ b/api_docs/kbn_formatters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-formatters title: "@kbn/formatters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/formatters plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/formatters'] --- import kbnFormattersObj from './kbn_formatters.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_services.mdx b/api_docs/kbn_ftr_common_functional_services.mdx index 02a261fc0c57d..bc8b91a80912d 100644 --- a/api_docs/kbn_ftr_common_functional_services.mdx +++ b/api_docs/kbn_ftr_common_functional_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-services title: "@kbn/ftr-common-functional-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-services plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-services'] --- import kbnFtrCommonFunctionalServicesObj from './kbn_ftr_common_functional_services.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_ui_services.mdx b/api_docs/kbn_ftr_common_functional_ui_services.mdx index 41b7695b45bd8..82d05814b2dc9 100644 --- a/api_docs/kbn_ftr_common_functional_ui_services.mdx +++ b/api_docs/kbn_ftr_common_functional_ui_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-ui-services title: "@kbn/ftr-common-functional-ui-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-ui-services plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-ui-services'] --- import kbnFtrCommonFunctionalUiServicesObj from './kbn_ftr_common_functional_ui_services.devdocs.json'; diff --git a/api_docs/kbn_generate.mdx b/api_docs/kbn_generate.mdx index 1e77ece4a79e3..b7c1c0af27826 100644 --- a/api_docs/kbn_generate.mdx +++ b/api_docs/kbn_generate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate title: "@kbn/generate" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate'] --- import kbnGenerateObj from './kbn_generate.devdocs.json'; diff --git a/api_docs/kbn_generate_console_definitions.mdx b/api_docs/kbn_generate_console_definitions.mdx index ff7eb21033cf6..48cd8f137bdd3 100644 --- a/api_docs/kbn_generate_console_definitions.mdx +++ b/api_docs/kbn_generate_console_definitions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-console-definitions title: "@kbn/generate-console-definitions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-console-definitions plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-console-definitions'] --- import kbnGenerateConsoleDefinitionsObj from './kbn_generate_console_definitions.devdocs.json'; diff --git a/api_docs/kbn_generate_csv.mdx b/api_docs/kbn_generate_csv.mdx index 23130c9138e00..8ed89fa6dd438 100644 --- a/api_docs/kbn_generate_csv.mdx +++ b/api_docs/kbn_generate_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-csv title: "@kbn/generate-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-csv plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-csv'] --- import kbnGenerateCsvObj from './kbn_generate_csv.devdocs.json'; diff --git a/api_docs/kbn_grouping.mdx b/api_docs/kbn_grouping.mdx index 700d0e651cd0d..d2acb9209bb61 100644 --- a/api_docs/kbn_grouping.mdx +++ b/api_docs/kbn_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grouping title: "@kbn/grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grouping plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grouping'] --- import kbnGroupingObj from './kbn_grouping.devdocs.json'; diff --git a/api_docs/kbn_guided_onboarding.mdx b/api_docs/kbn_guided_onboarding.mdx index 612b00e4b6693..6665438d1c275 100644 --- a/api_docs/kbn_guided_onboarding.mdx +++ b/api_docs/kbn_guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-guided-onboarding title: "@kbn/guided-onboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/guided-onboarding plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/guided-onboarding'] --- import kbnGuidedOnboardingObj from './kbn_guided_onboarding.devdocs.json'; diff --git a/api_docs/kbn_handlebars.mdx b/api_docs/kbn_handlebars.mdx index 98ffef188691b..48da095ff7b4b 100644 --- a/api_docs/kbn_handlebars.mdx +++ b/api_docs/kbn_handlebars.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-handlebars title: "@kbn/handlebars" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/handlebars plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/handlebars'] --- import kbnHandlebarsObj from './kbn_handlebars.devdocs.json'; diff --git a/api_docs/kbn_hapi_mocks.mdx b/api_docs/kbn_hapi_mocks.mdx index b6a7c063e1a85..9e97fc3ba1d41 100644 --- a/api_docs/kbn_hapi_mocks.mdx +++ b/api_docs/kbn_hapi_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-hapi-mocks title: "@kbn/hapi-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/hapi-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/hapi-mocks'] --- import kbnHapiMocksObj from './kbn_hapi_mocks.devdocs.json'; diff --git a/api_docs/kbn_health_gateway_server.mdx b/api_docs/kbn_health_gateway_server.mdx index f1cf66772b2ad..06d1fd3a3ef3a 100644 --- a/api_docs/kbn_health_gateway_server.mdx +++ b/api_docs/kbn_health_gateway_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-health-gateway-server title: "@kbn/health-gateway-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/health-gateway-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/health-gateway-server'] --- import kbnHealthGatewayServerObj from './kbn_health_gateway_server.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_card.mdx b/api_docs/kbn_home_sample_data_card.mdx index a0baa412c6a8a..eb6e11bd76a63 100644 --- a/api_docs/kbn_home_sample_data_card.mdx +++ b/api_docs/kbn_home_sample_data_card.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-card title: "@kbn/home-sample-data-card" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-card plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-card'] --- import kbnHomeSampleDataCardObj from './kbn_home_sample_data_card.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_tab.mdx b/api_docs/kbn_home_sample_data_tab.mdx index 03846a82ad11a..44309a5750ce3 100644 --- a/api_docs/kbn_home_sample_data_tab.mdx +++ b/api_docs/kbn_home_sample_data_tab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-tab title: "@kbn/home-sample-data-tab" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-tab plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-tab'] --- import kbnHomeSampleDataTabObj from './kbn_home_sample_data_tab.devdocs.json'; diff --git a/api_docs/kbn_i18n.mdx b/api_docs/kbn_i18n.mdx index db9bd01676ab2..f7cbd3987539d 100644 --- a/api_docs/kbn_i18n.mdx +++ b/api_docs/kbn_i18n.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n title: "@kbn/i18n" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n'] --- import kbnI18nObj from './kbn_i18n.devdocs.json'; diff --git a/api_docs/kbn_i18n_react.mdx b/api_docs/kbn_i18n_react.mdx index c311e57e4b050..08216c7621cc1 100644 --- a/api_docs/kbn_i18n_react.mdx +++ b/api_docs/kbn_i18n_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n-react title: "@kbn/i18n-react" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n-react plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n-react'] --- import kbnI18nReactObj from './kbn_i18n_react.devdocs.json'; diff --git a/api_docs/kbn_import_resolver.mdx b/api_docs/kbn_import_resolver.mdx index 66b77b2f6da6f..f2264ca1e1e31 100644 --- a/api_docs/kbn_import_resolver.mdx +++ b/api_docs/kbn_import_resolver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-import-resolver title: "@kbn/import-resolver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/import-resolver plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/import-resolver'] --- import kbnImportResolverObj from './kbn_import_resolver.devdocs.json'; diff --git a/api_docs/kbn_index_management.mdx b/api_docs/kbn_index_management.mdx index 1670b929b95c5..771b2912e6c0c 100644 --- a/api_docs/kbn_index_management.mdx +++ b/api_docs/kbn_index_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-index-management title: "@kbn/index-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/index-management plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/index-management'] --- import kbnIndexManagementObj from './kbn_index_management.devdocs.json'; diff --git a/api_docs/kbn_inference_integration_flyout.mdx b/api_docs/kbn_inference_integration_flyout.mdx index 68ab12bf13409..dab3035263a52 100644 --- a/api_docs/kbn_inference_integration_flyout.mdx +++ b/api_docs/kbn_inference_integration_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-inference_integration_flyout title: "@kbn/inference_integration_flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/inference_integration_flyout plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/inference_integration_flyout'] --- import kbnInferenceIntegrationFlyoutObj from './kbn_inference_integration_flyout.devdocs.json'; diff --git a/api_docs/kbn_infra_forge.mdx b/api_docs/kbn_infra_forge.mdx index f05a988c024f7..8ef1c088c6e7e 100644 --- a/api_docs/kbn_infra_forge.mdx +++ b/api_docs/kbn_infra_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-infra-forge title: "@kbn/infra-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/infra-forge plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/infra-forge'] --- import kbnInfraForgeObj from './kbn_infra_forge.devdocs.json'; diff --git a/api_docs/kbn_interpreter.mdx b/api_docs/kbn_interpreter.mdx index 954f28050d9f5..9c90055b34b5a 100644 --- a/api_docs/kbn_interpreter.mdx +++ b/api_docs/kbn_interpreter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-interpreter title: "@kbn/interpreter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/interpreter plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/interpreter'] --- import kbnInterpreterObj from './kbn_interpreter.devdocs.json'; diff --git a/api_docs/kbn_io_ts_utils.mdx b/api_docs/kbn_io_ts_utils.mdx index be37d982823d5..d06281dc19ade 100644 --- a/api_docs/kbn_io_ts_utils.mdx +++ b/api_docs/kbn_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-io-ts-utils title: "@kbn/io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/io-ts-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/io-ts-utils'] --- import kbnIoTsUtilsObj from './kbn_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_ipynb.mdx b/api_docs/kbn_ipynb.mdx index 89ff0098ade92..d533e064f37a5 100644 --- a/api_docs/kbn_ipynb.mdx +++ b/api_docs/kbn_ipynb.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ipynb title: "@kbn/ipynb" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ipynb plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ipynb'] --- import kbnIpynbObj from './kbn_ipynb.devdocs.json'; diff --git a/api_docs/kbn_jest_serializers.mdx b/api_docs/kbn_jest_serializers.mdx index 8eac6b735dcd9..9e3cfc4efd94f 100644 --- a/api_docs/kbn_jest_serializers.mdx +++ b/api_docs/kbn_jest_serializers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-jest-serializers title: "@kbn/jest-serializers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/jest-serializers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/jest-serializers'] --- import kbnJestSerializersObj from './kbn_jest_serializers.devdocs.json'; diff --git a/api_docs/kbn_journeys.mdx b/api_docs/kbn_journeys.mdx index 561cd2a5ce906..697757bc88cb0 100644 --- a/api_docs/kbn_journeys.mdx +++ b/api_docs/kbn_journeys.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-journeys title: "@kbn/journeys" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/journeys plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/journeys'] --- import kbnJourneysObj from './kbn_journeys.devdocs.json'; diff --git a/api_docs/kbn_json_ast.mdx b/api_docs/kbn_json_ast.mdx index df18c52551437..d64519963a034 100644 --- a/api_docs/kbn_json_ast.mdx +++ b/api_docs/kbn_json_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-ast title: "@kbn/json-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-ast plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-ast'] --- import kbnJsonAstObj from './kbn_json_ast.devdocs.json'; diff --git a/api_docs/kbn_json_schemas.mdx b/api_docs/kbn_json_schemas.mdx index 5cb56798b2876..0198a01e2e27a 100644 --- a/api_docs/kbn_json_schemas.mdx +++ b/api_docs/kbn_json_schemas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-schemas title: "@kbn/json-schemas" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-schemas plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-schemas'] --- import kbnJsonSchemasObj from './kbn_json_schemas.devdocs.json'; diff --git a/api_docs/kbn_kibana_manifest_schema.mdx b/api_docs/kbn_kibana_manifest_schema.mdx index 71f911e4dc2d5..ab96c35093dbd 100644 --- a/api_docs/kbn_kibana_manifest_schema.mdx +++ b/api_docs/kbn_kibana_manifest_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-kibana-manifest-schema title: "@kbn/kibana-manifest-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/kibana-manifest-schema plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/kibana-manifest-schema'] --- import kbnKibanaManifestSchemaObj from './kbn_kibana_manifest_schema.devdocs.json'; diff --git a/api_docs/kbn_language_documentation_popover.mdx b/api_docs/kbn_language_documentation_popover.mdx index 98d36f459847f..c3265f1d51574 100644 --- a/api_docs/kbn_language_documentation_popover.mdx +++ b/api_docs/kbn_language_documentation_popover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-language-documentation-popover title: "@kbn/language-documentation-popover" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/language-documentation-popover plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/language-documentation-popover'] --- import kbnLanguageDocumentationPopoverObj from './kbn_language_documentation_popover.devdocs.json'; diff --git a/api_docs/kbn_lens_embeddable_utils.mdx b/api_docs/kbn_lens_embeddable_utils.mdx index 9801d0772fcbf..f29816c569193 100644 --- a/api_docs/kbn_lens_embeddable_utils.mdx +++ b/api_docs/kbn_lens_embeddable_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-embeddable-utils title: "@kbn/lens-embeddable-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-embeddable-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-embeddable-utils'] --- import kbnLensEmbeddableUtilsObj from './kbn_lens_embeddable_utils.devdocs.json'; diff --git a/api_docs/kbn_lens_formula_docs.mdx b/api_docs/kbn_lens_formula_docs.mdx index 36d5c10f572f7..328aef9a3566b 100644 --- a/api_docs/kbn_lens_formula_docs.mdx +++ b/api_docs/kbn_lens_formula_docs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-formula-docs title: "@kbn/lens-formula-docs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-formula-docs plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-formula-docs'] --- import kbnLensFormulaDocsObj from './kbn_lens_formula_docs.devdocs.json'; diff --git a/api_docs/kbn_logging.mdx b/api_docs/kbn_logging.mdx index c9837e85f7592..783dd15ac1006 100644 --- a/api_docs/kbn_logging.mdx +++ b/api_docs/kbn_logging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging title: "@kbn/logging" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging'] --- import kbnLoggingObj from './kbn_logging.devdocs.json'; diff --git a/api_docs/kbn_logging_mocks.mdx b/api_docs/kbn_logging_mocks.mdx index def8f6ce008e4..bd5c61e68fa97 100644 --- a/api_docs/kbn_logging_mocks.mdx +++ b/api_docs/kbn_logging_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging-mocks title: "@kbn/logging-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging-mocks'] --- import kbnLoggingMocksObj from './kbn_logging_mocks.devdocs.json'; diff --git a/api_docs/kbn_managed_content_badge.mdx b/api_docs/kbn_managed_content_badge.mdx index a088ae6148ca2..5e80347ea0c32 100644 --- a/api_docs/kbn_managed_content_badge.mdx +++ b/api_docs/kbn_managed_content_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-content-badge title: "@kbn/managed-content-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-content-badge plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-content-badge'] --- import kbnManagedContentBadgeObj from './kbn_managed_content_badge.devdocs.json'; diff --git a/api_docs/kbn_managed_vscode_config.mdx b/api_docs/kbn_managed_vscode_config.mdx index 53b5e7ef339a2..e3ee959b3a4dd 100644 --- a/api_docs/kbn_managed_vscode_config.mdx +++ b/api_docs/kbn_managed_vscode_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-vscode-config title: "@kbn/managed-vscode-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-vscode-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-vscode-config'] --- import kbnManagedVscodeConfigObj from './kbn_managed_vscode_config.devdocs.json'; diff --git a/api_docs/kbn_management_cards_navigation.mdx b/api_docs/kbn_management_cards_navigation.mdx index 8a7bc5708b1b3..1f9b68430c31b 100644 --- a/api_docs/kbn_management_cards_navigation.mdx +++ b/api_docs/kbn_management_cards_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-cards-navigation title: "@kbn/management-cards-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-cards-navigation plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-cards-navigation'] --- import kbnManagementCardsNavigationObj from './kbn_management_cards_navigation.devdocs.json'; diff --git a/api_docs/kbn_management_settings_application.mdx b/api_docs/kbn_management_settings_application.mdx index 85389a9533d68..76b82be2f036d 100644 --- a/api_docs/kbn_management_settings_application.mdx +++ b/api_docs/kbn_management_settings_application.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-application title: "@kbn/management-settings-application" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-application plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-application'] --- import kbnManagementSettingsApplicationObj from './kbn_management_settings_application.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_category.mdx b/api_docs/kbn_management_settings_components_field_category.mdx index 12c9401741b5b..94635e3b14d3f 100644 --- a/api_docs/kbn_management_settings_components_field_category.mdx +++ b/api_docs/kbn_management_settings_components_field_category.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-category title: "@kbn/management-settings-components-field-category" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-category plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-category'] --- import kbnManagementSettingsComponentsFieldCategoryObj from './kbn_management_settings_components_field_category.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_input.mdx b/api_docs/kbn_management_settings_components_field_input.mdx index 0f4a541c0a034..703837874f3a0 100644 --- a/api_docs/kbn_management_settings_components_field_input.mdx +++ b/api_docs/kbn_management_settings_components_field_input.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-input title: "@kbn/management-settings-components-field-input" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-input plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-input'] --- import kbnManagementSettingsComponentsFieldInputObj from './kbn_management_settings_components_field_input.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_row.mdx b/api_docs/kbn_management_settings_components_field_row.mdx index 5324d30cff9f6..db88ad99ee4c1 100644 --- a/api_docs/kbn_management_settings_components_field_row.mdx +++ b/api_docs/kbn_management_settings_components_field_row.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-row title: "@kbn/management-settings-components-field-row" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-row plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-row'] --- import kbnManagementSettingsComponentsFieldRowObj from './kbn_management_settings_components_field_row.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_form.mdx b/api_docs/kbn_management_settings_components_form.mdx index b8ced65222e17..dfe4a7a2b56e5 100644 --- a/api_docs/kbn_management_settings_components_form.mdx +++ b/api_docs/kbn_management_settings_components_form.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-form title: "@kbn/management-settings-components-form" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-form plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-form'] --- import kbnManagementSettingsComponentsFormObj from './kbn_management_settings_components_form.devdocs.json'; diff --git a/api_docs/kbn_management_settings_field_definition.mdx b/api_docs/kbn_management_settings_field_definition.mdx index 8d4534a4cd9f0..73e8487c00fb3 100644 --- a/api_docs/kbn_management_settings_field_definition.mdx +++ b/api_docs/kbn_management_settings_field_definition.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-field-definition title: "@kbn/management-settings-field-definition" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-field-definition plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-field-definition'] --- import kbnManagementSettingsFieldDefinitionObj from './kbn_management_settings_field_definition.devdocs.json'; diff --git a/api_docs/kbn_management_settings_ids.mdx b/api_docs/kbn_management_settings_ids.mdx index 7c380de66edf8..09d4dd628c6cc 100644 --- a/api_docs/kbn_management_settings_ids.mdx +++ b/api_docs/kbn_management_settings_ids.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-ids title: "@kbn/management-settings-ids" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-ids plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-ids'] --- import kbnManagementSettingsIdsObj from './kbn_management_settings_ids.devdocs.json'; diff --git a/api_docs/kbn_management_settings_section_registry.mdx b/api_docs/kbn_management_settings_section_registry.mdx index bda709b6fe6da..54c48c77e2a43 100644 --- a/api_docs/kbn_management_settings_section_registry.mdx +++ b/api_docs/kbn_management_settings_section_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-section-registry title: "@kbn/management-settings-section-registry" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-section-registry plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-section-registry'] --- import kbnManagementSettingsSectionRegistryObj from './kbn_management_settings_section_registry.devdocs.json'; diff --git a/api_docs/kbn_management_settings_types.mdx b/api_docs/kbn_management_settings_types.mdx index 6d3b8bfbae67b..3b27a22bd6abe 100644 --- a/api_docs/kbn_management_settings_types.mdx +++ b/api_docs/kbn_management_settings_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-types title: "@kbn/management-settings-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-types'] --- import kbnManagementSettingsTypesObj from './kbn_management_settings_types.devdocs.json'; diff --git a/api_docs/kbn_management_settings_utilities.mdx b/api_docs/kbn_management_settings_utilities.mdx index 5be657457d845..45a58c2805227 100644 --- a/api_docs/kbn_management_settings_utilities.mdx +++ b/api_docs/kbn_management_settings_utilities.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-utilities title: "@kbn/management-settings-utilities" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-utilities plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-utilities'] --- import kbnManagementSettingsUtilitiesObj from './kbn_management_settings_utilities.devdocs.json'; diff --git a/api_docs/kbn_management_storybook_config.mdx b/api_docs/kbn_management_storybook_config.mdx index 33e03f2e0e3cc..e82100942cff7 100644 --- a/api_docs/kbn_management_storybook_config.mdx +++ b/api_docs/kbn_management_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-storybook-config title: "@kbn/management-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-storybook-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-storybook-config'] --- import kbnManagementStorybookConfigObj from './kbn_management_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_mapbox_gl.mdx b/api_docs/kbn_mapbox_gl.mdx index b1df12648b605..e6b149a8ae299 100644 --- a/api_docs/kbn_mapbox_gl.mdx +++ b/api_docs/kbn_mapbox_gl.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mapbox-gl title: "@kbn/mapbox-gl" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mapbox-gl plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mapbox-gl'] --- import kbnMapboxGlObj from './kbn_mapbox_gl.devdocs.json'; diff --git a/api_docs/kbn_maps_vector_tile_utils.mdx b/api_docs/kbn_maps_vector_tile_utils.mdx index b2ed75bb78f06..92dbbf615331e 100644 --- a/api_docs/kbn_maps_vector_tile_utils.mdx +++ b/api_docs/kbn_maps_vector_tile_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-maps-vector-tile-utils title: "@kbn/maps-vector-tile-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/maps-vector-tile-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/maps-vector-tile-utils'] --- import kbnMapsVectorTileUtilsObj from './kbn_maps_vector_tile_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_agg_utils.mdx b/api_docs/kbn_ml_agg_utils.mdx index e3966e47cd7df..70873594351b2 100644 --- a/api_docs/kbn_ml_agg_utils.mdx +++ b/api_docs/kbn_ml_agg_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-agg-utils title: "@kbn/ml-agg-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-agg-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-agg-utils'] --- import kbnMlAggUtilsObj from './kbn_ml_agg_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_anomaly_utils.mdx b/api_docs/kbn_ml_anomaly_utils.mdx index 4627700e851fe..b8226eeb31aa8 100644 --- a/api_docs/kbn_ml_anomaly_utils.mdx +++ b/api_docs/kbn_ml_anomaly_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-anomaly-utils title: "@kbn/ml-anomaly-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-anomaly-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-anomaly-utils'] --- import kbnMlAnomalyUtilsObj from './kbn_ml_anomaly_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_cancellable_search.mdx b/api_docs/kbn_ml_cancellable_search.mdx index 4e3771ae39641..5fa5476ef7dcc 100644 --- a/api_docs/kbn_ml_cancellable_search.mdx +++ b/api_docs/kbn_ml_cancellable_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-cancellable-search title: "@kbn/ml-cancellable-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-cancellable-search plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-cancellable-search'] --- import kbnMlCancellableSearchObj from './kbn_ml_cancellable_search.devdocs.json'; diff --git a/api_docs/kbn_ml_category_validator.mdx b/api_docs/kbn_ml_category_validator.mdx index f79e8b346ab83..5c9f98df7f504 100644 --- a/api_docs/kbn_ml_category_validator.mdx +++ b/api_docs/kbn_ml_category_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-category-validator title: "@kbn/ml-category-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-category-validator plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-category-validator'] --- import kbnMlCategoryValidatorObj from './kbn_ml_category_validator.devdocs.json'; diff --git a/api_docs/kbn_ml_chi2test.mdx b/api_docs/kbn_ml_chi2test.mdx index 0be15e3454d1b..9ee5245037d96 100644 --- a/api_docs/kbn_ml_chi2test.mdx +++ b/api_docs/kbn_ml_chi2test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-chi2test title: "@kbn/ml-chi2test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-chi2test plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-chi2test'] --- import kbnMlChi2testObj from './kbn_ml_chi2test.devdocs.json'; diff --git a/api_docs/kbn_ml_data_frame_analytics_utils.mdx b/api_docs/kbn_ml_data_frame_analytics_utils.mdx index 9a7786f60d98e..efde0b3d53975 100644 --- a/api_docs/kbn_ml_data_frame_analytics_utils.mdx +++ b/api_docs/kbn_ml_data_frame_analytics_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-frame-analytics-utils title: "@kbn/ml-data-frame-analytics-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-frame-analytics-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-frame-analytics-utils'] --- import kbnMlDataFrameAnalyticsUtilsObj from './kbn_ml_data_frame_analytics_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_data_grid.mdx b/api_docs/kbn_ml_data_grid.mdx index 36379779c334b..eadd86e183a29 100644 --- a/api_docs/kbn_ml_data_grid.mdx +++ b/api_docs/kbn_ml_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-grid title: "@kbn/ml-data-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-grid plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-grid'] --- import kbnMlDataGridObj from './kbn_ml_data_grid.devdocs.json'; diff --git a/api_docs/kbn_ml_date_picker.mdx b/api_docs/kbn_ml_date_picker.mdx index e69b108287721..2b122bb24520d 100644 --- a/api_docs/kbn_ml_date_picker.mdx +++ b/api_docs/kbn_ml_date_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-picker title: "@kbn/ml-date-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-picker plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-picker'] --- import kbnMlDatePickerObj from './kbn_ml_date_picker.devdocs.json'; diff --git a/api_docs/kbn_ml_date_utils.mdx b/api_docs/kbn_ml_date_utils.mdx index a2c16bb31f7ac..da71df7117b89 100644 --- a/api_docs/kbn_ml_date_utils.mdx +++ b/api_docs/kbn_ml_date_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-utils title: "@kbn/ml-date-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-utils'] --- import kbnMlDateUtilsObj from './kbn_ml_date_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_error_utils.mdx b/api_docs/kbn_ml_error_utils.mdx index 0908cdb5f0bb2..c725e889899ca 100644 --- a/api_docs/kbn_ml_error_utils.mdx +++ b/api_docs/kbn_ml_error_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-error-utils title: "@kbn/ml-error-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-error-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-error-utils'] --- import kbnMlErrorUtilsObj from './kbn_ml_error_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_in_memory_table.mdx b/api_docs/kbn_ml_in_memory_table.mdx index b29c025d5337b..28c42340b4a0b 100644 --- a/api_docs/kbn_ml_in_memory_table.mdx +++ b/api_docs/kbn_ml_in_memory_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-in-memory-table title: "@kbn/ml-in-memory-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-in-memory-table plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-in-memory-table'] --- import kbnMlInMemoryTableObj from './kbn_ml_in_memory_table.devdocs.json'; diff --git a/api_docs/kbn_ml_is_defined.mdx b/api_docs/kbn_ml_is_defined.mdx index 2f313cda943e8..5371dd08dae60 100644 --- a/api_docs/kbn_ml_is_defined.mdx +++ b/api_docs/kbn_ml_is_defined.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-defined title: "@kbn/ml-is-defined" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-defined plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-defined'] --- import kbnMlIsDefinedObj from './kbn_ml_is_defined.devdocs.json'; diff --git a/api_docs/kbn_ml_is_populated_object.mdx b/api_docs/kbn_ml_is_populated_object.mdx index 95de59ab9a702..43294d5b5f9b9 100644 --- a/api_docs/kbn_ml_is_populated_object.mdx +++ b/api_docs/kbn_ml_is_populated_object.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-populated-object title: "@kbn/ml-is-populated-object" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-populated-object plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-populated-object'] --- import kbnMlIsPopulatedObjectObj from './kbn_ml_is_populated_object.devdocs.json'; diff --git a/api_docs/kbn_ml_kibana_theme.mdx b/api_docs/kbn_ml_kibana_theme.mdx index 8f18372615dc5..0538067f84ede 100644 --- a/api_docs/kbn_ml_kibana_theme.mdx +++ b/api_docs/kbn_ml_kibana_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-kibana-theme title: "@kbn/ml-kibana-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-kibana-theme plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-kibana-theme'] --- import kbnMlKibanaThemeObj from './kbn_ml_kibana_theme.devdocs.json'; diff --git a/api_docs/kbn_ml_local_storage.mdx b/api_docs/kbn_ml_local_storage.mdx index 4225980bc0ed8..27ae3e1da67a9 100644 --- a/api_docs/kbn_ml_local_storage.mdx +++ b/api_docs/kbn_ml_local_storage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-local-storage title: "@kbn/ml-local-storage" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-local-storage plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-local-storage'] --- import kbnMlLocalStorageObj from './kbn_ml_local_storage.devdocs.json'; diff --git a/api_docs/kbn_ml_nested_property.mdx b/api_docs/kbn_ml_nested_property.mdx index ba52430a20fb5..60ab878e80d06 100644 --- a/api_docs/kbn_ml_nested_property.mdx +++ b/api_docs/kbn_ml_nested_property.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-nested-property title: "@kbn/ml-nested-property" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-nested-property plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-nested-property'] --- import kbnMlNestedPropertyObj from './kbn_ml_nested_property.devdocs.json'; diff --git a/api_docs/kbn_ml_number_utils.mdx b/api_docs/kbn_ml_number_utils.mdx index 273fcdc268594..e642d012d1e6b 100644 --- a/api_docs/kbn_ml_number_utils.mdx +++ b/api_docs/kbn_ml_number_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-number-utils title: "@kbn/ml-number-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-number-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-number-utils'] --- import kbnMlNumberUtilsObj from './kbn_ml_number_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_query_utils.mdx b/api_docs/kbn_ml_query_utils.mdx index 43fe31c6df7ae..b9802f749dd78 100644 --- a/api_docs/kbn_ml_query_utils.mdx +++ b/api_docs/kbn_ml_query_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-query-utils title: "@kbn/ml-query-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-query-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-query-utils'] --- import kbnMlQueryUtilsObj from './kbn_ml_query_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_random_sampler_utils.mdx b/api_docs/kbn_ml_random_sampler_utils.mdx index f8f893c3d254c..dcdf9607444da 100644 --- a/api_docs/kbn_ml_random_sampler_utils.mdx +++ b/api_docs/kbn_ml_random_sampler_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-random-sampler-utils title: "@kbn/ml-random-sampler-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-random-sampler-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-random-sampler-utils'] --- import kbnMlRandomSamplerUtilsObj from './kbn_ml_random_sampler_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_route_utils.mdx b/api_docs/kbn_ml_route_utils.mdx index 22d77ced4e43c..d88298647f02e 100644 --- a/api_docs/kbn_ml_route_utils.mdx +++ b/api_docs/kbn_ml_route_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-route-utils title: "@kbn/ml-route-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-route-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-route-utils'] --- import kbnMlRouteUtilsObj from './kbn_ml_route_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_runtime_field_utils.mdx b/api_docs/kbn_ml_runtime_field_utils.mdx index 41dcb4286e778..a0fce172f186a 100644 --- a/api_docs/kbn_ml_runtime_field_utils.mdx +++ b/api_docs/kbn_ml_runtime_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-runtime-field-utils title: "@kbn/ml-runtime-field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-runtime-field-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-runtime-field-utils'] --- import kbnMlRuntimeFieldUtilsObj from './kbn_ml_runtime_field_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_string_hash.mdx b/api_docs/kbn_ml_string_hash.mdx index 7851334783e44..16b5658911ca1 100644 --- a/api_docs/kbn_ml_string_hash.mdx +++ b/api_docs/kbn_ml_string_hash.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-string-hash title: "@kbn/ml-string-hash" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-string-hash plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-string-hash'] --- import kbnMlStringHashObj from './kbn_ml_string_hash.devdocs.json'; diff --git a/api_docs/kbn_ml_time_buckets.mdx b/api_docs/kbn_ml_time_buckets.mdx index 934db7b6f6156..c9d7b9b728a35 100644 --- a/api_docs/kbn_ml_time_buckets.mdx +++ b/api_docs/kbn_ml_time_buckets.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-time-buckets title: "@kbn/ml-time-buckets" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-time-buckets plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-time-buckets'] --- import kbnMlTimeBucketsObj from './kbn_ml_time_buckets.devdocs.json'; diff --git a/api_docs/kbn_ml_trained_models_utils.mdx b/api_docs/kbn_ml_trained_models_utils.mdx index fcda87d9bf0bd..eee2c16b3b5e1 100644 --- a/api_docs/kbn_ml_trained_models_utils.mdx +++ b/api_docs/kbn_ml_trained_models_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-trained-models-utils title: "@kbn/ml-trained-models-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-trained-models-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-trained-models-utils'] --- import kbnMlTrainedModelsUtilsObj from './kbn_ml_trained_models_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_ui_actions.mdx b/api_docs/kbn_ml_ui_actions.mdx index 2c7d931ac857e..f209e0f35fe87 100644 --- a/api_docs/kbn_ml_ui_actions.mdx +++ b/api_docs/kbn_ml_ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-ui-actions title: "@kbn/ml-ui-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-ui-actions plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-ui-actions'] --- import kbnMlUiActionsObj from './kbn_ml_ui_actions.devdocs.json'; diff --git a/api_docs/kbn_ml_url_state.devdocs.json b/api_docs/kbn_ml_url_state.devdocs.json index b95b497f7b691..23d6834de272a 100644 --- a/api_docs/kbn_ml_url_state.devdocs.json +++ b/api_docs/kbn_ml_url_state.devdocs.json @@ -350,7 +350,15 @@ "\nHook for managing the URL state of the page." ], "signature": [ - "(pageKey: T[\"pageKey\"], defaultState?: T[\"pageUrlState\"] | undefined) => [T[\"pageUrlState\"], (update: Partial, replaceState?: boolean | undefined) => void, ", + "(pageKey: T[\"pageKey\"], defaultState?: T[\"pageUrlState\"] | undefined) => [T[\"pageUrlState\"], (update: Partial, replaceState?: boolean | undefined) => void, ", { "pluginId": "@kbn/ml-url-state", "scope": "common", @@ -492,6 +500,145 @@ } ], "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.ListingPageUrlState", + "type": "Interface", + "tags": [], + "label": "ListingPageUrlState", + "description": [], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.ListingPageUrlState.pageSize", + "type": "number", + "tags": [], + "label": "pageSize", + "description": [], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.ListingPageUrlState.pageIndex", + "type": "number", + "tags": [], + "label": "pageIndex", + "description": [], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.ListingPageUrlState.sortField", + "type": "string", + "tags": [], + "label": "sortField", + "description": [], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.ListingPageUrlState.sortDirection", + "type": "string", + "tags": [], + "label": "sortDirection", + "description": [], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.ListingPageUrlState.queryText", + "type": "string", + "tags": [], + "label": "queryText", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.ListingPageUrlState.showPerPageOptions", + "type": "CompoundType", + "tags": [], + "label": "showPerPageOptions", + "description": [], + "signature": [ + "boolean | undefined" + ], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.ListingPageUrlState.showAll", + "type": "CompoundType", + "tags": [], + "label": "showAll", + "description": [], + "signature": [ + "boolean | undefined" + ], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.PageUrlState", + "type": "Interface", + "tags": [], + "label": "PageUrlState", + "description": [], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.PageUrlState.pageKey", + "type": "string", + "tags": [], + "label": "pageKey", + "description": [], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/ml-url-state", + "id": "def-common.PageUrlState.pageUrlState", + "type": "Uncategorized", + "tags": [], + "label": "pageUrlState", + "description": [], + "signature": [ + "object" + ], + "path": "x-pack/packages/ml/url_state/src/url_state.tsx", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false } ], "enums": [], diff --git a/api_docs/kbn_ml_url_state.mdx b/api_docs/kbn_ml_url_state.mdx index b9b61ee9784a2..ec8cc0b5b229d 100644 --- a/api_docs/kbn_ml_url_state.mdx +++ b/api_docs/kbn_ml_url_state.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-url-state title: "@kbn/ml-url-state" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-url-state plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-url-state'] --- import kbnMlUrlStateObj from './kbn_ml_url_state.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) for questi | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 31 | 1 | 24 | 1 | +| 42 | 1 | 35 | 1 | ## Common diff --git a/api_docs/kbn_mock_idp_utils.mdx b/api_docs/kbn_mock_idp_utils.mdx index aa29bdf4504d8..42b4b0eb36c5d 100644 --- a/api_docs/kbn_mock_idp_utils.mdx +++ b/api_docs/kbn_mock_idp_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mock-idp-utils title: "@kbn/mock-idp-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mock-idp-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mock-idp-utils'] --- import kbnMockIdpUtilsObj from './kbn_mock_idp_utils.devdocs.json'; diff --git a/api_docs/kbn_monaco.devdocs.json b/api_docs/kbn_monaco.devdocs.json index 0b994bcbe89f2..4a8466768ac91 100644 --- a/api_docs/kbn_monaco.devdocs.json +++ b/api_docs/kbn_monaco.devdocs.json @@ -579,6 +579,21 @@ "deprecated": false, "trackAdoption": false }, + { + "parentPluginId": "@kbn/monaco", + "id": "def-common.LangModuleType.foldingRangeProvider", + "type": "Object", + "tags": [], + "label": "foldingRangeProvider", + "description": [], + "signature": [ + "languages", + ".FoldingRangeProvider | undefined" + ], + "path": "packages/kbn-monaco/src/types.ts", + "deprecated": false, + "trackAdoption": false + }, { "parentPluginId": "@kbn/monaco", "id": "def-common.LangModuleType.getSuggestionProvider", diff --git a/api_docs/kbn_monaco.mdx b/api_docs/kbn_monaco.mdx index 369d177bd61ea..77f0f3e059fa6 100644 --- a/api_docs/kbn_monaco.mdx +++ b/api_docs/kbn_monaco.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-monaco title: "@kbn/monaco" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/monaco plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/monaco'] --- import kbnMonacoObj from './kbn_monaco.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 122 | 0 | 122 | 3 | +| 123 | 0 | 123 | 3 | ## Common diff --git a/api_docs/kbn_object_versioning.mdx b/api_docs/kbn_object_versioning.mdx index 9c56b3b14d73a..48f88ad91dc83 100644 --- a/api_docs/kbn_object_versioning.mdx +++ b/api_docs/kbn_object_versioning.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning title: "@kbn/object-versioning" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning'] --- import kbnObjectVersioningObj from './kbn_object_versioning.devdocs.json'; diff --git a/api_docs/kbn_observability_alert_details.mdx b/api_docs/kbn_observability_alert_details.mdx index 5c7644c937bbe..f9bc13b08521e 100644 --- a/api_docs/kbn_observability_alert_details.mdx +++ b/api_docs/kbn_observability_alert_details.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alert-details title: "@kbn/observability-alert-details" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alert-details plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alert-details'] --- import kbnObservabilityAlertDetailsObj from './kbn_observability_alert_details.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_rule_utils.mdx b/api_docs/kbn_observability_alerting_rule_utils.mdx index b29c10aa12dbc..9f2c79b66ffca 100644 --- a/api_docs/kbn_observability_alerting_rule_utils.mdx +++ b/api_docs/kbn_observability_alerting_rule_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-rule-utils title: "@kbn/observability-alerting-rule-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-rule-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-rule-utils'] --- import kbnObservabilityAlertingRuleUtilsObj from './kbn_observability_alerting_rule_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_test_data.mdx b/api_docs/kbn_observability_alerting_test_data.mdx index fe19a3f2253e3..78334265b8785 100644 --- a/api_docs/kbn_observability_alerting_test_data.mdx +++ b/api_docs/kbn_observability_alerting_test_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-test-data title: "@kbn/observability-alerting-test-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-test-data plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-test-data'] --- import kbnObservabilityAlertingTestDataObj from './kbn_observability_alerting_test_data.devdocs.json'; diff --git a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx index 4642a9d0d6d89..52d60a7b0c0fc 100644 --- a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx +++ b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-get-padded-alert-time-range-util title: "@kbn/observability-get-padded-alert-time-range-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-get-padded-alert-time-range-util plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-get-padded-alert-time-range-util'] --- import kbnObservabilityGetPaddedAlertTimeRangeUtilObj from './kbn_observability_get_padded_alert_time_range_util.devdocs.json'; diff --git a/api_docs/kbn_openapi_bundler.mdx b/api_docs/kbn_openapi_bundler.mdx index 95941bca01ded..3768a52c138b9 100644 --- a/api_docs/kbn_openapi_bundler.mdx +++ b/api_docs/kbn_openapi_bundler.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-bundler title: "@kbn/openapi-bundler" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-bundler plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-bundler'] --- import kbnOpenapiBundlerObj from './kbn_openapi_bundler.devdocs.json'; diff --git a/api_docs/kbn_openapi_generator.mdx b/api_docs/kbn_openapi_generator.mdx index 3d098bf14dec8..c1e693425c72f 100644 --- a/api_docs/kbn_openapi_generator.mdx +++ b/api_docs/kbn_openapi_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-generator title: "@kbn/openapi-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-generator plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-generator'] --- import kbnOpenapiGeneratorObj from './kbn_openapi_generator.devdocs.json'; diff --git a/api_docs/kbn_optimizer.mdx b/api_docs/kbn_optimizer.mdx index a21f54efc6547..4b3fed916e339 100644 --- a/api_docs/kbn_optimizer.mdx +++ b/api_docs/kbn_optimizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer title: "@kbn/optimizer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer'] --- import kbnOptimizerObj from './kbn_optimizer.devdocs.json'; diff --git a/api_docs/kbn_optimizer_webpack_helpers.mdx b/api_docs/kbn_optimizer_webpack_helpers.mdx index 5ea2d0eaf103c..bca62a0e44c79 100644 --- a/api_docs/kbn_optimizer_webpack_helpers.mdx +++ b/api_docs/kbn_optimizer_webpack_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer-webpack-helpers title: "@kbn/optimizer-webpack-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer-webpack-helpers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer-webpack-helpers'] --- import kbnOptimizerWebpackHelpersObj from './kbn_optimizer_webpack_helpers.devdocs.json'; diff --git a/api_docs/kbn_osquery_io_ts_types.mdx b/api_docs/kbn_osquery_io_ts_types.mdx index 54d9b50b58e4a..6884b462d4918 100644 --- a/api_docs/kbn_osquery_io_ts_types.mdx +++ b/api_docs/kbn_osquery_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-osquery-io-ts-types title: "@kbn/osquery-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/osquery-io-ts-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/osquery-io-ts-types'] --- import kbnOsqueryIoTsTypesObj from './kbn_osquery_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_panel_loader.mdx b/api_docs/kbn_panel_loader.mdx index ef913cfce4e1a..73d1e03ba4fe0 100644 --- a/api_docs/kbn_panel_loader.mdx +++ b/api_docs/kbn_panel_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-panel-loader title: "@kbn/panel-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/panel-loader plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/panel-loader'] --- import kbnPanelLoaderObj from './kbn_panel_loader.devdocs.json'; diff --git a/api_docs/kbn_performance_testing_dataset_extractor.mdx b/api_docs/kbn_performance_testing_dataset_extractor.mdx index 2762897d06c1d..8fc05e2a106f9 100644 --- a/api_docs/kbn_performance_testing_dataset_extractor.mdx +++ b/api_docs/kbn_performance_testing_dataset_extractor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-performance-testing-dataset-extractor title: "@kbn/performance-testing-dataset-extractor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/performance-testing-dataset-extractor plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/performance-testing-dataset-extractor'] --- import kbnPerformanceTestingDatasetExtractorObj from './kbn_performance_testing_dataset_extractor.devdocs.json'; diff --git a/api_docs/kbn_plugin_check.mdx b/api_docs/kbn_plugin_check.mdx index e72c28bfb2679..3d00390084283 100644 --- a/api_docs/kbn_plugin_check.mdx +++ b/api_docs/kbn_plugin_check.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-check title: "@kbn/plugin-check" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-check plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-check'] --- import kbnPluginCheckObj from './kbn_plugin_check.devdocs.json'; diff --git a/api_docs/kbn_plugin_generator.mdx b/api_docs/kbn_plugin_generator.mdx index 803925ad3f52f..dff5ce53da2a2 100644 --- a/api_docs/kbn_plugin_generator.mdx +++ b/api_docs/kbn_plugin_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-generator title: "@kbn/plugin-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-generator plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-generator'] --- import kbnPluginGeneratorObj from './kbn_plugin_generator.devdocs.json'; diff --git a/api_docs/kbn_plugin_helpers.mdx b/api_docs/kbn_plugin_helpers.mdx index 2ec9f51859cf7..80f0b9ada7b80 100644 --- a/api_docs/kbn_plugin_helpers.mdx +++ b/api_docs/kbn_plugin_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-helpers title: "@kbn/plugin-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-helpers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-helpers'] --- import kbnPluginHelpersObj from './kbn_plugin_helpers.devdocs.json'; diff --git a/api_docs/kbn_presentation_containers.mdx b/api_docs/kbn_presentation_containers.mdx index 1b0ce40a12d4b..9b042fdfa01f2 100644 --- a/api_docs/kbn_presentation_containers.mdx +++ b/api_docs/kbn_presentation_containers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-containers title: "@kbn/presentation-containers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-containers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-containers'] --- import kbnPresentationContainersObj from './kbn_presentation_containers.devdocs.json'; diff --git a/api_docs/kbn_presentation_publishing.mdx b/api_docs/kbn_presentation_publishing.mdx index efd9c7415783b..f26dcf01b90b7 100644 --- a/api_docs/kbn_presentation_publishing.mdx +++ b/api_docs/kbn_presentation_publishing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-publishing title: "@kbn/presentation-publishing" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-publishing plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-publishing'] --- import kbnPresentationPublishingObj from './kbn_presentation_publishing.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kib | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 216 | 0 | 181 | 5 | +| 216 | 0 | 181 | 6 | ## Client diff --git a/api_docs/kbn_profiling_utils.mdx b/api_docs/kbn_profiling_utils.mdx index a8b07f4737936..ef1461090a162 100644 --- a/api_docs/kbn_profiling_utils.mdx +++ b/api_docs/kbn_profiling_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-profiling-utils title: "@kbn/profiling-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/profiling-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/profiling-utils'] --- import kbnProfilingUtilsObj from './kbn_profiling_utils.devdocs.json'; diff --git a/api_docs/kbn_random_sampling.mdx b/api_docs/kbn_random_sampling.mdx index 4df93606fe4f7..3a4e5facb195d 100644 --- a/api_docs/kbn_random_sampling.mdx +++ b/api_docs/kbn_random_sampling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-random-sampling title: "@kbn/random-sampling" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/random-sampling plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/random-sampling'] --- import kbnRandomSamplingObj from './kbn_random_sampling.devdocs.json'; diff --git a/api_docs/kbn_react_field.mdx b/api_docs/kbn_react_field.mdx index 7d15683ce3996..b4db182346dcc 100644 --- a/api_docs/kbn_react_field.mdx +++ b/api_docs/kbn_react_field.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-field title: "@kbn/react-field" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-field plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-field'] --- import kbnReactFieldObj from './kbn_react_field.devdocs.json'; diff --git a/api_docs/kbn_react_hooks.mdx b/api_docs/kbn_react_hooks.mdx index efdba8a23eb0e..663f33328e966 100644 --- a/api_docs/kbn_react_hooks.mdx +++ b/api_docs/kbn_react_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-hooks title: "@kbn/react-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-hooks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-hooks'] --- import kbnReactHooksObj from './kbn_react_hooks.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_common.mdx b/api_docs/kbn_react_kibana_context_common.mdx index 1b9d38befd97a..dbee79a200bfa 100644 --- a/api_docs/kbn_react_kibana_context_common.mdx +++ b/api_docs/kbn_react_kibana_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-common title: "@kbn/react-kibana-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-common'] --- import kbnReactKibanaContextCommonObj from './kbn_react_kibana_context_common.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_render.mdx b/api_docs/kbn_react_kibana_context_render.mdx index b5ac0b5ea1867..21393fb1bbffa 100644 --- a/api_docs/kbn_react_kibana_context_render.mdx +++ b/api_docs/kbn_react_kibana_context_render.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-render title: "@kbn/react-kibana-context-render" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-render plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-render'] --- import kbnReactKibanaContextRenderObj from './kbn_react_kibana_context_render.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_root.mdx b/api_docs/kbn_react_kibana_context_root.mdx index 725f46b126794..3620fb16659f2 100644 --- a/api_docs/kbn_react_kibana_context_root.mdx +++ b/api_docs/kbn_react_kibana_context_root.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-root title: "@kbn/react-kibana-context-root" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-root plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-root'] --- import kbnReactKibanaContextRootObj from './kbn_react_kibana_context_root.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_styled.mdx b/api_docs/kbn_react_kibana_context_styled.mdx index c727d96de1f4f..370029428d144 100644 --- a/api_docs/kbn_react_kibana_context_styled.mdx +++ b/api_docs/kbn_react_kibana_context_styled.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-styled title: "@kbn/react-kibana-context-styled" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-styled plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-styled'] --- import kbnReactKibanaContextStyledObj from './kbn_react_kibana_context_styled.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_theme.mdx b/api_docs/kbn_react_kibana_context_theme.mdx index b6bb3234d1b24..79f459b09077a 100644 --- a/api_docs/kbn_react_kibana_context_theme.mdx +++ b/api_docs/kbn_react_kibana_context_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-theme title: "@kbn/react-kibana-context-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-theme plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-theme'] --- import kbnReactKibanaContextThemeObj from './kbn_react_kibana_context_theme.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_mount.mdx b/api_docs/kbn_react_kibana_mount.mdx index 0522e8f31f515..4ed4ebd48f412 100644 --- a/api_docs/kbn_react_kibana_mount.mdx +++ b/api_docs/kbn_react_kibana_mount.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-mount title: "@kbn/react-kibana-mount" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-mount plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-mount'] --- import kbnReactKibanaMountObj from './kbn_react_kibana_mount.devdocs.json'; diff --git a/api_docs/kbn_recently_accessed.mdx b/api_docs/kbn_recently_accessed.mdx index 8206a9d368fc0..34fb928683ba7 100644 --- a/api_docs/kbn_recently_accessed.mdx +++ b/api_docs/kbn_recently_accessed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-recently-accessed title: "@kbn/recently-accessed" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/recently-accessed plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/recently-accessed'] --- import kbnRecentlyAccessedObj from './kbn_recently_accessed.devdocs.json'; diff --git a/api_docs/kbn_repo_file_maps.mdx b/api_docs/kbn_repo_file_maps.mdx index 4635bea4cdf19..f850f06b14040 100644 --- a/api_docs/kbn_repo_file_maps.mdx +++ b/api_docs/kbn_repo_file_maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-file-maps title: "@kbn/repo-file-maps" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-file-maps plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-file-maps'] --- import kbnRepoFileMapsObj from './kbn_repo_file_maps.devdocs.json'; diff --git a/api_docs/kbn_repo_linter.mdx b/api_docs/kbn_repo_linter.mdx index 0709db9f707af..f9b1708b8fbd6 100644 --- a/api_docs/kbn_repo_linter.mdx +++ b/api_docs/kbn_repo_linter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-linter title: "@kbn/repo-linter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-linter plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-linter'] --- import kbnRepoLinterObj from './kbn_repo_linter.devdocs.json'; diff --git a/api_docs/kbn_repo_path.mdx b/api_docs/kbn_repo_path.mdx index b7ad07d4fd94f..b92ddbf5afe19 100644 --- a/api_docs/kbn_repo_path.mdx +++ b/api_docs/kbn_repo_path.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-path title: "@kbn/repo-path" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-path plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-path'] --- import kbnRepoPathObj from './kbn_repo_path.devdocs.json'; diff --git a/api_docs/kbn_repo_source_classifier.mdx b/api_docs/kbn_repo_source_classifier.mdx index 60e9e15acd993..be831af64c033 100644 --- a/api_docs/kbn_repo_source_classifier.mdx +++ b/api_docs/kbn_repo_source_classifier.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-source-classifier title: "@kbn/repo-source-classifier" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-source-classifier plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-source-classifier'] --- import kbnRepoSourceClassifierObj from './kbn_repo_source_classifier.devdocs.json'; diff --git a/api_docs/kbn_reporting_common.mdx b/api_docs/kbn_reporting_common.mdx index 5102a65520ce7..cbb1be25f5c45 100644 --- a/api_docs/kbn_reporting_common.mdx +++ b/api_docs/kbn_reporting_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-common title: "@kbn/reporting-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-common'] --- import kbnReportingCommonObj from './kbn_reporting_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_csv_share_panel.mdx b/api_docs/kbn_reporting_csv_share_panel.mdx index 238ce47bc9199..68f45ab666d18 100644 --- a/api_docs/kbn_reporting_csv_share_panel.mdx +++ b/api_docs/kbn_reporting_csv_share_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-csv-share-panel title: "@kbn/reporting-csv-share-panel" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-csv-share-panel plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-csv-share-panel'] --- import kbnReportingCsvSharePanelObj from './kbn_reporting_csv_share_panel.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv.mdx b/api_docs/kbn_reporting_export_types_csv.mdx index b93450c82dcc3..d262b929ea70c 100644 --- a/api_docs/kbn_reporting_export_types_csv.mdx +++ b/api_docs/kbn_reporting_export_types_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv title: "@kbn/reporting-export-types-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv'] --- import kbnReportingExportTypesCsvObj from './kbn_reporting_export_types_csv.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv_common.mdx b/api_docs/kbn_reporting_export_types_csv_common.mdx index addae41645ddc..badbf0d56efe4 100644 --- a/api_docs/kbn_reporting_export_types_csv_common.mdx +++ b/api_docs/kbn_reporting_export_types_csv_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv-common title: "@kbn/reporting-export-types-csv-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv-common'] --- import kbnReportingExportTypesCsvCommonObj from './kbn_reporting_export_types_csv_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf.mdx b/api_docs/kbn_reporting_export_types_pdf.mdx index 2877e414785a5..0675d9a7a5f55 100644 --- a/api_docs/kbn_reporting_export_types_pdf.mdx +++ b/api_docs/kbn_reporting_export_types_pdf.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf title: "@kbn/reporting-export-types-pdf" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf'] --- import kbnReportingExportTypesPdfObj from './kbn_reporting_export_types_pdf.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf_common.mdx b/api_docs/kbn_reporting_export_types_pdf_common.mdx index a46a02801058a..71dfafe2de7ef 100644 --- a/api_docs/kbn_reporting_export_types_pdf_common.mdx +++ b/api_docs/kbn_reporting_export_types_pdf_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf-common title: "@kbn/reporting-export-types-pdf-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf-common'] --- import kbnReportingExportTypesPdfCommonObj from './kbn_reporting_export_types_pdf_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png.mdx b/api_docs/kbn_reporting_export_types_png.mdx index 1ce180808a78c..21364a0070dbb 100644 --- a/api_docs/kbn_reporting_export_types_png.mdx +++ b/api_docs/kbn_reporting_export_types_png.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png title: "@kbn/reporting-export-types-png" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png'] --- import kbnReportingExportTypesPngObj from './kbn_reporting_export_types_png.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png_common.mdx b/api_docs/kbn_reporting_export_types_png_common.mdx index 71a6ecebe24aa..a98e70ed32022 100644 --- a/api_docs/kbn_reporting_export_types_png_common.mdx +++ b/api_docs/kbn_reporting_export_types_png_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png-common title: "@kbn/reporting-export-types-png-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png-common'] --- import kbnReportingExportTypesPngCommonObj from './kbn_reporting_export_types_png_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_mocks_server.mdx b/api_docs/kbn_reporting_mocks_server.mdx index da66dad2c1ea3..0b0f1972e456d 100644 --- a/api_docs/kbn_reporting_mocks_server.mdx +++ b/api_docs/kbn_reporting_mocks_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-mocks-server title: "@kbn/reporting-mocks-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-mocks-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-mocks-server'] --- import kbnReportingMocksServerObj from './kbn_reporting_mocks_server.devdocs.json'; diff --git a/api_docs/kbn_reporting_public.mdx b/api_docs/kbn_reporting_public.mdx index 4a3422d78bb48..20398726244f3 100644 --- a/api_docs/kbn_reporting_public.mdx +++ b/api_docs/kbn_reporting_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-public title: "@kbn/reporting-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-public plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-public'] --- import kbnReportingPublicObj from './kbn_reporting_public.devdocs.json'; diff --git a/api_docs/kbn_reporting_server.mdx b/api_docs/kbn_reporting_server.mdx index ec3feab617d8e..c5e44903dcba2 100644 --- a/api_docs/kbn_reporting_server.mdx +++ b/api_docs/kbn_reporting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-server title: "@kbn/reporting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-server'] --- import kbnReportingServerObj from './kbn_reporting_server.devdocs.json'; diff --git a/api_docs/kbn_resizable_layout.mdx b/api_docs/kbn_resizable_layout.mdx index c3b630715865e..1f60f48b68fc1 100644 --- a/api_docs/kbn_resizable_layout.mdx +++ b/api_docs/kbn_resizable_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-resizable-layout title: "@kbn/resizable-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/resizable-layout plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/resizable-layout'] --- import kbnResizableLayoutObj from './kbn_resizable_layout.devdocs.json'; diff --git a/api_docs/kbn_response_ops_feature_flag_service.mdx b/api_docs/kbn_response_ops_feature_flag_service.mdx index 85a28070c727d..8833e8ad8f42b 100644 --- a/api_docs/kbn_response_ops_feature_flag_service.mdx +++ b/api_docs/kbn_response_ops_feature_flag_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-response-ops-feature-flag-service title: "@kbn/response-ops-feature-flag-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/response-ops-feature-flag-service plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/response-ops-feature-flag-service'] --- import kbnResponseOpsFeatureFlagServiceObj from './kbn_response_ops_feature_flag_service.devdocs.json'; diff --git a/api_docs/kbn_rison.mdx b/api_docs/kbn_rison.mdx index 2c7f6a76ae252..0207c052f3bf2 100644 --- a/api_docs/kbn_rison.mdx +++ b/api_docs/kbn_rison.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rison title: "@kbn/rison" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rison plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rison'] --- import kbnRisonObj from './kbn_rison.devdocs.json'; diff --git a/api_docs/kbn_rollup.mdx b/api_docs/kbn_rollup.mdx index 9918363ca5ee6..77327e9ffc837 100644 --- a/api_docs/kbn_rollup.mdx +++ b/api_docs/kbn_rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rollup title: "@kbn/rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rollup plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rollup'] --- import kbnRollupObj from './kbn_rollup.devdocs.json'; diff --git a/api_docs/kbn_router_to_openapispec.mdx b/api_docs/kbn_router_to_openapispec.mdx index ed6878841de18..1e4761be96b86 100644 --- a/api_docs/kbn_router_to_openapispec.mdx +++ b/api_docs/kbn_router_to_openapispec.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-to-openapispec title: "@kbn/router-to-openapispec" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-to-openapispec plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-to-openapispec'] --- import kbnRouterToOpenapispecObj from './kbn_router_to_openapispec.devdocs.json'; diff --git a/api_docs/kbn_router_utils.mdx b/api_docs/kbn_router_utils.mdx index d6d01f09ea863..501b39252edff 100644 --- a/api_docs/kbn_router_utils.mdx +++ b/api_docs/kbn_router_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-utils title: "@kbn/router-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-utils'] --- import kbnRouterUtilsObj from './kbn_router_utils.devdocs.json'; diff --git a/api_docs/kbn_rrule.mdx b/api_docs/kbn_rrule.mdx index 1102b37b4a905..681362ff12970 100644 --- a/api_docs/kbn_rrule.mdx +++ b/api_docs/kbn_rrule.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rrule title: "@kbn/rrule" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rrule plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rrule'] --- import kbnRruleObj from './kbn_rrule.devdocs.json'; diff --git a/api_docs/kbn_rule_data_utils.mdx b/api_docs/kbn_rule_data_utils.mdx index 69ebf79710e81..f467633000031 100644 --- a/api_docs/kbn_rule_data_utils.mdx +++ b/api_docs/kbn_rule_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rule-data-utils title: "@kbn/rule-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rule-data-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rule-data-utils'] --- import kbnRuleDataUtilsObj from './kbn_rule_data_utils.devdocs.json'; diff --git a/api_docs/kbn_saved_objects_settings.mdx b/api_docs/kbn_saved_objects_settings.mdx index 3cafae7e5e1b6..836d9c0c77b17 100644 --- a/api_docs/kbn_saved_objects_settings.mdx +++ b/api_docs/kbn_saved_objects_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-saved-objects-settings title: "@kbn/saved-objects-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/saved-objects-settings plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/saved-objects-settings'] --- import kbnSavedObjectsSettingsObj from './kbn_saved_objects_settings.devdocs.json'; diff --git a/api_docs/kbn_search_api_panels.mdx b/api_docs/kbn_search_api_panels.mdx index f395f2636ef25..c9507c1afe5e0 100644 --- a/api_docs/kbn_search_api_panels.mdx +++ b/api_docs/kbn_search_api_panels.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-panels title: "@kbn/search-api-panels" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-panels plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-panels'] --- import kbnSearchApiPanelsObj from './kbn_search_api_panels.devdocs.json'; diff --git a/api_docs/kbn_search_connectors.mdx b/api_docs/kbn_search_connectors.mdx index e2aa19d4040a9..d479a2e60045c 100644 --- a/api_docs/kbn_search_connectors.mdx +++ b/api_docs/kbn_search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-connectors title: "@kbn/search-connectors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-connectors plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-connectors'] --- import kbnSearchConnectorsObj from './kbn_search_connectors.devdocs.json'; diff --git a/api_docs/kbn_search_errors.mdx b/api_docs/kbn_search_errors.mdx index 0fbdb6bb30cab..56522a7e4b746 100644 --- a/api_docs/kbn_search_errors.mdx +++ b/api_docs/kbn_search_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-errors title: "@kbn/search-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-errors plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-errors'] --- import kbnSearchErrorsObj from './kbn_search_errors.devdocs.json'; diff --git a/api_docs/kbn_search_index_documents.mdx b/api_docs/kbn_search_index_documents.mdx index c7ce215eadaae..643755f85ecec 100644 --- a/api_docs/kbn_search_index_documents.mdx +++ b/api_docs/kbn_search_index_documents.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-index-documents title: "@kbn/search-index-documents" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-index-documents plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-index-documents'] --- import kbnSearchIndexDocumentsObj from './kbn_search_index_documents.devdocs.json'; diff --git a/api_docs/kbn_search_response_warnings.mdx b/api_docs/kbn_search_response_warnings.mdx index 297b7a61513db..4f8df22d09e8b 100644 --- a/api_docs/kbn_search_response_warnings.mdx +++ b/api_docs/kbn_search_response_warnings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-response-warnings title: "@kbn/search-response-warnings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-response-warnings plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-response-warnings'] --- import kbnSearchResponseWarningsObj from './kbn_search_response_warnings.devdocs.json'; diff --git a/api_docs/kbn_search_types.mdx b/api_docs/kbn_search_types.mdx index 8f78a3e69b386..9d7d0419e87de 100644 --- a/api_docs/kbn_search_types.mdx +++ b/api_docs/kbn_search_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-types title: "@kbn/search-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-types'] --- import kbnSearchTypesObj from './kbn_search_types.devdocs.json'; diff --git a/api_docs/kbn_security_api_key_management.mdx b/api_docs/kbn_security_api_key_management.mdx index 9a1448a7426bc..31dd3ce433fd5 100644 --- a/api_docs/kbn_security_api_key_management.mdx +++ b/api_docs/kbn_security_api_key_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-api-key-management title: "@kbn/security-api-key-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-api-key-management plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-api-key-management'] --- import kbnSecurityApiKeyManagementObj from './kbn_security_api_key_management.devdocs.json'; diff --git a/api_docs/kbn_security_form_components.mdx b/api_docs/kbn_security_form_components.mdx index bc18bd4d31bd7..7b107a0561b2b 100644 --- a/api_docs/kbn_security_form_components.mdx +++ b/api_docs/kbn_security_form_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-form-components title: "@kbn/security-form-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-form-components plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-form-components'] --- import kbnSecurityFormComponentsObj from './kbn_security_form_components.devdocs.json'; diff --git a/api_docs/kbn_security_hardening.mdx b/api_docs/kbn_security_hardening.mdx index 4764760faed17..2446680a0ac7f 100644 --- a/api_docs/kbn_security_hardening.mdx +++ b/api_docs/kbn_security_hardening.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-hardening title: "@kbn/security-hardening" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-hardening plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-hardening'] --- import kbnSecurityHardeningObj from './kbn_security_hardening.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_common.mdx b/api_docs/kbn_security_plugin_types_common.mdx index d86bfe29b129b..ba64ff37f7114 100644 --- a/api_docs/kbn_security_plugin_types_common.mdx +++ b/api_docs/kbn_security_plugin_types_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-common title: "@kbn/security-plugin-types-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-common plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-common'] --- import kbnSecurityPluginTypesCommonObj from './kbn_security_plugin_types_common.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_public.mdx b/api_docs/kbn_security_plugin_types_public.mdx index 8790206c8dc29..5ac79e29f801d 100644 --- a/api_docs/kbn_security_plugin_types_public.mdx +++ b/api_docs/kbn_security_plugin_types_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-public title: "@kbn/security-plugin-types-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-public plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-public'] --- import kbnSecurityPluginTypesPublicObj from './kbn_security_plugin_types_public.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_server.mdx b/api_docs/kbn_security_plugin_types_server.mdx index 4c1463ab67c49..8cb38d693b598 100644 --- a/api_docs/kbn_security_plugin_types_server.mdx +++ b/api_docs/kbn_security_plugin_types_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-server title: "@kbn/security-plugin-types-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-server plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-server'] --- import kbnSecurityPluginTypesServerObj from './kbn_security_plugin_types_server.devdocs.json'; diff --git a/api_docs/kbn_security_solution_distribution_bar.mdx b/api_docs/kbn_security_solution_distribution_bar.mdx index 84306527d8f96..6571c64bcf177 100644 --- a/api_docs/kbn_security_solution_distribution_bar.mdx +++ b/api_docs/kbn_security_solution_distribution_bar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-distribution-bar title: "@kbn/security-solution-distribution-bar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-distribution-bar plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-distribution-bar'] --- import kbnSecuritySolutionDistributionBarObj from './kbn_security_solution_distribution_bar.devdocs.json'; diff --git a/api_docs/kbn_security_solution_features.devdocs.json b/api_docs/kbn_security_solution_features.devdocs.json index 2d455423f1ffd..e0e229df45a39 100644 --- a/api_docs/kbn_security_solution_features.devdocs.json +++ b/api_docs/kbn_security_solution_features.devdocs.json @@ -221,7 +221,9 @@ " | ", "ProductFeatureCasesKey", " | ", - "ProductFeatureAssistantKey" + "ProductFeatureAssistantKey", + " | ", + "ProductFeatureAttackDiscoveryKey" ], "path": "x-pack/packages/security-solution/features/src/product_features_keys.ts", "deprecated": false, @@ -301,6 +303,31 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/security-solution-features", + "id": "def-common.ProductFeaturesAttackDiscoveryConfig", + "type": "Type", + "tags": [], + "label": "ProductFeaturesAttackDiscoveryConfig", + "description": [], + "signature": [ + "Map<", + "ProductFeatureAttackDiscoveryKey", + ", ", + { + "pluginId": "@kbn/security-solution-features", + "scope": "common", + "docId": "kibKbnSecuritySolutionFeaturesPluginApi", + "section": "def-common.ProductFeatureKibanaConfig", + "text": "ProductFeatureKibanaConfig" + }, + ">" + ], + "path": "x-pack/packages/security-solution/features/src/types.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/security-solution-features", "id": "def-common.ProductFeaturesCasesConfig", diff --git a/api_docs/kbn_security_solution_features.mdx b/api_docs/kbn_security_solution_features.mdx index 4308bf935f15c..ee34f2615387b 100644 --- a/api_docs/kbn_security_solution_features.mdx +++ b/api_docs/kbn_security_solution_features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-features title: "@kbn/security-solution-features" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-features plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-features'] --- import kbnSecuritySolutionFeaturesObj from './kbn_security_solution_features.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/security-threat-hunting-explore](https://github.com/orgs/elast | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 14 | 0 | 14 | 6 | +| 15 | 0 | 15 | 7 | ## Common diff --git a/api_docs/kbn_security_solution_navigation.mdx b/api_docs/kbn_security_solution_navigation.mdx index 8d093c91addea..d9cd293372f44 100644 --- a/api_docs/kbn_security_solution_navigation.mdx +++ b/api_docs/kbn_security_solution_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-navigation title: "@kbn/security-solution-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-navigation plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-navigation'] --- import kbnSecuritySolutionNavigationObj from './kbn_security_solution_navigation.devdocs.json'; diff --git a/api_docs/kbn_security_solution_side_nav.mdx b/api_docs/kbn_security_solution_side_nav.mdx index 012a9956a3c05..1f3129ecb1c8d 100644 --- a/api_docs/kbn_security_solution_side_nav.mdx +++ b/api_docs/kbn_security_solution_side_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-side-nav title: "@kbn/security-solution-side-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-side-nav plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-side-nav'] --- import kbnSecuritySolutionSideNavObj from './kbn_security_solution_side_nav.devdocs.json'; diff --git a/api_docs/kbn_security_solution_storybook_config.mdx b/api_docs/kbn_security_solution_storybook_config.mdx index 20c76925299bb..916c02489043e 100644 --- a/api_docs/kbn_security_solution_storybook_config.mdx +++ b/api_docs/kbn_security_solution_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-storybook-config title: "@kbn/security-solution-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-storybook-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-storybook-config'] --- import kbnSecuritySolutionStorybookConfigObj from './kbn_security_solution_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_autocomplete.mdx b/api_docs/kbn_securitysolution_autocomplete.mdx index 0f4221b192334..eae4ecc692e76 100644 --- a/api_docs/kbn_securitysolution_autocomplete.mdx +++ b/api_docs/kbn_securitysolution_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-autocomplete title: "@kbn/securitysolution-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-autocomplete plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-autocomplete'] --- import kbnSecuritysolutionAutocompleteObj from './kbn_securitysolution_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_data_table.mdx b/api_docs/kbn_securitysolution_data_table.mdx index 86c1dee74838d..e389ce4bf36af 100644 --- a/api_docs/kbn_securitysolution_data_table.mdx +++ b/api_docs/kbn_securitysolution_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-data-table title: "@kbn/securitysolution-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-data-table plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-data-table'] --- import kbnSecuritysolutionDataTableObj from './kbn_securitysolution_data_table.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_ecs.mdx b/api_docs/kbn_securitysolution_ecs.mdx index c9432292e68d1..3e35d8a1ed095 100644 --- a/api_docs/kbn_securitysolution_ecs.mdx +++ b/api_docs/kbn_securitysolution_ecs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-ecs title: "@kbn/securitysolution-ecs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-ecs plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-ecs'] --- import kbnSecuritysolutionEcsObj from './kbn_securitysolution_ecs.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_es_utils.mdx b/api_docs/kbn_securitysolution_es_utils.mdx index 6ad15ef2719db..007a3a4d78df0 100644 --- a/api_docs/kbn_securitysolution_es_utils.mdx +++ b/api_docs/kbn_securitysolution_es_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-es-utils title: "@kbn/securitysolution-es-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-es-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-es-utils'] --- import kbnSecuritysolutionEsUtilsObj from './kbn_securitysolution_es_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_exception_list_components.mdx b/api_docs/kbn_securitysolution_exception_list_components.mdx index 35790905e1542..54d439d87bf77 100644 --- a/api_docs/kbn_securitysolution_exception_list_components.mdx +++ b/api_docs/kbn_securitysolution_exception_list_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-exception-list-components title: "@kbn/securitysolution-exception-list-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-exception-list-components plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-exception-list-components'] --- import kbnSecuritysolutionExceptionListComponentsObj from './kbn_securitysolution_exception_list_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_hook_utils.mdx b/api_docs/kbn_securitysolution_hook_utils.mdx index 5de1901cad561..5198750974cfb 100644 --- a/api_docs/kbn_securitysolution_hook_utils.mdx +++ b/api_docs/kbn_securitysolution_hook_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-hook-utils title: "@kbn/securitysolution-hook-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-hook-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-hook-utils'] --- import kbnSecuritysolutionHookUtilsObj from './kbn_securitysolution_hook_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx index 3857fa142ec14..da8a8fa7a449a 100644 --- a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-alerting-types title: "@kbn/securitysolution-io-ts-alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-alerting-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-alerting-types'] --- import kbnSecuritysolutionIoTsAlertingTypesObj from './kbn_securitysolution_io_ts_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_list_types.mdx b/api_docs/kbn_securitysolution_io_ts_list_types.mdx index 35b244f4cddfa..31670e37a59b0 100644 --- a/api_docs/kbn_securitysolution_io_ts_list_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_list_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-list-types title: "@kbn/securitysolution-io-ts-list-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-list-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-list-types'] --- import kbnSecuritysolutionIoTsListTypesObj from './kbn_securitysolution_io_ts_list_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_types.mdx b/api_docs/kbn_securitysolution_io_ts_types.mdx index c8cda9ac0357c..1c9d3bdf700d0 100644 --- a/api_docs/kbn_securitysolution_io_ts_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-types title: "@kbn/securitysolution-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-types'] --- import kbnSecuritysolutionIoTsTypesObj from './kbn_securitysolution_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_utils.mdx b/api_docs/kbn_securitysolution_io_ts_utils.mdx index c9e703c9b01a3..ff5bf580681bb 100644 --- a/api_docs/kbn_securitysolution_io_ts_utils.mdx +++ b/api_docs/kbn_securitysolution_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-utils title: "@kbn/securitysolution-io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-utils'] --- import kbnSecuritysolutionIoTsUtilsObj from './kbn_securitysolution_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_api.mdx b/api_docs/kbn_securitysolution_list_api.mdx index 36fdb16633c09..a949349d9f995 100644 --- a/api_docs/kbn_securitysolution_list_api.mdx +++ b/api_docs/kbn_securitysolution_list_api.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-api title: "@kbn/securitysolution-list-api" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-api plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-api'] --- import kbnSecuritysolutionListApiObj from './kbn_securitysolution_list_api.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_constants.mdx b/api_docs/kbn_securitysolution_list_constants.mdx index ffa8e7cb2bcca..eac9f4a558a29 100644 --- a/api_docs/kbn_securitysolution_list_constants.mdx +++ b/api_docs/kbn_securitysolution_list_constants.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-constants title: "@kbn/securitysolution-list-constants" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-constants plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-constants'] --- import kbnSecuritysolutionListConstantsObj from './kbn_securitysolution_list_constants.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_hooks.mdx b/api_docs/kbn_securitysolution_list_hooks.mdx index de68f625d2e2c..320bcd4c66f04 100644 --- a/api_docs/kbn_securitysolution_list_hooks.mdx +++ b/api_docs/kbn_securitysolution_list_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-hooks title: "@kbn/securitysolution-list-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-hooks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-hooks'] --- import kbnSecuritysolutionListHooksObj from './kbn_securitysolution_list_hooks.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_utils.mdx b/api_docs/kbn_securitysolution_list_utils.mdx index 2769d4705317f..56d65a8d56103 100644 --- a/api_docs/kbn_securitysolution_list_utils.mdx +++ b/api_docs/kbn_securitysolution_list_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-utils title: "@kbn/securitysolution-list-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-utils'] --- import kbnSecuritysolutionListUtilsObj from './kbn_securitysolution_list_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_rules.mdx b/api_docs/kbn_securitysolution_rules.mdx index 43114efc8fabb..5044452d0088a 100644 --- a/api_docs/kbn_securitysolution_rules.mdx +++ b/api_docs/kbn_securitysolution_rules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-rules title: "@kbn/securitysolution-rules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-rules plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-rules'] --- import kbnSecuritysolutionRulesObj from './kbn_securitysolution_rules.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_t_grid.mdx b/api_docs/kbn_securitysolution_t_grid.mdx index 4f333eb9c8742..13850320795ab 100644 --- a/api_docs/kbn_securitysolution_t_grid.mdx +++ b/api_docs/kbn_securitysolution_t_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-t-grid title: "@kbn/securitysolution-t-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-t-grid plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-t-grid'] --- import kbnSecuritysolutionTGridObj from './kbn_securitysolution_t_grid.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_utils.mdx b/api_docs/kbn_securitysolution_utils.mdx index dc1f1d5389ba5..d11a7928549db 100644 --- a/api_docs/kbn_securitysolution_utils.mdx +++ b/api_docs/kbn_securitysolution_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-utils title: "@kbn/securitysolution-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-utils'] --- import kbnSecuritysolutionUtilsObj from './kbn_securitysolution_utils.devdocs.json'; diff --git a/api_docs/kbn_server_http_tools.mdx b/api_docs/kbn_server_http_tools.mdx index 88e2a34879c4e..aecd39fd64e43 100644 --- a/api_docs/kbn_server_http_tools.mdx +++ b/api_docs/kbn_server_http_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-http-tools title: "@kbn/server-http-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-http-tools plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-http-tools'] --- import kbnServerHttpToolsObj from './kbn_server_http_tools.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository.mdx b/api_docs/kbn_server_route_repository.mdx index 0375afa2ce106..bd3158eb90c7f 100644 --- a/api_docs/kbn_server_route_repository.mdx +++ b/api_docs/kbn_server_route_repository.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository title: "@kbn/server-route-repository" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository'] --- import kbnServerRouteRepositoryObj from './kbn_server_route_repository.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_client.mdx b/api_docs/kbn_server_route_repository_client.mdx index 5b8dfb615d880..367bdd85f9549 100644 --- a/api_docs/kbn_server_route_repository_client.mdx +++ b/api_docs/kbn_server_route_repository_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-client title: "@kbn/server-route-repository-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-client plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-client'] --- import kbnServerRouteRepositoryClientObj from './kbn_server_route_repository_client.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_utils.mdx b/api_docs/kbn_server_route_repository_utils.mdx index b8846764b7fc0..dcd94174422f4 100644 --- a/api_docs/kbn_server_route_repository_utils.mdx +++ b/api_docs/kbn_server_route_repository_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-utils title: "@kbn/server-route-repository-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-utils'] --- import kbnServerRouteRepositoryUtilsObj from './kbn_server_route_repository_utils.devdocs.json'; diff --git a/api_docs/kbn_serverless_common_settings.mdx b/api_docs/kbn_serverless_common_settings.mdx index c4d323a5b831c..3c21b08f5a75c 100644 --- a/api_docs/kbn_serverless_common_settings.mdx +++ b/api_docs/kbn_serverless_common_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-common-settings title: "@kbn/serverless-common-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-common-settings plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-common-settings'] --- import kbnServerlessCommonSettingsObj from './kbn_serverless_common_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_observability_settings.mdx b/api_docs/kbn_serverless_observability_settings.mdx index 3d882cfb6bb5f..fb9b0e392995d 100644 --- a/api_docs/kbn_serverless_observability_settings.mdx +++ b/api_docs/kbn_serverless_observability_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-observability-settings title: "@kbn/serverless-observability-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-observability-settings plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-observability-settings'] --- import kbnServerlessObservabilitySettingsObj from './kbn_serverless_observability_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_project_switcher.mdx b/api_docs/kbn_serverless_project_switcher.mdx index 39f3785ccf59e..b950eb5869cc5 100644 --- a/api_docs/kbn_serverless_project_switcher.mdx +++ b/api_docs/kbn_serverless_project_switcher.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-project-switcher title: "@kbn/serverless-project-switcher" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-project-switcher plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-project-switcher'] --- import kbnServerlessProjectSwitcherObj from './kbn_serverless_project_switcher.devdocs.json'; diff --git a/api_docs/kbn_serverless_search_settings.mdx b/api_docs/kbn_serverless_search_settings.mdx index 03cf188278615..b95e0c42d5d46 100644 --- a/api_docs/kbn_serverless_search_settings.mdx +++ b/api_docs/kbn_serverless_search_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-search-settings title: "@kbn/serverless-search-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-search-settings plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-search-settings'] --- import kbnServerlessSearchSettingsObj from './kbn_serverless_search_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_security_settings.mdx b/api_docs/kbn_serverless_security_settings.mdx index 420540c09dcc6..5413cc31c8f9f 100644 --- a/api_docs/kbn_serverless_security_settings.mdx +++ b/api_docs/kbn_serverless_security_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-security-settings title: "@kbn/serverless-security-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-security-settings plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-security-settings'] --- import kbnServerlessSecuritySettingsObj from './kbn_serverless_security_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_storybook_config.mdx b/api_docs/kbn_serverless_storybook_config.mdx index 5f60d42d03b56..6126004bbd438 100644 --- a/api_docs/kbn_serverless_storybook_config.mdx +++ b/api_docs/kbn_serverless_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-storybook-config title: "@kbn/serverless-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-storybook-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-storybook-config'] --- import kbnServerlessStorybookConfigObj from './kbn_serverless_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_svg.mdx b/api_docs/kbn_shared_svg.mdx index 2262549b890c3..5a8234ff4195a 100644 --- a/api_docs/kbn_shared_svg.mdx +++ b/api_docs/kbn_shared_svg.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-svg title: "@kbn/shared-svg" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-svg plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-svg'] --- import kbnSharedSvgObj from './kbn_shared_svg.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_avatar_solution.mdx b/api_docs/kbn_shared_ux_avatar_solution.mdx index a5ecb221cf4fe..f5bd1bf883643 100644 --- a/api_docs/kbn_shared_ux_avatar_solution.mdx +++ b/api_docs/kbn_shared_ux_avatar_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-avatar-solution title: "@kbn/shared-ux-avatar-solution" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-avatar-solution plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-avatar-solution'] --- import kbnSharedUxAvatarSolutionObj from './kbn_shared_ux_avatar_solution.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx index 8285e8d47958f..604dc3903d1f4 100644 --- a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx +++ b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-exit-full-screen title: "@kbn/shared-ux-button-exit-full-screen" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-exit-full-screen plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-exit-full-screen'] --- import kbnSharedUxButtonExitFullScreenObj from './kbn_shared_ux_button_exit_full_screen.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_toolbar.mdx b/api_docs/kbn_shared_ux_button_toolbar.mdx index 3d6be8a3c163f..ddbbd8dbd4f29 100644 --- a/api_docs/kbn_shared_ux_button_toolbar.mdx +++ b/api_docs/kbn_shared_ux_button_toolbar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-toolbar title: "@kbn/shared-ux-button-toolbar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-toolbar plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-toolbar'] --- import kbnSharedUxButtonToolbarObj from './kbn_shared_ux_button_toolbar.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data.mdx b/api_docs/kbn_shared_ux_card_no_data.mdx index 7f4b52b7bcac6..445b6932f3b7e 100644 --- a/api_docs/kbn_shared_ux_card_no_data.mdx +++ b/api_docs/kbn_shared_ux_card_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data title: "@kbn/shared-ux-card-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data'] --- import kbnSharedUxCardNoDataObj from './kbn_shared_ux_card_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx index 3098d39bce5df..c547be6fe638c 100644 --- a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data-mocks title: "@kbn/shared-ux-card-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data-mocks'] --- import kbnSharedUxCardNoDataMocksObj from './kbn_shared_ux_card_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_chrome_navigation.mdx b/api_docs/kbn_shared_ux_chrome_navigation.mdx index 3396fd6deace0..ad6c1940a4e21 100644 --- a/api_docs/kbn_shared_ux_chrome_navigation.mdx +++ b/api_docs/kbn_shared_ux_chrome_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-chrome-navigation title: "@kbn/shared-ux-chrome-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-chrome-navigation plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-chrome-navigation'] --- import kbnSharedUxChromeNavigationObj from './kbn_shared_ux_chrome_navigation.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_error_boundary.mdx b/api_docs/kbn_shared_ux_error_boundary.mdx index 722eecb8429b6..c410601c2af9a 100644 --- a/api_docs/kbn_shared_ux_error_boundary.mdx +++ b/api_docs/kbn_shared_ux_error_boundary.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-error-boundary title: "@kbn/shared-ux-error-boundary" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-error-boundary plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-error-boundary'] --- import kbnSharedUxErrorBoundaryObj from './kbn_shared_ux_error_boundary.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_context.mdx b/api_docs/kbn_shared_ux_file_context.mdx index 0ec411e600f58..7a7e485a3d3e8 100644 --- a/api_docs/kbn_shared_ux_file_context.mdx +++ b/api_docs/kbn_shared_ux_file_context.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-context title: "@kbn/shared-ux-file-context" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-context plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-context'] --- import kbnSharedUxFileContextObj from './kbn_shared_ux_file_context.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image.mdx b/api_docs/kbn_shared_ux_file_image.mdx index 0e131b7e59abb..2faac2f5355b4 100644 --- a/api_docs/kbn_shared_ux_file_image.mdx +++ b/api_docs/kbn_shared_ux_file_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image title: "@kbn/shared-ux-file-image" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image'] --- import kbnSharedUxFileImageObj from './kbn_shared_ux_file_image.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image_mocks.mdx b/api_docs/kbn_shared_ux_file_image_mocks.mdx index aea7064b64e2b..d14acd773cb07 100644 --- a/api_docs/kbn_shared_ux_file_image_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_image_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image-mocks title: "@kbn/shared-ux-file-image-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image-mocks'] --- import kbnSharedUxFileImageMocksObj from './kbn_shared_ux_file_image_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_mocks.mdx b/api_docs/kbn_shared_ux_file_mocks.mdx index ff9622569eb76..547810f95b1b8 100644 --- a/api_docs/kbn_shared_ux_file_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-mocks title: "@kbn/shared-ux-file-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-mocks'] --- import kbnSharedUxFileMocksObj from './kbn_shared_ux_file_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_picker.mdx b/api_docs/kbn_shared_ux_file_picker.mdx index 6d34b5e7a5e75..fd1c431ae821f 100644 --- a/api_docs/kbn_shared_ux_file_picker.mdx +++ b/api_docs/kbn_shared_ux_file_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-picker title: "@kbn/shared-ux-file-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-picker plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-picker'] --- import kbnSharedUxFilePickerObj from './kbn_shared_ux_file_picker.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_types.mdx b/api_docs/kbn_shared_ux_file_types.mdx index d8db139aad4ee..82a4e0f413f5c 100644 --- a/api_docs/kbn_shared_ux_file_types.mdx +++ b/api_docs/kbn_shared_ux_file_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-types title: "@kbn/shared-ux-file-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-types'] --- import kbnSharedUxFileTypesObj from './kbn_shared_ux_file_types.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_upload.mdx b/api_docs/kbn_shared_ux_file_upload.mdx index 34b491252894e..1529a702dfc45 100644 --- a/api_docs/kbn_shared_ux_file_upload.mdx +++ b/api_docs/kbn_shared_ux_file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-upload title: "@kbn/shared-ux-file-upload" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-upload plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-upload'] --- import kbnSharedUxFileUploadObj from './kbn_shared_ux_file_upload.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_util.mdx b/api_docs/kbn_shared_ux_file_util.mdx index 5755ab6c35769..41a43c334db45 100644 --- a/api_docs/kbn_shared_ux_file_util.mdx +++ b/api_docs/kbn_shared_ux_file_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-util title: "@kbn/shared-ux-file-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-util plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-util'] --- import kbnSharedUxFileUtilObj from './kbn_shared_ux_file_util.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app.mdx b/api_docs/kbn_shared_ux_link_redirect_app.mdx index 6bb1871901ad7..de87c62815d23 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app title: "@kbn/shared-ux-link-redirect-app" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app'] --- import kbnSharedUxLinkRedirectAppObj from './kbn_shared_ux_link_redirect_app.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx index 5f3c6e85a2a3e..c55c977414d1c 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app-mocks title: "@kbn/shared-ux-link-redirect-app-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app-mocks'] --- import kbnSharedUxLinkRedirectAppMocksObj from './kbn_shared_ux_link_redirect_app_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown.mdx b/api_docs/kbn_shared_ux_markdown.mdx index 88b110484e2d9..f5aaadf4f1cb1 100644 --- a/api_docs/kbn_shared_ux_markdown.mdx +++ b/api_docs/kbn_shared_ux_markdown.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown title: "@kbn/shared-ux-markdown" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown'] --- import kbnSharedUxMarkdownObj from './kbn_shared_ux_markdown.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown_mocks.mdx b/api_docs/kbn_shared_ux_markdown_mocks.mdx index 0aeae0f92691e..dff807049fe54 100644 --- a/api_docs/kbn_shared_ux_markdown_mocks.mdx +++ b/api_docs/kbn_shared_ux_markdown_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown-mocks title: "@kbn/shared-ux-markdown-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown-mocks'] --- import kbnSharedUxMarkdownMocksObj from './kbn_shared_ux_markdown_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx index 5f6d8b59754f7..25bbf954cc7af 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data title: "@kbn/shared-ux-page-analytics-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data'] --- import kbnSharedUxPageAnalyticsNoDataObj from './kbn_shared_ux_page_analytics_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx index 70acae1ac0525..e1f24c9024c45 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data-mocks title: "@kbn/shared-ux-page-analytics-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data-mocks'] --- import kbnSharedUxPageAnalyticsNoDataMocksObj from './kbn_shared_ux_page_analytics_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx index 9480e7f7aa0bd..35ad45b95954d 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data title: "@kbn/shared-ux-page-kibana-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data'] --- import kbnSharedUxPageKibanaNoDataObj from './kbn_shared_ux_page_kibana_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx index df6bed2e5d17a..2bcb3c16995c7 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data-mocks title: "@kbn/shared-ux-page-kibana-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data-mocks'] --- import kbnSharedUxPageKibanaNoDataMocksObj from './kbn_shared_ux_page_kibana_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template.mdx b/api_docs/kbn_shared_ux_page_kibana_template.mdx index 0c916581d2225..49288419edce5 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template title: "@kbn/shared-ux-page-kibana-template" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template'] --- import kbnSharedUxPageKibanaTemplateObj from './kbn_shared_ux_page_kibana_template.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx index d472169488033..0102c137a72bd 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template-mocks title: "@kbn/shared-ux-page-kibana-template-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template-mocks'] --- import kbnSharedUxPageKibanaTemplateMocksObj from './kbn_shared_ux_page_kibana_template_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data.mdx b/api_docs/kbn_shared_ux_page_no_data.mdx index 26d499a0c3369..10c189c22ceae 100644 --- a/api_docs/kbn_shared_ux_page_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data title: "@kbn/shared-ux-page-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data'] --- import kbnSharedUxPageNoDataObj from './kbn_shared_ux_page_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config.mdx b/api_docs/kbn_shared_ux_page_no_data_config.mdx index d78fea8d78fec..f4149f6bc3679 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config title: "@kbn/shared-ux-page-no-data-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config'] --- import kbnSharedUxPageNoDataConfigObj from './kbn_shared_ux_page_no_data_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx index 28fcccab361b0..4509b07dd2fc5 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config-mocks title: "@kbn/shared-ux-page-no-data-config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config-mocks'] --- import kbnSharedUxPageNoDataConfigMocksObj from './kbn_shared_ux_page_no_data_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx index 33a8389536712..65b15a063534e 100644 --- a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-mocks title: "@kbn/shared-ux-page-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-mocks'] --- import kbnSharedUxPageNoDataMocksObj from './kbn_shared_ux_page_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_solution_nav.mdx b/api_docs/kbn_shared_ux_page_solution_nav.mdx index 66210b9b955e4..cee4d8d8850ba 100644 --- a/api_docs/kbn_shared_ux_page_solution_nav.mdx +++ b/api_docs/kbn_shared_ux_page_solution_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-solution-nav title: "@kbn/shared-ux-page-solution-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-solution-nav plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-solution-nav'] --- import kbnSharedUxPageSolutionNavObj from './kbn_shared_ux_page_solution_nav.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx index 44466af5d48af..08b8715810d6f 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views title: "@kbn/shared-ux-prompt-no-data-views" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views'] --- import kbnSharedUxPromptNoDataViewsObj from './kbn_shared_ux_prompt_no_data_views.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx index 4796e9382cb17..1938287553b7c 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views-mocks title: "@kbn/shared-ux-prompt-no-data-views-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views-mocks'] --- import kbnSharedUxPromptNoDataViewsMocksObj from './kbn_shared_ux_prompt_no_data_views_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_not_found.mdx b/api_docs/kbn_shared_ux_prompt_not_found.mdx index 47b6e440b34a3..dade6465124b4 100644 --- a/api_docs/kbn_shared_ux_prompt_not_found.mdx +++ b/api_docs/kbn_shared_ux_prompt_not_found.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-not-found title: "@kbn/shared-ux-prompt-not-found" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-not-found plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-not-found'] --- import kbnSharedUxPromptNotFoundObj from './kbn_shared_ux_prompt_not_found.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router.mdx b/api_docs/kbn_shared_ux_router.mdx index 6c2f2d73ae502..79d3ecd074d85 100644 --- a/api_docs/kbn_shared_ux_router.mdx +++ b/api_docs/kbn_shared_ux_router.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router title: "@kbn/shared-ux-router" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router'] --- import kbnSharedUxRouterObj from './kbn_shared_ux_router.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router_mocks.mdx b/api_docs/kbn_shared_ux_router_mocks.mdx index 13f8124c7933f..43603b3020bc0 100644 --- a/api_docs/kbn_shared_ux_router_mocks.mdx +++ b/api_docs/kbn_shared_ux_router_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router-mocks title: "@kbn/shared-ux-router-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router-mocks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router-mocks'] --- import kbnSharedUxRouterMocksObj from './kbn_shared_ux_router_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_config.mdx b/api_docs/kbn_shared_ux_storybook_config.mdx index 49841b8b959e0..3414102617bff 100644 --- a/api_docs/kbn_shared_ux_storybook_config.mdx +++ b/api_docs/kbn_shared_ux_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-config title: "@kbn/shared-ux-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-config'] --- import kbnSharedUxStorybookConfigObj from './kbn_shared_ux_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_mock.mdx b/api_docs/kbn_shared_ux_storybook_mock.mdx index 7c6d14cb29abf..7e2618ee417ec 100644 --- a/api_docs/kbn_shared_ux_storybook_mock.mdx +++ b/api_docs/kbn_shared_ux_storybook_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-mock title: "@kbn/shared-ux-storybook-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-mock plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-mock'] --- import kbnSharedUxStorybookMockObj from './kbn_shared_ux_storybook_mock.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_tabbed_modal.mdx b/api_docs/kbn_shared_ux_tabbed_modal.mdx index 6bd02782ef2e3..dbaddea46e649 100644 --- a/api_docs/kbn_shared_ux_tabbed_modal.mdx +++ b/api_docs/kbn_shared_ux_tabbed_modal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-tabbed-modal title: "@kbn/shared-ux-tabbed-modal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-tabbed-modal plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-tabbed-modal'] --- import kbnSharedUxTabbedModalObj from './kbn_shared_ux_tabbed_modal.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_utility.mdx b/api_docs/kbn_shared_ux_utility.mdx index bdc8a7435ffca..83e4497c39588 100644 --- a/api_docs/kbn_shared_ux_utility.mdx +++ b/api_docs/kbn_shared_ux_utility.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-utility title: "@kbn/shared-ux-utility" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-utility plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-utility'] --- import kbnSharedUxUtilityObj from './kbn_shared_ux_utility.devdocs.json'; diff --git a/api_docs/kbn_slo_schema.mdx b/api_docs/kbn_slo_schema.mdx index cd29bbf94a60e..b30eea970a3a7 100644 --- a/api_docs/kbn_slo_schema.mdx +++ b/api_docs/kbn_slo_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-slo-schema title: "@kbn/slo-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/slo-schema plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/slo-schema'] --- import kbnSloSchemaObj from './kbn_slo_schema.devdocs.json'; diff --git a/api_docs/kbn_some_dev_log.mdx b/api_docs/kbn_some_dev_log.mdx index af4010409a156..ef9177554746f 100644 --- a/api_docs/kbn_some_dev_log.mdx +++ b/api_docs/kbn_some_dev_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-some-dev-log title: "@kbn/some-dev-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/some-dev-log plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/some-dev-log'] --- import kbnSomeDevLogObj from './kbn_some_dev_log.devdocs.json'; diff --git a/api_docs/kbn_sort_predicates.mdx b/api_docs/kbn_sort_predicates.mdx index 2c00d8893d974..4d40daae012e4 100644 --- a/api_docs/kbn_sort_predicates.mdx +++ b/api_docs/kbn_sort_predicates.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sort-predicates title: "@kbn/sort-predicates" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sort-predicates plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sort-predicates'] --- import kbnSortPredicatesObj from './kbn_sort_predicates.devdocs.json'; diff --git a/api_docs/kbn_std.mdx b/api_docs/kbn_std.mdx index c9db4e23ac50c..0c95c06505a61 100644 --- a/api_docs/kbn_std.mdx +++ b/api_docs/kbn_std.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-std title: "@kbn/std" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/std plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/std'] --- import kbnStdObj from './kbn_std.devdocs.json'; diff --git a/api_docs/kbn_stdio_dev_helpers.mdx b/api_docs/kbn_stdio_dev_helpers.mdx index 6e60a4abe21e9..b0eece95b5e75 100644 --- a/api_docs/kbn_stdio_dev_helpers.mdx +++ b/api_docs/kbn_stdio_dev_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-stdio-dev-helpers title: "@kbn/stdio-dev-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/stdio-dev-helpers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/stdio-dev-helpers'] --- import kbnStdioDevHelpersObj from './kbn_stdio_dev_helpers.devdocs.json'; diff --git a/api_docs/kbn_storybook.mdx b/api_docs/kbn_storybook.mdx index e16bdb22ac568..40e60ce87e3b0 100644 --- a/api_docs/kbn_storybook.mdx +++ b/api_docs/kbn_storybook.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-storybook title: "@kbn/storybook" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/storybook plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/storybook'] --- import kbnStorybookObj from './kbn_storybook.devdocs.json'; diff --git a/api_docs/kbn_synthetics_e2e.mdx b/api_docs/kbn_synthetics_e2e.mdx index 5cda66c41846b..3a96a8463870d 100644 --- a/api_docs/kbn_synthetics_e2e.mdx +++ b/api_docs/kbn_synthetics_e2e.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-e2e title: "@kbn/synthetics-e2e" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-e2e plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-e2e'] --- import kbnSyntheticsE2eObj from './kbn_synthetics_e2e.devdocs.json'; diff --git a/api_docs/kbn_synthetics_private_location.mdx b/api_docs/kbn_synthetics_private_location.mdx index ff2d0466de938..a50e0035b3a2d 100644 --- a/api_docs/kbn_synthetics_private_location.mdx +++ b/api_docs/kbn_synthetics_private_location.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-private-location title: "@kbn/synthetics-private-location" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-private-location plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-private-location'] --- import kbnSyntheticsPrivateLocationObj from './kbn_synthetics_private_location.devdocs.json'; diff --git a/api_docs/kbn_telemetry_tools.mdx b/api_docs/kbn_telemetry_tools.mdx index 848b16c9576ff..8201490daab9b 100644 --- a/api_docs/kbn_telemetry_tools.mdx +++ b/api_docs/kbn_telemetry_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-telemetry-tools title: "@kbn/telemetry-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/telemetry-tools plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/telemetry-tools'] --- import kbnTelemetryToolsObj from './kbn_telemetry_tools.devdocs.json'; diff --git a/api_docs/kbn_test.mdx b/api_docs/kbn_test.mdx index ad0ee15b3657a..d46b9c99fa4a0 100644 --- a/api_docs/kbn_test.mdx +++ b/api_docs/kbn_test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test title: "@kbn/test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test'] --- import kbnTestObj from './kbn_test.devdocs.json'; diff --git a/api_docs/kbn_test_eui_helpers.mdx b/api_docs/kbn_test_eui_helpers.mdx index 9d869ffadd86f..ee180469a7915 100644 --- a/api_docs/kbn_test_eui_helpers.mdx +++ b/api_docs/kbn_test_eui_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-eui-helpers title: "@kbn/test-eui-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-eui-helpers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-eui-helpers'] --- import kbnTestEuiHelpersObj from './kbn_test_eui_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_jest_helpers.mdx b/api_docs/kbn_test_jest_helpers.mdx index a6fb901e84fbf..6a126af88e462 100644 --- a/api_docs/kbn_test_jest_helpers.mdx +++ b/api_docs/kbn_test_jest_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-jest-helpers title: "@kbn/test-jest-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-jest-helpers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-jest-helpers'] --- import kbnTestJestHelpersObj from './kbn_test_jest_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_subj_selector.mdx b/api_docs/kbn_test_subj_selector.mdx index 31b97258a046f..df25e09fcb9e9 100644 --- a/api_docs/kbn_test_subj_selector.mdx +++ b/api_docs/kbn_test_subj_selector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-subj-selector title: "@kbn/test-subj-selector" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-subj-selector plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-subj-selector'] --- import kbnTestSubjSelectorObj from './kbn_test_subj_selector.devdocs.json'; diff --git a/api_docs/kbn_text_based_editor.mdx b/api_docs/kbn_text_based_editor.mdx index e02b7a2789f14..e8ef0b0b9ebd1 100644 --- a/api_docs/kbn_text_based_editor.mdx +++ b/api_docs/kbn_text_based_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-text-based-editor title: "@kbn/text-based-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/text-based-editor plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/text-based-editor'] --- import kbnTextBasedEditorObj from './kbn_text_based_editor.devdocs.json'; diff --git a/api_docs/kbn_timerange.mdx b/api_docs/kbn_timerange.mdx index 22cf52f1a1bdb..b5ce959a3d15c 100644 --- a/api_docs/kbn_timerange.mdx +++ b/api_docs/kbn_timerange.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-timerange title: "@kbn/timerange" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/timerange plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/timerange'] --- import kbnTimerangeObj from './kbn_timerange.devdocs.json'; diff --git a/api_docs/kbn_tooling_log.mdx b/api_docs/kbn_tooling_log.mdx index 8fe978774e467..dcfdadd00e949 100644 --- a/api_docs/kbn_tooling_log.mdx +++ b/api_docs/kbn_tooling_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-tooling-log title: "@kbn/tooling-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/tooling-log plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/tooling-log'] --- import kbnToolingLogObj from './kbn_tooling_log.devdocs.json'; diff --git a/api_docs/kbn_triggers_actions_ui_types.mdx b/api_docs/kbn_triggers_actions_ui_types.mdx index f01598f5a7d6c..ce8ae069f7bda 100644 --- a/api_docs/kbn_triggers_actions_ui_types.mdx +++ b/api_docs/kbn_triggers_actions_ui_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-triggers-actions-ui-types title: "@kbn/triggers-actions-ui-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/triggers-actions-ui-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/triggers-actions-ui-types'] --- import kbnTriggersActionsUiTypesObj from './kbn_triggers_actions_ui_types.devdocs.json'; diff --git a/api_docs/kbn_try_in_console.devdocs.json b/api_docs/kbn_try_in_console.devdocs.json index 272e1b8129dce..a414e8b39ec76 100644 --- a/api_docs/kbn_try_in_console.devdocs.json +++ b/api_docs/kbn_try_in_console.devdocs.json @@ -40,7 +40,7 @@ "id": "def-common.TryInConsoleButton.$1", "type": "Object", "tags": [], - "label": "{\n request,\n application,\n consolePlugin,\n sharePlugin,\n content = TRY_IN_CONSOLE,\n showIcon = true,\n type = 'emptyButton',\n}", + "label": "{\n request,\n application,\n consolePlugin,\n sharePlugin,\n content = RUN_IN_CONSOLE,\n showIcon = true,\n type = 'emptyButton',\n}", "description": [], "signature": [ "TryInConsoleButtonProps" diff --git a/api_docs/kbn_try_in_console.mdx b/api_docs/kbn_try_in_console.mdx index f2e072ddd177e..6996d6da824d4 100644 --- a/api_docs/kbn_try_in_console.mdx +++ b/api_docs/kbn_try_in_console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-try-in-console title: "@kbn/try-in-console" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/try-in-console plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/try-in-console'] --- import kbnTryInConsoleObj from './kbn_try_in_console.devdocs.json'; diff --git a/api_docs/kbn_ts_projects.mdx b/api_docs/kbn_ts_projects.mdx index 9d0c5182a763b..479cff0639d1b 100644 --- a/api_docs/kbn_ts_projects.mdx +++ b/api_docs/kbn_ts_projects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ts-projects title: "@kbn/ts-projects" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ts-projects plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ts-projects'] --- import kbnTsProjectsObj from './kbn_ts_projects.devdocs.json'; diff --git a/api_docs/kbn_typed_react_router_config.mdx b/api_docs/kbn_typed_react_router_config.mdx index c1972868e3281..488609f209637 100644 --- a/api_docs/kbn_typed_react_router_config.mdx +++ b/api_docs/kbn_typed_react_router_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-typed-react-router-config title: "@kbn/typed-react-router-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/typed-react-router-config plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/typed-react-router-config'] --- import kbnTypedReactRouterConfigObj from './kbn_typed_react_router_config.devdocs.json'; diff --git a/api_docs/kbn_ui_actions_browser.mdx b/api_docs/kbn_ui_actions_browser.mdx index 0b3eb5cfe6d5b..bcbf28259756a 100644 --- a/api_docs/kbn_ui_actions_browser.mdx +++ b/api_docs/kbn_ui_actions_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-actions-browser title: "@kbn/ui-actions-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-actions-browser plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-actions-browser'] --- import kbnUiActionsBrowserObj from './kbn_ui_actions_browser.devdocs.json'; diff --git a/api_docs/kbn_ui_shared_deps_src.mdx b/api_docs/kbn_ui_shared_deps_src.mdx index 1f0a30dec91e2..e430073b32f3a 100644 --- a/api_docs/kbn_ui_shared_deps_src.mdx +++ b/api_docs/kbn_ui_shared_deps_src.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-shared-deps-src title: "@kbn/ui-shared-deps-src" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-shared-deps-src plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-shared-deps-src'] --- import kbnUiSharedDepsSrcObj from './kbn_ui_shared_deps_src.devdocs.json'; diff --git a/api_docs/kbn_ui_theme.mdx b/api_docs/kbn_ui_theme.mdx index 79f186f1b6149..5fba11cd6a188 100644 --- a/api_docs/kbn_ui_theme.mdx +++ b/api_docs/kbn_ui_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-theme title: "@kbn/ui-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-theme plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-theme'] --- import kbnUiThemeObj from './kbn_ui_theme.devdocs.json'; diff --git a/api_docs/kbn_unified_data_table.mdx b/api_docs/kbn_unified_data_table.mdx index 36510f942f316..2f03a453e9863 100644 --- a/api_docs/kbn_unified_data_table.mdx +++ b/api_docs/kbn_unified_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-data-table title: "@kbn/unified-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-data-table plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-data-table'] --- import kbnUnifiedDataTableObj from './kbn_unified_data_table.devdocs.json'; diff --git a/api_docs/kbn_unified_doc_viewer.mdx b/api_docs/kbn_unified_doc_viewer.mdx index 22b1661510761..be355c4d7ebc8 100644 --- a/api_docs/kbn_unified_doc_viewer.mdx +++ b/api_docs/kbn_unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-doc-viewer title: "@kbn/unified-doc-viewer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-doc-viewer plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-doc-viewer'] --- import kbnUnifiedDocViewerObj from './kbn_unified_doc_viewer.devdocs.json'; diff --git a/api_docs/kbn_unified_field_list.mdx b/api_docs/kbn_unified_field_list.mdx index 839f771997a25..227f77886c449 100644 --- a/api_docs/kbn_unified_field_list.mdx +++ b/api_docs/kbn_unified_field_list.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-field-list title: "@kbn/unified-field-list" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-field-list plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-field-list'] --- import kbnUnifiedFieldListObj from './kbn_unified_field_list.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_badge.mdx b/api_docs/kbn_unsaved_changes_badge.mdx index 8c6ead945acc3..b0e5406061318 100644 --- a/api_docs/kbn_unsaved_changes_badge.mdx +++ b/api_docs/kbn_unsaved_changes_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-badge title: "@kbn/unsaved-changes-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-badge plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-badge'] --- import kbnUnsavedChangesBadgeObj from './kbn_unsaved_changes_badge.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_prompt.mdx b/api_docs/kbn_unsaved_changes_prompt.mdx index 6b8e6dfd0ad27..2378098486b8e 100644 --- a/api_docs/kbn_unsaved_changes_prompt.mdx +++ b/api_docs/kbn_unsaved_changes_prompt.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-prompt title: "@kbn/unsaved-changes-prompt" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-prompt plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-prompt'] --- import kbnUnsavedChangesPromptObj from './kbn_unsaved_changes_prompt.devdocs.json'; diff --git a/api_docs/kbn_use_tracked_promise.mdx b/api_docs/kbn_use_tracked_promise.mdx index e8c3afe9b83b3..dbf104ca4f1b2 100644 --- a/api_docs/kbn_use_tracked_promise.mdx +++ b/api_docs/kbn_use_tracked_promise.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-use-tracked-promise title: "@kbn/use-tracked-promise" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/use-tracked-promise plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/use-tracked-promise'] --- import kbnUseTrackedPromiseObj from './kbn_use_tracked_promise.devdocs.json'; diff --git a/api_docs/kbn_user_profile_components.mdx b/api_docs/kbn_user_profile_components.mdx index 3f5934d58bd29..15c44c7eda717 100644 --- a/api_docs/kbn_user_profile_components.mdx +++ b/api_docs/kbn_user_profile_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-user-profile-components title: "@kbn/user-profile-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/user-profile-components plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/user-profile-components'] --- import kbnUserProfileComponentsObj from './kbn_user_profile_components.devdocs.json'; diff --git a/api_docs/kbn_utility_types.mdx b/api_docs/kbn_utility_types.mdx index df2b2d233bcdf..8f32fdcd05009 100644 --- a/api_docs/kbn_utility_types.mdx +++ b/api_docs/kbn_utility_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types title: "@kbn/utility-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types'] --- import kbnUtilityTypesObj from './kbn_utility_types.devdocs.json'; diff --git a/api_docs/kbn_utility_types_jest.mdx b/api_docs/kbn_utility_types_jest.mdx index 16f9f6c0deb12..41d75d44fc2c0 100644 --- a/api_docs/kbn_utility_types_jest.mdx +++ b/api_docs/kbn_utility_types_jest.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types-jest title: "@kbn/utility-types-jest" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types-jest plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types-jest'] --- import kbnUtilityTypesJestObj from './kbn_utility_types_jest.devdocs.json'; diff --git a/api_docs/kbn_utils.mdx b/api_docs/kbn_utils.mdx index e13f2b74a8925..fcdab6709e0dd 100644 --- a/api_docs/kbn_utils.mdx +++ b/api_docs/kbn_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utils title: "@kbn/utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utils'] --- import kbnUtilsObj from './kbn_utils.devdocs.json'; diff --git a/api_docs/kbn_visualization_ui_components.mdx b/api_docs/kbn_visualization_ui_components.mdx index 2e8fe581ec063..08bbd10042d9f 100644 --- a/api_docs/kbn_visualization_ui_components.mdx +++ b/api_docs/kbn_visualization_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-ui-components title: "@kbn/visualization-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-ui-components plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-ui-components'] --- import kbnVisualizationUiComponentsObj from './kbn_visualization_ui_components.devdocs.json'; diff --git a/api_docs/kbn_visualization_utils.mdx b/api_docs/kbn_visualization_utils.mdx index 3e4bfeaed3d03..db526a5658fa4 100644 --- a/api_docs/kbn_visualization_utils.mdx +++ b/api_docs/kbn_visualization_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-utils title: "@kbn/visualization-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-utils'] --- import kbnVisualizationUtilsObj from './kbn_visualization_utils.devdocs.json'; diff --git a/api_docs/kbn_xstate_utils.mdx b/api_docs/kbn_xstate_utils.mdx index d20089748c5f2..bbce3610fa945 100644 --- a/api_docs/kbn_xstate_utils.mdx +++ b/api_docs/kbn_xstate_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-xstate-utils title: "@kbn/xstate-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/xstate-utils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/xstate-utils'] --- import kbnXstateUtilsObj from './kbn_xstate_utils.devdocs.json'; diff --git a/api_docs/kbn_yarn_lock_validator.mdx b/api_docs/kbn_yarn_lock_validator.mdx index 5aed6c7e00117..24910c34dacd4 100644 --- a/api_docs/kbn_yarn_lock_validator.mdx +++ b/api_docs/kbn_yarn_lock_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-yarn-lock-validator title: "@kbn/yarn-lock-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/yarn-lock-validator plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/yarn-lock-validator'] --- import kbnYarnLockValidatorObj from './kbn_yarn_lock_validator.devdocs.json'; diff --git a/api_docs/kbn_zod.mdx b/api_docs/kbn_zod.mdx index 44ae6f4572aca..da43fb6e59087 100644 --- a/api_docs/kbn_zod.mdx +++ b/api_docs/kbn_zod.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod title: "@kbn/zod" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod'] --- import kbnZodObj from './kbn_zod.devdocs.json'; diff --git a/api_docs/kbn_zod_helpers.mdx b/api_docs/kbn_zod_helpers.mdx index 7f233c07c2043..5f609f765bdeb 100644 --- a/api_docs/kbn_zod_helpers.mdx +++ b/api_docs/kbn_zod_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod-helpers title: "@kbn/zod-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod-helpers plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod-helpers'] --- import kbnZodHelpersObj from './kbn_zod_helpers.devdocs.json'; diff --git a/api_docs/kibana_overview.mdx b/api_docs/kibana_overview.mdx index 423dee011f5e3..e37968d4c5fa1 100644 --- a/api_docs/kibana_overview.mdx +++ b/api_docs/kibana_overview.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaOverview title: "kibanaOverview" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaOverview plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaOverview'] --- import kibanaOverviewObj from './kibana_overview.devdocs.json'; diff --git a/api_docs/kibana_react.mdx b/api_docs/kibana_react.mdx index 7353453e6a028..1cd639b3d19a4 100644 --- a/api_docs/kibana_react.mdx +++ b/api_docs/kibana_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaReact title: "kibanaReact" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaReact plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaReact'] --- import kibanaReactObj from './kibana_react.devdocs.json'; diff --git a/api_docs/kibana_utils.mdx b/api_docs/kibana_utils.mdx index 0290de3be8c85..296776c399396 100644 --- a/api_docs/kibana_utils.mdx +++ b/api_docs/kibana_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaUtils title: "kibanaUtils" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaUtils plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaUtils'] --- import kibanaUtilsObj from './kibana_utils.devdocs.json'; diff --git a/api_docs/kubernetes_security.mdx b/api_docs/kubernetes_security.mdx index 8eaaf880bd656..8b671fd8a0b94 100644 --- a/api_docs/kubernetes_security.mdx +++ b/api_docs/kubernetes_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kubernetesSecurity title: "kubernetesSecurity" image: https://source.unsplash.com/400x175/?github description: API docs for the kubernetesSecurity plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kubernetesSecurity'] --- import kubernetesSecurityObj from './kubernetes_security.devdocs.json'; diff --git a/api_docs/lens.mdx b/api_docs/lens.mdx index 05d285009bb05..c1b6415280605 100644 --- a/api_docs/lens.mdx +++ b/api_docs/lens.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lens title: "lens" image: https://source.unsplash.com/400x175/?github description: API docs for the lens plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lens'] --- import lensObj from './lens.devdocs.json'; diff --git a/api_docs/license_api_guard.mdx b/api_docs/license_api_guard.mdx index a65eb30b0a3aa..08595341b48c9 100644 --- a/api_docs/license_api_guard.mdx +++ b/api_docs/license_api_guard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseApiGuard title: "licenseApiGuard" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseApiGuard plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseApiGuard'] --- import licenseApiGuardObj from './license_api_guard.devdocs.json'; diff --git a/api_docs/license_management.mdx b/api_docs/license_management.mdx index 4590bf38c766c..2e02f738f5e84 100644 --- a/api_docs/license_management.mdx +++ b/api_docs/license_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseManagement title: "licenseManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseManagement plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseManagement'] --- import licenseManagementObj from './license_management.devdocs.json'; diff --git a/api_docs/licensing.mdx b/api_docs/licensing.mdx index dbf8ed5a10d81..b65516af0cf09 100644 --- a/api_docs/licensing.mdx +++ b/api_docs/licensing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licensing title: "licensing" image: https://source.unsplash.com/400x175/?github description: API docs for the licensing plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licensing'] --- import licensingObj from './licensing.devdocs.json'; diff --git a/api_docs/links.mdx b/api_docs/links.mdx index 82c6a06617ec6..8f5a6ba94519e 100644 --- a/api_docs/links.mdx +++ b/api_docs/links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/links title: "links" image: https://source.unsplash.com/400x175/?github description: API docs for the links plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'links'] --- import linksObj from './links.devdocs.json'; diff --git a/api_docs/lists.mdx b/api_docs/lists.mdx index 9d3f0abd2e75a..bd2323183577d 100644 --- a/api_docs/lists.mdx +++ b/api_docs/lists.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lists title: "lists" image: https://source.unsplash.com/400x175/?github description: API docs for the lists plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lists'] --- import listsObj from './lists.devdocs.json'; diff --git a/api_docs/logs_data_access.mdx b/api_docs/logs_data_access.mdx index 7577ce11cada6..a37785a3c9014 100644 --- a/api_docs/logs_data_access.mdx +++ b/api_docs/logs_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsDataAccess title: "logsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the logsDataAccess plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsDataAccess'] --- import logsDataAccessObj from './logs_data_access.devdocs.json'; diff --git a/api_docs/logs_explorer.mdx b/api_docs/logs_explorer.mdx index 53e7579c91098..3ac7db4875060 100644 --- a/api_docs/logs_explorer.mdx +++ b/api_docs/logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsExplorer title: "logsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the logsExplorer plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsExplorer'] --- import logsExplorerObj from './logs_explorer.devdocs.json'; diff --git a/api_docs/logs_shared.mdx b/api_docs/logs_shared.mdx index e4662b4a0b0b2..1cc808ad300f4 100644 --- a/api_docs/logs_shared.mdx +++ b/api_docs/logs_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsShared title: "logsShared" image: https://source.unsplash.com/400x175/?github description: API docs for the logsShared plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsShared'] --- import logsSharedObj from './logs_shared.devdocs.json'; diff --git a/api_docs/management.mdx b/api_docs/management.mdx index 493a94b723bae..2f322ddb7995b 100644 --- a/api_docs/management.mdx +++ b/api_docs/management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/management title: "management" image: https://source.unsplash.com/400x175/?github description: API docs for the management plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'management'] --- import managementObj from './management.devdocs.json'; diff --git a/api_docs/maps.mdx b/api_docs/maps.mdx index df52de2c214b3..1abba28b7668e 100644 --- a/api_docs/maps.mdx +++ b/api_docs/maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/maps title: "maps" image: https://source.unsplash.com/400x175/?github description: API docs for the maps plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'maps'] --- import mapsObj from './maps.devdocs.json'; diff --git a/api_docs/maps_ems.mdx b/api_docs/maps_ems.mdx index c0712e5adc9c4..2e22653c7320d 100644 --- a/api_docs/maps_ems.mdx +++ b/api_docs/maps_ems.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mapsEms title: "mapsEms" image: https://source.unsplash.com/400x175/?github description: API docs for the mapsEms plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mapsEms'] --- import mapsEmsObj from './maps_ems.devdocs.json'; diff --git a/api_docs/metrics_data_access.devdocs.json b/api_docs/metrics_data_access.devdocs.json index 786c41c318074..e4bb3a666e6b9 100644 --- a/api_docs/metrics_data_access.devdocs.json +++ b/api_docs/metrics_data_access.devdocs.json @@ -745,7 +745,7 @@ "label": "hostSnapshotMetricTypes", "description": [], "signature": [ - "(\"memory\" | \"logRate\" | \"rx\" | \"normalizedLoad1m\" | \"memoryFree\" | \"tx\" | \"cpu\" | \"cpuTotal\" | \"diskLatency\" | \"diskSpaceUsage\" | \"load\" | \"memoryTotal\" | \"rxV2\" | \"txV2\")[]" + "(\"memory\" | \"logRate\" | \"rx\" | \"normalizedLoad1m\" | \"memoryFree\" | \"tx\" | \"cpu\" | \"cpuV2\" | \"diskLatency\" | \"diskSpaceUsage\" | \"load\" | \"memoryTotal\" | \"rxV2\" | \"txV2\")[]" ], "path": "x-pack/plugins/observability_solution/metrics_data_access/common/inventory_models/host/metrics/index.ts", "deprecated": false, @@ -1522,7 +1522,7 @@ "label": "SnapshotMetricType", "description": [], "signature": [ - "\"count\" | \"memory\" | \"custom\" | \"logRate\" | \"rx\" | \"normalizedLoad1m\" | \"memoryFree\" | \"tx\" | \"cpu\" | \"s3BucketSize\" | \"s3NumberOfObjects\" | \"s3TotalRequests\" | \"s3UploadBytes\" | \"s3DownloadBytes\" | \"cpuTotal\" | \"diskLatency\" | \"diskSpaceUsage\" | \"load\" | \"memoryTotal\" | \"rxV2\" | \"txV2\" | \"diskIOReadBytes\" | \"diskIOWriteBytes\" | \"rdsLatency\" | \"rdsConnections\" | \"rdsQueriesExecuted\" | \"rdsActiveTransactions\" | \"sqsMessagesVisible\" | \"sqsMessagesDelayed\" | \"sqsMessagesEmpty\" | \"sqsMessagesSent\" | \"sqsOldestMessage\"" + "\"count\" | \"memory\" | \"custom\" | \"logRate\" | \"rx\" | \"normalizedLoad1m\" | \"memoryFree\" | \"tx\" | \"cpu\" | \"s3BucketSize\" | \"s3NumberOfObjects\" | \"s3TotalRequests\" | \"s3UploadBytes\" | \"s3DownloadBytes\" | \"cpuV2\" | \"diskLatency\" | \"diskSpaceUsage\" | \"load\" | \"memoryTotal\" | \"rxV2\" | \"txV2\" | \"diskIOReadBytes\" | \"diskIOWriteBytes\" | \"rdsLatency\" | \"rdsConnections\" | \"rdsQueriesExecuted\" | \"rdsActiveTransactions\" | \"sqsMessagesVisible\" | \"sqsMessagesDelayed\" | \"sqsMessagesEmpty\" | \"sqsMessagesSent\" | \"sqsOldestMessage\"" ], "path": "x-pack/plugins/observability_solution/metrics_data_access/common/inventory_models/types.ts", "deprecated": false, @@ -2066,10 +2066,10 @@ }, { "parentPluginId": "metricsDataAccess", - "id": "def-common.SnapshotMetricTypeKeys.cpuTotal", + "id": "def-common.SnapshotMetricTypeKeys.cpuV2", "type": "Uncategorized", "tags": [], - "label": "cpuTotal", + "label": "cpuV2", "description": [], "signature": [ "null" @@ -2510,7 +2510,7 @@ "description": [], "signature": [ "KeyofC", - "<{ count: null; cpuTotal: null; cpu: null; diskLatency: null; diskSpaceUsage: null; load: null; memory: null; memoryFree: null; memoryTotal: null; normalizedLoad1m: null; tx: null; rx: null; txV2: null; rxV2: null; logRate: null; diskIOReadBytes: null; diskIOWriteBytes: null; s3TotalRequests: null; s3NumberOfObjects: null; s3BucketSize: null; s3DownloadBytes: null; s3UploadBytes: null; rdsConnections: null; rdsQueriesExecuted: null; rdsActiveTransactions: null; rdsLatency: null; sqsMessagesVisible: null; sqsMessagesDelayed: null; sqsMessagesSent: null; sqsMessagesEmpty: null; sqsOldestMessage: null; custom: null; }>" + "<{ count: null; cpuV2: null; cpu: null; diskLatency: null; diskSpaceUsage: null; load: null; memory: null; memoryFree: null; memoryTotal: null; normalizedLoad1m: null; tx: null; rx: null; txV2: null; rxV2: null; logRate: null; diskIOReadBytes: null; diskIOWriteBytes: null; s3TotalRequests: null; s3NumberOfObjects: null; s3BucketSize: null; s3DownloadBytes: null; s3UploadBytes: null; rdsConnections: null; rdsQueriesExecuted: null; rdsActiveTransactions: null; rdsLatency: null; sqsMessagesVisible: null; sqsMessagesDelayed: null; sqsMessagesSent: null; sqsMessagesEmpty: null; sqsOldestMessage: null; custom: null; }>" ], "path": "x-pack/plugins/observability_solution/metrics_data_access/common/inventory_models/types.ts", "deprecated": false, diff --git a/api_docs/metrics_data_access.mdx b/api_docs/metrics_data_access.mdx index 1aa2668432686..c6ad47665033d 100644 --- a/api_docs/metrics_data_access.mdx +++ b/api_docs/metrics_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/metricsDataAccess title: "metricsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the metricsDataAccess plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'metricsDataAccess'] --- import metricsDataAccessObj from './metrics_data_access.devdocs.json'; diff --git a/api_docs/ml.mdx b/api_docs/ml.mdx index ab3021b1db3ab..e92257dc81967 100644 --- a/api_docs/ml.mdx +++ b/api_docs/ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ml title: "ml" image: https://source.unsplash.com/400x175/?github description: API docs for the ml plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ml'] --- import mlObj from './ml.devdocs.json'; diff --git a/api_docs/mock_idp_plugin.mdx b/api_docs/mock_idp_plugin.mdx index 269fc67ef96d0..573b351ea388f 100644 --- a/api_docs/mock_idp_plugin.mdx +++ b/api_docs/mock_idp_plugin.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mockIdpPlugin title: "mockIdpPlugin" image: https://source.unsplash.com/400x175/?github description: API docs for the mockIdpPlugin plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mockIdpPlugin'] --- import mockIdpPluginObj from './mock_idp_plugin.devdocs.json'; diff --git a/api_docs/monitoring.mdx b/api_docs/monitoring.mdx index 647e63a094437..3831427b38728 100644 --- a/api_docs/monitoring.mdx +++ b/api_docs/monitoring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoring title: "monitoring" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoring plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoring'] --- import monitoringObj from './monitoring.devdocs.json'; diff --git a/api_docs/monitoring_collection.mdx b/api_docs/monitoring_collection.mdx index 42015f6914276..da5915f123d02 100644 --- a/api_docs/monitoring_collection.mdx +++ b/api_docs/monitoring_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoringCollection title: "monitoringCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoringCollection plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoringCollection'] --- import monitoringCollectionObj from './monitoring_collection.devdocs.json'; diff --git a/api_docs/navigation.mdx b/api_docs/navigation.mdx index 6632792c2b686..5910723645fd8 100644 --- a/api_docs/navigation.mdx +++ b/api_docs/navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/navigation title: "navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the navigation plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'navigation'] --- import navigationObj from './navigation.devdocs.json'; diff --git a/api_docs/newsfeed.mdx b/api_docs/newsfeed.mdx index 9b6a661065ce4..8d4c25b512f05 100644 --- a/api_docs/newsfeed.mdx +++ b/api_docs/newsfeed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/newsfeed title: "newsfeed" image: https://source.unsplash.com/400x175/?github description: API docs for the newsfeed plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'newsfeed'] --- import newsfeedObj from './newsfeed.devdocs.json'; diff --git a/api_docs/no_data_page.mdx b/api_docs/no_data_page.mdx index a5858606adbf5..dc4bd53393d0c 100644 --- a/api_docs/no_data_page.mdx +++ b/api_docs/no_data_page.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/noDataPage title: "noDataPage" image: https://source.unsplash.com/400x175/?github description: API docs for the noDataPage plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'noDataPage'] --- import noDataPageObj from './no_data_page.devdocs.json'; diff --git a/api_docs/notifications.mdx b/api_docs/notifications.mdx index 6088c5a442da5..10a56ce8df9b5 100644 --- a/api_docs/notifications.mdx +++ b/api_docs/notifications.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/notifications title: "notifications" image: https://source.unsplash.com/400x175/?github description: API docs for the notifications plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'notifications'] --- import notificationsObj from './notifications.devdocs.json'; diff --git a/api_docs/observability.mdx b/api_docs/observability.mdx index 039348bc8ac1c..1ff83b5149b55 100644 --- a/api_docs/observability.mdx +++ b/api_docs/observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observability title: "observability" image: https://source.unsplash.com/400x175/?github description: API docs for the observability plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observability'] --- import observabilityObj from './observability.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant.mdx b/api_docs/observability_a_i_assistant.mdx index 433aeb7f1e9ff..cc14a02153800 100644 --- a/api_docs/observability_a_i_assistant.mdx +++ b/api_docs/observability_a_i_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistant title: "observabilityAIAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistant plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistant'] --- import observabilityAIAssistantObj from './observability_a_i_assistant.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant_app.mdx b/api_docs/observability_a_i_assistant_app.mdx index be8851be18bf0..138a51511b08f 100644 --- a/api_docs/observability_a_i_assistant_app.mdx +++ b/api_docs/observability_a_i_assistant_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistantApp title: "observabilityAIAssistantApp" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistantApp plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistantApp'] --- import observabilityAIAssistantAppObj from './observability_a_i_assistant_app.devdocs.json'; diff --git a/api_docs/observability_ai_assistant_management.mdx b/api_docs/observability_ai_assistant_management.mdx index d79951d56a9fd..e82be12f9baa0 100644 --- a/api_docs/observability_ai_assistant_management.mdx +++ b/api_docs/observability_ai_assistant_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAiAssistantManagement title: "observabilityAiAssistantManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAiAssistantManagement plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAiAssistantManagement'] --- import observabilityAiAssistantManagementObj from './observability_ai_assistant_management.devdocs.json'; diff --git a/api_docs/observability_logs_explorer.mdx b/api_docs/observability_logs_explorer.mdx index cc02267b7482e..3269484d26d14 100644 --- a/api_docs/observability_logs_explorer.mdx +++ b/api_docs/observability_logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityLogsExplorer title: "observabilityLogsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityLogsExplorer plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityLogsExplorer'] --- import observabilityLogsExplorerObj from './observability_logs_explorer.devdocs.json'; diff --git a/api_docs/observability_onboarding.mdx b/api_docs/observability_onboarding.mdx index 61ec51f0841ca..198fd05e4287b 100644 --- a/api_docs/observability_onboarding.mdx +++ b/api_docs/observability_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityOnboarding title: "observabilityOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityOnboarding plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityOnboarding'] --- import observabilityOnboardingObj from './observability_onboarding.devdocs.json'; diff --git a/api_docs/observability_shared.devdocs.json b/api_docs/observability_shared.devdocs.json index f038181d8e7c0..b7ce0524edb82 100644 --- a/api_docs/observability_shared.devdocs.json +++ b/api_docs/observability_shared.devdocs.json @@ -2356,108 +2356,6 @@ ], "initialIsOpen": false }, - { - "parentPluginId": "observabilityShared", - "id": "def-public.AssetDetailsLocatorParams", - "type": "Interface", - "tags": [], - "label": "AssetDetailsLocatorParams", - "description": [], - "signature": [ - { - "pluginId": "observabilityShared", - "scope": "public", - "docId": "kibObservabilitySharedPluginApi", - "section": "def-public.AssetDetailsLocatorParams", - "text": "AssetDetailsLocatorParams" - }, - " extends ", - { - "pluginId": "@kbn/utility-types", - "scope": "common", - "docId": "kibKbnUtilityTypesPluginApi", - "section": "def-common.SerializableRecord", - "text": "SerializableRecord" - } - ], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/asset_details_locator.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "observabilityShared", - "id": "def-public.AssetDetailsLocatorParams.assetType", - "type": "string", - "tags": [], - "label": "assetType", - "description": [], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/asset_details_locator.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "observabilityShared", - "id": "def-public.AssetDetailsLocatorParams.assetId", - "type": "string", - "tags": [], - "label": "assetId", - "description": [], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/asset_details_locator.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "observabilityShared", - "id": "def-public.AssetDetailsLocatorParams.state", - "type": "Object", - "tags": [], - "label": "state", - "description": [], - "signature": [ - { - "pluginId": "@kbn/utility-types", - "scope": "common", - "docId": "kibKbnUtilityTypesPluginApi", - "section": "def-common.SerializableRecord", - "text": "SerializableRecord" - }, - " | undefined" - ], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/asset_details_locator.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "observabilityShared", - "id": "def-public.AssetDetailsLocatorParams._a", - "type": "Object", - "tags": [], - "label": "_a", - "description": [], - "signature": [ - "{ time?: { from?: string | undefined; to?: string | undefined; } | undefined; interval?: string | undefined; } | undefined" - ], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/asset_details_locator.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "observabilityShared", - "id": "def-public.AssetDetailsLocatorParams.assetDetails", - "type": "Object", - "tags": [], - "label": "assetDetails", - "description": [], - "signature": [ - "{ tabId?: string | undefined; dashboardId?: string | undefined; dateRange?: { from: string; to: string; } | undefined; } | undefined" - ], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/asset_details_locator.ts", - "deprecated": false, - "trackAdoption": false - } - ], - "initialIsOpen": false - }, { "parentPluginId": "observabilityShared", "id": "def-public.EmbeddableProfilingSearchBarProps", @@ -3389,36 +3287,6 @@ ], "initialIsOpen": false }, - { - "parentPluginId": "observabilityShared", - "id": "def-public.ASSET_DETAILS_FLYOUT_LOCATOR_ID", - "type": "string", - "tags": [], - "label": "ASSET_DETAILS_FLYOUT_LOCATOR_ID", - "description": [], - "signature": [ - "\"ASSET_DETAILS_FLYOUT_LOCATOR\"" - ], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/asset_details_flyout_locator.ts", - "deprecated": false, - "trackAdoption": false, - "initialIsOpen": false - }, - { - "parentPluginId": "observabilityShared", - "id": "def-public.ASSET_DETAILS_LOCATOR_ID", - "type": "string", - "tags": [], - "label": "ASSET_DETAILS_LOCATOR_ID", - "description": [], - "signature": [ - "\"ASSET_DETAILS_LOCATOR\"" - ], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/asset_details_locator.ts", - "deprecated": false, - "trackAdoption": false, - "initialIsOpen": false - }, { "parentPluginId": "observabilityShared", "id": "def-public.casesFeatureId", @@ -3502,21 +3370,6 @@ "trackAdoption": false, "initialIsOpen": false }, - { - "parentPluginId": "observabilityShared", - "id": "def-public.INVENTORY_LOCATOR_ID", - "type": "string", - "tags": [], - "label": "INVENTORY_LOCATOR_ID", - "description": [], - "signature": [ - "\"INVENTORY_LOCATOR\"" - ], - "path": "x-pack/plugins/observability_solution/observability_shared/public/locators/infra/inventory_locator.ts", - "deprecated": false, - "trackAdoption": false, - "initialIsOpen": false - }, { "parentPluginId": "observabilityShared", "id": "def-public.LazyObservabilityPageTemplateProps", @@ -3705,11 +3558,29 @@ "description": [], "signature": [ "{ flamegraphLocator: ", - "FlamegraphLocator", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.FlamegraphLocator", + "text": "FlamegraphLocator" + }, "; topNFunctionsLocator: ", - "TopNFunctionsLocator", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TopNFunctionsLocator", + "text": "TopNFunctionsLocator" + }, "; stacktracesLocator: ", - "StacktracesLocator", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.StacktracesLocator", + "text": "StacktracesLocator" + }, "; }" ], "path": "x-pack/plugins/observability_solution/observability_shared/public/plugin.ts", @@ -3830,214 +3701,2052 @@ "objects": [] }, "common": { - "classes": [], - "functions": [ + "classes": [ { "parentPluginId": "observabilityShared", - "id": "def-common.colorTransformer", - "type": "Function", + "id": "def-common.AssetDetailsFlyoutLocatorDefinition", + "type": "Class", "tags": [], - "label": "colorTransformer", + "label": "AssetDetailsFlyoutLocatorDefinition", "description": [], "signature": [ - "(color: ", { "pluginId": "observabilityShared", "scope": "common", "docId": "kibObservabilitySharedPluginApi", - "section": "def-common.Color", - "text": "Color" + "section": "def-common.AssetDetailsFlyoutLocatorDefinition", + "text": "AssetDetailsFlyoutLocatorDefinition" }, - ") => string" + " implements ", + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsFlyoutLocatorParams", + "text": "AssetDetailsFlyoutLocatorParams" + }, + ">" ], - "path": "x-pack/plugins/observability_solution/observability_shared/common/color_palette.ts", + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", "deprecated": false, "trackAdoption": false, - "returnComment": [], "children": [ { "parentPluginId": "observabilityShared", - "id": "def-common.colorTransformer.$1", - "type": "CompoundType", + "id": "def-common.AssetDetailsFlyoutLocatorDefinition.id", + "type": "string", "tags": [], - "label": "color", + "label": "id", "description": [], "signature": [ - "\"color0\" | \"color1\" | \"color2\" | \"color3\" | \"color4\" | \"color5\" | \"color6\" | \"color7\" | \"color8\" | \"color9\"" + "\"ASSET_DETAILS_FLYOUT_LOCATOR\"" ], - "path": "x-pack/plugins/observability_solution/observability_shared/common/color_palette.ts", + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsFlyoutLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "(params: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsFlyoutLocatorParams", + "text": "AssetDetailsFlyoutLocatorParams" + }, + ") => Promise<{ app: string; path: string; state: {}; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsFlyoutLocatorDefinition.getLocation.$1", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsFlyoutLocatorParams", + "text": "AssetDetailsFlyoutLocatorParams" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] } ], "initialIsOpen": false }, { "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse", - "type": "Function", + "id": "def-common.AssetDetailsLocatorDefinition", + "type": "Class", "tags": [], - "label": "getInspectResponse", - "description": [ - "\nCreate a formatted response to be sent in the _inspect key for use in the\ninspector." - ], + "label": "AssetDetailsLocatorDefinition", + "description": [], "signature": [ - "({\n esError,\n esRequestParams,\n esRequestStatus,\n esResponse,\n kibanaRequest,\n operationName,\n startTime,\n}: { esError: ", - "WrappedElasticsearchClientError", - " | null; esRequestParams: Record; esRequestStatus: ", { - "pluginId": "inspector", + "pluginId": "observabilityShared", "scope": "common", - "docId": "kibInspectorPluginApi", - "section": "def-common.RequestStatus", - "text": "RequestStatus" + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsLocatorDefinition", + "text": "AssetDetailsLocatorDefinition" }, - "; esResponse: any; kibanaRequest: ", + " implements ", { - "pluginId": "@kbn/core-http-server", - "scope": "server", - "docId": "kibKbnCoreHttpServerPluginApi", - "section": "def-server.KibanaRequest", - "text": "KibanaRequest" + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" }, - "; operationName: string; startTime: number; }) => ", + "<", { - "pluginId": "inspector", + "pluginId": "observabilityShared", "scope": "common", - "docId": "kibInspectorPluginApi", - "section": "def-common.Request", - "text": "Request" - } + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsLocatorParams", + "text": "AssetDetailsLocatorParams" + }, + ">" ], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", "deprecated": false, "trackAdoption": false, "children": [ { "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse.$1", - "type": "Object", + "id": "def-common.AssetDetailsLocatorDefinition.id", + "type": "string", "tags": [], - "label": "{\n esError,\n esRequestParams,\n esRequestStatus,\n esResponse,\n kibanaRequest,\n operationName,\n startTime,\n}", + "label": "id", "description": [], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "signature": [ + "\"ASSET_DETAILS_LOCATOR\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse.$1.esError", - "type": "CompoundType", - "tags": [], - "label": "esError", - "description": [], - "signature": [ - "WrappedElasticsearchClientError", - " | null" - ], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", - "deprecated": false, - "trackAdoption": false + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "(params: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsLocatorParams", + "text": "AssetDetailsLocatorParams" + }, + ") => Promise<{ app: string; path: string; state: ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" }, + "; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse.$1.esRequestParams", + "id": "def-common.AssetDetailsLocatorDefinition.getLocation.$1", "type": "Object", "tags": [], - "label": "esRequestParams", + "label": "params", "description": [], "signature": [ - "{ [x: string]: any; }" + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsLocatorParams", + "text": "AssetDetailsLocatorParams" + } ], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.FlamegraphLocatorDefinition", + "type": "Class", + "tags": [], + "label": "FlamegraphLocatorDefinition", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.FlamegraphLocatorDefinition", + "text": "FlamegraphLocatorDefinition" + }, + " implements ", + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.FlamegraphLocatorParams", + "text": "FlamegraphLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.FlamegraphLocatorDefinition.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "signature": [ + "\"flamegraphLocator\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.FlamegraphLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "({ rangeFrom, rangeTo, kuery }: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.FlamegraphLocatorParams", + "text": "FlamegraphLocatorParams" }, + ") => Promise<{ app: string; path: string; state: {}; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse.$1.esRequestStatus", - "type": "Enum", + "id": "def-common.FlamegraphLocatorDefinition.getLocation.$1", + "type": "Object", "tags": [], - "label": "esRequestStatus", + "label": "{ rangeFrom, rangeTo, kuery }", "description": [], "signature": [ { - "pluginId": "inspector", + "pluginId": "observabilityShared", "scope": "common", - "docId": "kibInspectorPluginApi", - "section": "def-common.RequestStatus", - "text": "RequestStatus" + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.FlamegraphLocatorParams", + "text": "FlamegraphLocatorParams" } ], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorDefinition", + "type": "Class", + "tags": [], + "label": "HostsLocatorDefinition", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.HostsLocatorDefinition", + "text": "HostsLocatorDefinition" + }, + " implements ", + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.HostsLocatorParams", + "text": "HostsLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorDefinition.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "signature": [ + "\"HOSTS_LOCATOR\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "(params: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.HostsLocatorParams", + "text": "HostsLocatorParams" }, + ") => Promise<{ app: string; path: string; state: {}; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse.$1.esResponse", - "type": "Any", + "id": "def-common.HostsLocatorDefinition.getLocation.$1", + "type": "Object", "tags": [], - "label": "esResponse", + "label": "params", "description": [], "signature": [ - "any" + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.HostsLocatorParams", + "text": "HostsLocatorParams" + } ], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorDefinition", + "type": "Class", + "tags": [], + "label": "InventoryLocatorDefinition", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.InventoryLocatorDefinition", + "text": "InventoryLocatorDefinition" + }, + " implements ", + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.InventoryLocatorParams", + "text": "InventoryLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorDefinition.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "signature": [ + "\"INVENTORY_LOCATOR\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "(params: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.InventoryLocatorParams", + "text": "InventoryLocatorParams" }, + ") => Promise<{ app: string; path: string; state: ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + }, + "; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse.$1.kibanaRequest", + "id": "def-common.InventoryLocatorDefinition.getLocation.$1", "type": "Object", "tags": [], - "label": "kibanaRequest", + "label": "params", "description": [], "signature": [ { - "pluginId": "@kbn/core-http-server", - "scope": "server", - "docId": "kibKbnCoreHttpServerPluginApi", - "section": "def-server.KibanaRequest", - "text": "KibanaRequest" - }, - "" + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.InventoryLocatorParams", + "text": "InventoryLocatorParams" + } ], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ServiceOverviewLocatorDefinition", + "type": "Class", + "tags": [], + "label": "ServiceOverviewLocatorDefinition", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.ServiceOverviewLocatorDefinition", + "text": "ServiceOverviewLocatorDefinition" + }, + " implements ", + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.ServiceOverviewParams", + "text": "ServiceOverviewParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.ServiceOverviewLocatorDefinition.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "signature": [ + "\"serviceOverviewLocator\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ServiceOverviewLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "({ rangeFrom, rangeTo, serviceName, }: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.ServiceOverviewParams", + "text": "ServiceOverviewParams" }, + ") => Promise<{ app: string; path: string; state: {}; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse.$1.operationName", - "type": "string", + "id": "def-common.ServiceOverviewLocatorDefinition.getLocation.$1", + "type": "Object", "tags": [], - "label": "operationName", + "label": "{\n rangeFrom,\n rangeTo,\n serviceName,\n }", "description": [], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.ServiceOverviewParams", + "text": "ServiceOverviewParams" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocatorDefinition", + "type": "Class", + "tags": [], + "label": "StacktracesLocatorDefinition", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.StacktracesLocatorDefinition", + "text": "StacktracesLocatorDefinition" + }, + " implements ", + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.StacktracesLocatorParams", + "text": "StacktracesLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocatorDefinition.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "signature": [ + "\"stacktracesLocator\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "({ rangeFrom, rangeTo, kuery, type, }: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.StacktracesLocatorParams", + "text": "StacktracesLocatorParams" }, + ") => Promise<{ app: string; path: string; state: {}; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "observabilityShared", - "id": "def-common.getInspectResponse.$1.startTime", - "type": "number", + "id": "def-common.StacktracesLocatorDefinition.getLocation.$1", + "type": "Object", "tags": [], - "label": "startTime", + "label": "{\n rangeFrom,\n rangeTo,\n kuery,\n type = TopNType.Threads,\n }", "description": [], - "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.StacktracesLocatorParams", + "text": "StacktracesLocatorParams" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "isRequired": true } - ] + ], + "returnComment": [] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocatorDefinition", + "type": "Class", + "tags": [], + "label": "TopNFunctionsLocatorDefinition", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TopNFunctionsLocatorDefinition", + "text": "TopNFunctionsLocatorDefinition" + }, + " implements ", + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TopNFunctionsLocatorParams", + "text": "TopNFunctionsLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocatorDefinition.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "signature": [ + "\"topNFunctionsLocator\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "({ rangeFrom, rangeTo, kuery, }: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TopNFunctionsLocatorParams", + "text": "TopNFunctionsLocatorParams" + }, + ") => Promise<{ app: string; path: string; state: {}; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocatorDefinition.getLocation.$1", + "type": "Object", + "tags": [], + "label": "{\n rangeFrom,\n rangeTo,\n kuery,\n }", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TopNFunctionsLocatorParams", + "text": "TopNFunctionsLocatorParams" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameLocatorDefinition", + "type": "Class", + "tags": [], + "label": "TransactionDetailsByNameLocatorDefinition", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TransactionDetailsByNameLocatorDefinition", + "text": "TransactionDetailsByNameLocatorDefinition" + }, + " implements ", + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorDefinition", + "text": "LocatorDefinition" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TransactionDetailsByNameParams", + "text": "TransactionDetailsByNameParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameLocatorDefinition.id", + "type": "string", + "tags": [], + "label": "id", + "description": [], + "signature": [ + "\"TransactionDetailsByNameLocator\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameLocatorDefinition.getLocation", + "type": "Function", + "tags": [], + "label": "getLocation", + "description": [], + "signature": [ + "({ rangeFrom, rangeTo, serviceName, transactionName, }: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TransactionDetailsByNameParams", + "text": "TransactionDetailsByNameParams" + }, + ") => Promise<{ app: string; path: string; state: {}; }>" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameLocatorDefinition.getLocation.$1", + "type": "Object", + "tags": [], + "label": "{\n rangeFrom,\n rangeTo,\n serviceName,\n transactionName,\n }", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TransactionDetailsByNameParams", + "text": "TransactionDetailsByNameParams" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + } + ], + "initialIsOpen": false + } + ], + "functions": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.colorTransformer", + "type": "Function", + "tags": [], + "label": "colorTransformer", + "description": [], + "signature": [ + "(color: ", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.Color", + "text": "Color" + }, + ") => string" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/color_palette.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.colorTransformer.$1", + "type": "CompoundType", + "tags": [], + "label": "color", + "description": [], + "signature": [ + "\"color0\" | \"color1\" | \"color2\" | \"color3\" | \"color4\" | \"color5\" | \"color6\" | \"color7\" | \"color8\" | \"color9\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/color_palette.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse", + "type": "Function", + "tags": [], + "label": "getInspectResponse", + "description": [ + "\nCreate a formatted response to be sent in the _inspect key for use in the\ninspector." + ], + "signature": [ + "({\n esError,\n esRequestParams,\n esRequestStatus,\n esResponse,\n kibanaRequest,\n operationName,\n startTime,\n}: { esError: ", + "WrappedElasticsearchClientError", + " | null; esRequestParams: Record; esRequestStatus: ", + { + "pluginId": "inspector", + "scope": "common", + "docId": "kibInspectorPluginApi", + "section": "def-common.RequestStatus", + "text": "RequestStatus" + }, + "; esResponse: any; kibanaRequest: ", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.KibanaRequest", + "text": "KibanaRequest" + }, + "; operationName: string; startTime: number; }) => ", + { + "pluginId": "inspector", + "scope": "common", + "docId": "kibInspectorPluginApi", + "section": "def-common.Request", + "text": "Request" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse.$1", + "type": "Object", + "tags": [], + "label": "{\n esError,\n esRequestParams,\n esRequestStatus,\n esResponse,\n kibanaRequest,\n operationName,\n startTime,\n}", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse.$1.esError", + "type": "CompoundType", + "tags": [], + "label": "esError", + "description": [], + "signature": [ + "WrappedElasticsearchClientError", + " | null" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse.$1.esRequestParams", + "type": "Object", + "tags": [], + "label": "esRequestParams", + "description": [], + "signature": [ + "{ [x: string]: any; }" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse.$1.esRequestStatus", + "type": "Enum", + "tags": [], + "label": "esRequestStatus", + "description": [], + "signature": [ + { + "pluginId": "inspector", + "scope": "common", + "docId": "kibInspectorPluginApi", + "section": "def-common.RequestStatus", + "text": "RequestStatus" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse.$1.esResponse", + "type": "Any", + "tags": [], + "label": "esResponse", + "description": [], + "signature": [ + "any" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse.$1.kibanaRequest", + "type": "Object", + "tags": [], + "label": "kibanaRequest", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.KibanaRequest", + "text": "KibanaRequest" + }, + "" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse.$1.operationName", + "type": "string", + "tags": [], + "label": "operationName", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.getInspectResponse.$1.startTime", + "type": "number", + "tags": [], + "label": "startTime", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/utils/get_inspect_response.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ], + "returnComment": [], + "initialIsOpen": false + } + ], + "interfaces": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsFlyoutLocatorParams", + "type": "Interface", + "tags": [], + "label": "AssetDetailsFlyoutLocatorParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsFlyoutLocatorParams", + "text": "AssetDetailsFlyoutLocatorParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsFlyoutLocatorParams.tableProperties", + "type": "Object", + "tags": [], + "label": "tableProperties", + "description": [], + "signature": [ + "{ detailsItemId: string; pagination?: { pageIndex: number; pageSize: number; } | undefined; sorting?: { direction?: string | undefined; field: string; } | undefined; }" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsFlyoutLocatorParams.assetDetails", + "type": "Object", + "tags": [], + "label": "assetDetails", + "description": [], + "signature": [ + "{ tabId?: string | undefined; dashboardId?: string | undefined; dateRange?: { from: string; to: string; } | undefined; }" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsLocatorParams", + "type": "Interface", + "tags": [], + "label": "AssetDetailsLocatorParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsLocatorParams", + "text": "AssetDetailsLocatorParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsLocatorParams.assetType", + "type": "string", + "tags": [], + "label": "assetType", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsLocatorParams.assetId", + "type": "string", + "tags": [], + "label": "assetId", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsLocatorParams.state", + "type": "Object", + "tags": [], + "label": "state", + "description": [], + "signature": [ + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + }, + " | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsLocatorParams._a", + "type": "Object", + "tags": [], + "label": "_a", + "description": [], + "signature": [ + "{ time?: { from?: string | undefined; to?: string | undefined; } | undefined; interval?: string | undefined; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsLocatorParams.assetDetails", + "type": "Object", + "tags": [], + "label": "assetDetails", + "description": [], + "signature": [ + "{ tabId?: string | undefined; dashboardId?: string | undefined; dateRange?: { from: string; to: string; } | undefined; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.FlamegraphLocatorParams", + "type": "Interface", + "tags": [], + "label": "FlamegraphLocatorParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.FlamegraphLocatorParams", + "text": "FlamegraphLocatorParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.FlamegraphLocatorParams.kuery", + "type": "string", + "tags": [], + "label": "kuery", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.FlamegraphLocatorParams.rangeFrom", + "type": "string", + "tags": [], + "label": "rangeFrom", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.FlamegraphLocatorParams.rangeTo", + "type": "string", + "tags": [], + "label": "rangeTo", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorParams", + "type": "Interface", + "tags": [], + "label": "HostsLocatorParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.HostsLocatorParams", + "text": "HostsLocatorParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorParams.query", + "type": "Object", + "tags": [], + "label": "query", + "description": [], + "signature": [ + "{ language: string; query: string; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorParams.dateRange", + "type": "Object", + "tags": [], + "label": "dateRange", + "description": [], + "signature": [ + "{ from: string; to: string; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorParams.filters", + "type": "Array", + "tags": [], + "label": "filters", + "description": [], + "signature": [ + { + "pluginId": "@kbn/es-query", + "scope": "common", + "docId": "kibKbnEsQueryPluginApi", + "section": "def-common.Filter", + "text": "Filter" + }, + "[] | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorParams.panelFilters", + "type": "Array", + "tags": [], + "label": "panelFilters", + "description": [], + "signature": [ + { + "pluginId": "@kbn/es-query", + "scope": "common", + "docId": "kibKbnEsQueryPluginApi", + "section": "def-common.Filter", + "text": "Filter" + }, + "[] | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorParams.limit", + "type": "number", + "tags": [], + "label": "limit", + "description": [], + "signature": [ + "number | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocatorParams.tableProperties", + "type": "Object", + "tags": [], + "label": "tableProperties", + "description": [], + "signature": [ + "{ detailsItemId?: string | undefined; pagination: { pageIndex: number; pageSize: number; }; sorting: { direction?: string | undefined; field: string; }; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams", + "type": "Interface", + "tags": [], + "label": "InventoryLocatorParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.InventoryLocatorParams", + "text": "InventoryLocatorParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.inventoryViewId", + "type": "string", + "tags": [], + "label": "inventoryViewId", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.waffleFilter", + "type": "Object", + "tags": [], + "label": "waffleFilter", + "description": [], + "signature": [ + "{ expression: string; kind: string; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.waffleTime", + "type": "Object", + "tags": [], + "label": "waffleTime", + "description": [], + "signature": [ + "{ currentTime: number; isAutoReloading: boolean; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.waffleOptions", + "type": "Object", + "tags": [], + "label": "waffleOptions", + "description": [], + "signature": [ + "{ accountId: string; autoBounds: boolean; boundsOverride: { max: number; min: number; }; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.customMetrics", + "type": "string", + "tags": [], + "label": "customMetrics", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.customOptions", + "type": "string", + "tags": [], + "label": "customOptions", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.groupBy", + "type": "Object", + "tags": [], + "label": "groupBy", + "description": [], + "signature": [ + "{ field: string; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.legend", + "type": "Object", + "tags": [], + "label": "legend", + "description": [], + "signature": [ + "{ palette: string; reverseColors: boolean; steps: number; } | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.metric", + "type": "string", + "tags": [], + "label": "metric", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.nodeType", + "type": "string", + "tags": [], + "label": "nodeType", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.region", + "type": "string", + "tags": [], + "label": "region", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.sort", + "type": "Object", + "tags": [], + "label": "sort", + "description": [], + "signature": [ + "{ by: string; direction: \"desc\" | \"async\"; }" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.timelineOpen", + "type": "boolean", + "tags": [], + "label": "timelineOpen", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.view", + "type": "CompoundType", + "tags": [], + "label": "view", + "description": [], + "signature": [ + "\"map\" | \"table\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocatorParams.state", + "type": "Object", + "tags": [], + "label": "state", + "description": [], + "signature": [ + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + }, + " | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ServiceOverviewParams", + "type": "Interface", + "tags": [], + "label": "ServiceOverviewParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.ServiceOverviewParams", + "text": "ServiceOverviewParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.ServiceOverviewParams.serviceName", + "type": "string", + "tags": [], + "label": "serviceName", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ServiceOverviewParams.rangeFrom", + "type": "string", + "tags": [], + "label": "rangeFrom", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ServiceOverviewParams.rangeTo", + "type": "string", + "tags": [], + "label": "rangeTo", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocatorParams", + "type": "Interface", + "tags": [], + "label": "StacktracesLocatorParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.StacktracesLocatorParams", + "text": "StacktracesLocatorParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocatorParams.kuery", + "type": "string", + "tags": [], + "label": "kuery", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocatorParams.rangeFrom", + "type": "string", + "tags": [], + "label": "rangeFrom", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocatorParams.rangeTo", + "type": "string", + "tags": [], + "label": "rangeTo", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocatorParams.type", + "type": "CompoundType", + "tags": [], + "label": "type", + "description": [], + "signature": [ + { + "pluginId": "@kbn/profiling-utils", + "scope": "common", + "docId": "kibKbnProfilingUtilsPluginApi", + "section": "def-common.TopNType", + "text": "TopNType" + }, + " | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocatorParams", + "type": "Interface", + "tags": [], + "label": "TopNFunctionsLocatorParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TopNFunctionsLocatorParams", + "text": "TopNFunctionsLocatorParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocatorParams.kuery", + "type": "string", + "tags": [], + "label": "kuery", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocatorParams.rangeFrom", + "type": "string", + "tags": [], + "label": "rangeFrom", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocatorParams.rangeTo", + "type": "string", + "tags": [], + "label": "rangeTo", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameParams", + "type": "Interface", + "tags": [], + "label": "TransactionDetailsByNameParams", + "description": [], + "signature": [ + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TransactionDetailsByNameParams", + "text": "TransactionDetailsByNameParams" + }, + " extends ", + { + "pluginId": "@kbn/utility-types", + "scope": "common", + "docId": "kibKbnUtilityTypesPluginApi", + "section": "def-common.SerializableRecord", + "text": "SerializableRecord" + } + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameParams.serviceName", + "type": "string", + "tags": [], + "label": "serviceName", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameParams.transactionName", + "type": "string", + "tags": [], + "label": "transactionName", + "description": [], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameParams.rangeFrom", + "type": "string", + "tags": [], + "label": "rangeFrom", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameParams.rangeTo", + "type": "string", + "tags": [], + "label": "rangeTo", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false } ], - "returnComment": [], "initialIsOpen": false } ], - "interfaces": [], "enums": [ { "parentPluginId": "observabilityShared", @@ -4098,6 +5807,96 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ASSET_DETAILS_FLYOUT_LOCATOR_ID", + "type": "string", + "tags": [], + "label": "ASSET_DETAILS_FLYOUT_LOCATOR_ID", + "description": [], + "signature": [ + "\"ASSET_DETAILS_FLYOUT_LOCATOR\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ASSET_DETAILS_LOCATOR_ID", + "type": "string", + "tags": [], + "label": "ASSET_DETAILS_LOCATOR_ID", + "description": [], + "signature": [ + "\"ASSET_DETAILS_LOCATOR\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsFlyoutLocator", + "type": "Type", + "tags": [], + "label": "AssetDetailsFlyoutLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsFlyoutLocatorParams", + "text": "AssetDetailsFlyoutLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_flyout_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.AssetDetailsLocator", + "type": "Type", + "tags": [], + "label": "AssetDetailsLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.AssetDetailsLocatorParams", + "text": "AssetDetailsLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/asset_details_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.casesFeatureId", @@ -4458,6 +6257,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.FlamegraphLocator", + "type": "Type", + "tags": [], + "label": "FlamegraphLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.FlamegraphLocatorParams", + "text": "FlamegraphLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/flamegraph_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.HOST", @@ -4503,6 +6332,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.HostsLocator", + "type": "Type", + "tags": [], + "label": "HostsLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.HostsLocatorParams", + "text": "HostsLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/hosts_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.HTTP_REQUEST_METHOD", @@ -4533,6 +6392,51 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.INVENTORY_LOCATOR_ID", + "type": "string", + "tags": [], + "label": "INVENTORY_LOCATOR_ID", + "description": [], + "signature": [ + "\"INVENTORY_LOCATOR\"" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.InventoryLocator", + "type": "Type", + "tags": [], + "label": "InventoryLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.InventoryLocatorParams", + "text": "InventoryLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/infra/inventory_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.KUBERNETES", @@ -5328,6 +7232,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.ServiceOverviewLocator", + "type": "Type", + "tags": [], + "label": "ServiceOverviewLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.ServiceOverviewParams", + "text": "ServiceOverviewParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/service_overview_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.SLO_ALERTS_TABLE_CONFIG_ID", @@ -5520,6 +7454,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.StacktracesLocator", + "type": "Type", + "tags": [], + "label": "StacktracesLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.StacktracesLocatorParams", + "text": "StacktracesLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/stacktraces_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.SYNTHETICS_BLOCKED_TIMINGS", @@ -5655,6 +7619,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TopNFunctionsLocator", + "type": "Type", + "tags": [], + "label": "TopNFunctionsLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TopNFunctionsLocatorParams", + "text": "TopNFunctionsLocatorParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/profiling/topn_functions_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.TRACE_ID", @@ -5850,6 +7844,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "observabilityShared", + "id": "def-common.TransactionDetailsByNameLocator", + "type": "Type", + "tags": [], + "label": "TransactionDetailsByNameLocator", + "description": [], + "signature": [ + { + "pluginId": "share", + "scope": "common", + "docId": "kibSharePluginApi", + "section": "def-common.LocatorPublic", + "text": "LocatorPublic" + }, + "<", + { + "pluginId": "observabilityShared", + "scope": "common", + "docId": "kibObservabilitySharedPluginApi", + "section": "def-common.TransactionDetailsByNameParams", + "text": "TransactionDetailsByNameParams" + }, + ">" + ], + "path": "x-pack/plugins/observability_solution/observability_shared/common/locators/apm/transaction_details_by_name_locator.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "observabilityShared", "id": "def-common.URL_FULL", diff --git a/api_docs/observability_shared.mdx b/api_docs/observability_shared.mdx index 3b9d19acd0295..8a5b74d272132 100644 --- a/api_docs/observability_shared.mdx +++ b/api_docs/observability_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityShared title: "observabilityShared" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityShared plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityShared'] --- import observabilitySharedObj from './observability_shared.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/observability-ui](https://github.com/orgs/elastic/teams/observ | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 356 | 1 | 351 | 22 | +| 449 | 1 | 444 | 19 | ## Client @@ -45,6 +45,12 @@ Contact [@elastic/observability-ui](https://github.com/orgs/elastic/teams/observ ### Functions +### Classes + + +### Interfaces + + ### Enums diff --git a/api_docs/osquery.mdx b/api_docs/osquery.mdx index a7be8bc2add1a..1527a3db32af7 100644 --- a/api_docs/osquery.mdx +++ b/api_docs/osquery.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/osquery title: "osquery" image: https://source.unsplash.com/400x175/?github description: API docs for the osquery plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'osquery'] --- import osqueryObj from './osquery.devdocs.json'; diff --git a/api_docs/painless_lab.mdx b/api_docs/painless_lab.mdx index d5a3700ff48df..b98199db50b25 100644 --- a/api_docs/painless_lab.mdx +++ b/api_docs/painless_lab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/painlessLab title: "painlessLab" image: https://source.unsplash.com/400x175/?github description: API docs for the painlessLab plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'painlessLab'] --- import painlessLabObj from './painless_lab.devdocs.json'; diff --git a/api_docs/plugin_directory.mdx b/api_docs/plugin_directory.mdx index 4d1fad01428c9..9b371cbcb3132 100644 --- a/api_docs/plugin_directory.mdx +++ b/api_docs/plugin_directory.mdx @@ -7,7 +7,7 @@ id: kibDevDocsPluginDirectory slug: /kibana-dev-docs/api-meta/plugin-api-directory title: Directory description: Directory of public APIs available through plugins or packages. -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -15,13 +15,13 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Count | Plugins or Packages with a
public API | Number of teams | |--------------|----------|------------------------| -| 830 | 706 | 45 | +| 832 | 708 | 45 | ### Public API health stats | API Count | Any Count | Missing comments | Missing exports | |--------------|----------|-----------------|--------| -| 52071 | 241 | 39009 | 1918 | +| 52242 | 241 | 39176 | 1918 | ## Plugin Directory @@ -102,7 +102,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-gis](https://github.com/orgs/elastic/teams/kibana-gis) | The file upload plugin contains components and services for uploading a file, analyzing its data, and then importing the data into an Elasticsearch index. Supported file types include CSV, TSV, newline-delimited JSON and GeoJSON. | 84 | 0 | 84 | 8 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | File upload, download, sharing, and serving over HTTP implementation in Kibana. | 240 | 0 | 24 | 9 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Simple UI for managing files in Kibana | 3 | 0 | 3 | 0 | -| | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 1351 | 5 | 1229 | 74 | +| | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 1357 | 5 | 1234 | 74 | | ftrApis | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 0 | 0 | 0 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 72 | 0 | 14 | 5 | | globalSearchBar | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 0 | 0 | 0 | 0 | @@ -121,7 +121,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 127 | 2 | 100 | 4 | | | [@elastic/security-scalability](https://github.com/orgs/elastic/teams/security-scalability) | Plugin implementing the Integration Assistant API and UI | 47 | 0 | 40 | 3 | | | [@elastic/kibana-security](https://github.com/orgs/elastic/teams/kibana-security) | This plugin provides UI and APIs for the interactive setup mode. | 28 | 0 | 18 | 0 | -| | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 105 | 0 | 105 | 6 | +| | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 112 | 0 | 112 | 6 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 5 | 0 | 5 | 2 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 6 | 0 | 6 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 153 | 0 | 121 | 3 | @@ -156,7 +156,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) | - | 2 | 0 | 2 | 0 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | This plugin exposes and registers observability log consumption features. | 19 | 0 | 19 | 1 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 21 | 0 | 21 | 0 | -| | [@elastic/observability-ui](https://github.com/orgs/elastic/teams/observability-ui) | - | 356 | 1 | 351 | 22 | +| | [@elastic/observability-ui](https://github.com/orgs/elastic/teams/observability-ui) | - | 449 | 1 | 444 | 19 | | | [@elastic/security-defend-workflows](https://github.com/orgs/elastic/teams/security-defend-workflows) | - | 23 | 0 | 23 | 7 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 2 | 0 | 2 | 0 | | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | Adds a standardized Presentation panel which allows any forward ref component to interface with various Kibana systems. | 11 | 0 | 11 | 4 | @@ -166,7 +166,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 23 | 0 | 23 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Reporting Services enables applications to feature reports that the user can automate with Watcher and download later. | 9 | 0 | 2 | 0 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 21 | 0 | 21 | 0 | -| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 287 | 0 | 250 | 11 | +| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 285 | 0 | 248 | 11 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 24 | 0 | 19 | 2 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 132 | 2 | 121 | 5 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 25 | 0 | 25 | 0 | @@ -254,8 +254,8 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 1 | 0 | 0 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 18 | 0 | 18 | 0 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 4 | 0 | 4 | 0 | -| | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 49 | 0 | 49 | 8 | -| | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 200 | 0 | 200 | 31 | +| | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 51 | 0 | 51 | 9 | +| | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 201 | 0 | 201 | 31 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 316 | 0 | 315 | 0 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 11 | 0 | 11 | 0 | | | [@elastic/security-defend-workflows](https://github.com/orgs/elastic/teams/security-defend-workflows) | - | 3 | 0 | 3 | 0 | @@ -279,10 +279,12 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 24 | 0 | 24 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 149 | 2 | 143 | 20 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 10 | 0 | 8 | 4 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 39 | 0 | 38 | 0 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 6 | 0 | 6 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 8 | 0 | 8 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 3 | 0 | 3 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 10 | 0 | 10 | 0 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 49 | 0 | 33 | 3 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 50 | 0 | 33 | 3 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 30 | 0 | 30 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 195 | 1 | 128 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 100 | 0 | 0 | 0 | @@ -484,7 +486,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 102 | 0 | 86 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 15 | 0 | 9 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 38 | 2 | 33 | 0 | -| | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 131 | 0 | 105 | 1 | +| | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 133 | 0 | 106 | 1 | | | [@elastic/docs](https://github.com/orgs/elastic/teams/docs) | - | 78 | 0 | 78 | 2 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 5 | 0 | 5 | 1 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 41 | 0 | 27 | 6 | @@ -493,7 +495,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 35 | 0 | 34 | 0 | | | [@elastic/security-generative-ai](https://github.com/orgs/elastic/teams/security-generative-ai) | - | 156 | 0 | 130 | 9 | | | [@elastic/security-generative-ai](https://github.com/orgs/elastic/teams/security-generative-ai) | - | 354 | 0 | 328 | 0 | -| | [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entities) | - | 34 | 0 | 34 | 0 | +| | [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entities) | - | 37 | 0 | 37 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 55 | 0 | 40 | 7 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 32 | 0 | 19 | 1 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 11 | 0 | 6 | 0 | @@ -582,9 +584,9 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 34 | 0 | 0 | 0 | | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 44 | 0 | 38 | 1 | | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 18 | 0 | 18 | 0 | -| | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 31 | 1 | 24 | 1 | +| | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 42 | 1 | 35 | 1 | | | [@elastic/kibana-security](https://github.com/orgs/elastic/teams/kibana-security) | - | 22 | 0 | 16 | 0 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 122 | 0 | 122 | 3 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 123 | 0 | 123 | 3 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 55 | 1 | 50 | 0 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 10 | 0 | 10 | 2 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 5 | 0 | 5 | 0 | @@ -601,7 +603,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 1 | 0 | 1 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 1 | 0 | 1 | 0 | | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 88 | 0 | 76 | 0 | -| | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 216 | 0 | 181 | 5 | +| | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 216 | 0 | 181 | 6 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 168 | 0 | 55 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 13 | 0 | 7 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 22 | 0 | 9 | 0 | @@ -650,7 +652,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-security](https://github.com/orgs/elastic/teams/kibana-security) | - | 51 | 0 | 25 | 0 | | | [@elastic/kibana-security](https://github.com/orgs/elastic/teams/kibana-security) | - | 275 | 1 | 154 | 0 | | | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 6 | 0 | 0 | 0 | -| | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 14 | 0 | 14 | 6 | +| | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 15 | 0 | 15 | 7 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 54 | 0 | 49 | 0 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 30 | 0 | 24 | 0 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 2 | 0 | 0 | 0 | diff --git a/api_docs/presentation_panel.mdx b/api_docs/presentation_panel.mdx index 02513dae57d5a..e04c4b8da4fbc 100644 --- a/api_docs/presentation_panel.mdx +++ b/api_docs/presentation_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationPanel title: "presentationPanel" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationPanel plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationPanel'] --- import presentationPanelObj from './presentation_panel.devdocs.json'; diff --git a/api_docs/presentation_util.mdx b/api_docs/presentation_util.mdx index 00c933ab96eff..6b58ce6a4ab9a 100644 --- a/api_docs/presentation_util.mdx +++ b/api_docs/presentation_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationUtil title: "presentationUtil" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationUtil plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationUtil'] --- import presentationUtilObj from './presentation_util.devdocs.json'; diff --git a/api_docs/profiling.mdx b/api_docs/profiling.mdx index 1db9ab875e444..5452cbbe4a3ad 100644 --- a/api_docs/profiling.mdx +++ b/api_docs/profiling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profiling title: "profiling" image: https://source.unsplash.com/400x175/?github description: API docs for the profiling plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profiling'] --- import profilingObj from './profiling.devdocs.json'; diff --git a/api_docs/profiling_data_access.mdx b/api_docs/profiling_data_access.mdx index eb301e8a88a31..29baa2b90ca31 100644 --- a/api_docs/profiling_data_access.mdx +++ b/api_docs/profiling_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profilingDataAccess title: "profilingDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the profilingDataAccess plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profilingDataAccess'] --- import profilingDataAccessObj from './profiling_data_access.devdocs.json'; diff --git a/api_docs/remote_clusters.mdx b/api_docs/remote_clusters.mdx index 0835a57ca705f..e53d58a5facce 100644 --- a/api_docs/remote_clusters.mdx +++ b/api_docs/remote_clusters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/remoteClusters title: "remoteClusters" image: https://source.unsplash.com/400x175/?github description: API docs for the remoteClusters plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'remoteClusters'] --- import remoteClustersObj from './remote_clusters.devdocs.json'; diff --git a/api_docs/reporting.mdx b/api_docs/reporting.mdx index 96ca789fe37e8..30d6d5213274b 100644 --- a/api_docs/reporting.mdx +++ b/api_docs/reporting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/reporting title: "reporting" image: https://source.unsplash.com/400x175/?github description: API docs for the reporting plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'reporting'] --- import reportingObj from './reporting.devdocs.json'; diff --git a/api_docs/rollup.mdx b/api_docs/rollup.mdx index 4ff3fb361489f..10531c2849451 100644 --- a/api_docs/rollup.mdx +++ b/api_docs/rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/rollup title: "rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the rollup plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'rollup'] --- import rollupObj from './rollup.devdocs.json'; diff --git a/api_docs/rule_registry.devdocs.json b/api_docs/rule_registry.devdocs.json index d7cec6f063cb3..02bf20ed95090 100644 --- a/api_docs/rule_registry.devdocs.json +++ b/api_docs/rule_registry.devdocs.json @@ -3667,7 +3667,7 @@ "label": "alertWithPersistence", "description": [], "signature": [ - "(alerts: { _id: string; _source: T; }[], refresh: boolean | \"wait_for\", maxAlerts?: number | undefined, enrichAlerts?: ((alerts: { _id: string; _source: T; }[], params: { spaceId: string; }) => Promise<{ _id: string; _source: T; }[]>) | undefined, currentTimeOverride?: Date | undefined) => Promise<", + "(alerts: { _id: string; _source: T; }[], refresh: boolean | \"wait_for\", maxAlerts?: number | undefined, enrichAlerts?: ((alerts: { _id: string; _source: T; }[], params: { spaceId: string; }) => Promise<{ _id: string; _source: T; }[]>) | undefined) => Promise<", { "pluginId": "ruleRegistry", "scope": "server", @@ -3737,20 +3737,6 @@ "path": "x-pack/plugins/rule_registry/server/utils/persistence_types.ts", "deprecated": false, "trackAdoption": false - }, - { - "parentPluginId": "ruleRegistry", - "id": "def-server.PersistenceServices.alertWithPersistence.$5", - "type": "Object", - "tags": [], - "label": "currentTimeOverride", - "description": [], - "signature": [ - "Date | undefined" - ], - "path": "x-pack/plugins/rule_registry/server/utils/persistence_types.ts", - "deprecated": false, - "trackAdoption": false } ] }, @@ -4431,7 +4417,7 @@ "label": "PersistenceAlertService", "description": [], "signature": [ - "(alerts: { _id: string; _source: T; }[], refresh: boolean | \"wait_for\", maxAlerts?: number | undefined, enrichAlerts?: ((alerts: { _id: string; _source: T; }[], params: { spaceId: string; }) => Promise<{ _id: string; _source: T; }[]>) | undefined, currentTimeOverride?: Date | undefined) => Promise<", + "(alerts: { _id: string; _source: T; }[], refresh: boolean | \"wait_for\", maxAlerts?: number | undefined, enrichAlerts?: ((alerts: { _id: string; _source: T; }[], params: { spaceId: string; }) => Promise<{ _id: string; _source: T; }[]>) | undefined) => Promise<", { "pluginId": "ruleRegistry", "scope": "server", @@ -4501,20 +4487,6 @@ "path": "x-pack/plugins/rule_registry/server/utils/persistence_types.ts", "deprecated": false, "trackAdoption": false - }, - { - "parentPluginId": "ruleRegistry", - "id": "def-server.PersistenceAlertService.$5", - "type": "Object", - "tags": [], - "label": "currentTimeOverride", - "description": [], - "signature": [ - "Date | undefined" - ], - "path": "x-pack/plugins/rule_registry/server/utils/persistence_types.ts", - "deprecated": false, - "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/rule_registry.mdx b/api_docs/rule_registry.mdx index 5812be13b7c8c..625b1bf3b8465 100644 --- a/api_docs/rule_registry.mdx +++ b/api_docs/rule_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ruleRegistry title: "ruleRegistry" image: https://source.unsplash.com/400x175/?github description: API docs for the ruleRegistry plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ruleRegistry'] --- import ruleRegistryObj from './rule_registry.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-o | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 287 | 0 | 250 | 11 | +| 285 | 0 | 248 | 11 | ## Server diff --git a/api_docs/runtime_fields.mdx b/api_docs/runtime_fields.mdx index d92a74c4b6030..0ecbf90f8cbd1 100644 --- a/api_docs/runtime_fields.mdx +++ b/api_docs/runtime_fields.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/runtimeFields title: "runtimeFields" image: https://source.unsplash.com/400x175/?github description: API docs for the runtimeFields plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'runtimeFields'] --- import runtimeFieldsObj from './runtime_fields.devdocs.json'; diff --git a/api_docs/saved_objects.mdx b/api_docs/saved_objects.mdx index 9bf39d40d3a84..7c7de3d255238 100644 --- a/api_docs/saved_objects.mdx +++ b/api_docs/saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjects title: "savedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjects plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjects'] --- import savedObjectsObj from './saved_objects.devdocs.json'; diff --git a/api_docs/saved_objects_finder.mdx b/api_docs/saved_objects_finder.mdx index 64f32ae44bb4f..250405ae508fd 100644 --- a/api_docs/saved_objects_finder.mdx +++ b/api_docs/saved_objects_finder.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsFinder title: "savedObjectsFinder" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsFinder plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsFinder'] --- import savedObjectsFinderObj from './saved_objects_finder.devdocs.json'; diff --git a/api_docs/saved_objects_management.mdx b/api_docs/saved_objects_management.mdx index 830b856e414c5..3e3254cfec41e 100644 --- a/api_docs/saved_objects_management.mdx +++ b/api_docs/saved_objects_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsManagement title: "savedObjectsManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsManagement plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsManagement'] --- import savedObjectsManagementObj from './saved_objects_management.devdocs.json'; diff --git a/api_docs/saved_objects_tagging.mdx b/api_docs/saved_objects_tagging.mdx index 4ac3bbe282cc3..66d0948141ad7 100644 --- a/api_docs/saved_objects_tagging.mdx +++ b/api_docs/saved_objects_tagging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTagging title: "savedObjectsTagging" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTagging plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTagging'] --- import savedObjectsTaggingObj from './saved_objects_tagging.devdocs.json'; diff --git a/api_docs/saved_objects_tagging_oss.mdx b/api_docs/saved_objects_tagging_oss.mdx index f7dedba4a124c..ecec466a995a5 100644 --- a/api_docs/saved_objects_tagging_oss.mdx +++ b/api_docs/saved_objects_tagging_oss.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTaggingOss title: "savedObjectsTaggingOss" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTaggingOss plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTaggingOss'] --- import savedObjectsTaggingOssObj from './saved_objects_tagging_oss.devdocs.json'; diff --git a/api_docs/saved_search.mdx b/api_docs/saved_search.mdx index 4abad408a03c7..318d6c464a62a 100644 --- a/api_docs/saved_search.mdx +++ b/api_docs/saved_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedSearch title: "savedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the savedSearch plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedSearch'] --- import savedSearchObj from './saved_search.devdocs.json'; diff --git a/api_docs/screenshot_mode.mdx b/api_docs/screenshot_mode.mdx index e41bfa59d05bb..b52cb6ce59951 100644 --- a/api_docs/screenshot_mode.mdx +++ b/api_docs/screenshot_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotMode title: "screenshotMode" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotMode plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotMode'] --- import screenshotModeObj from './screenshot_mode.devdocs.json'; diff --git a/api_docs/screenshotting.mdx b/api_docs/screenshotting.mdx index 0d774753dd538..2c2a2c7641112 100644 --- a/api_docs/screenshotting.mdx +++ b/api_docs/screenshotting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotting title: "screenshotting" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotting plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotting'] --- import screenshottingObj from './screenshotting.devdocs.json'; diff --git a/api_docs/search_connectors.mdx b/api_docs/search_connectors.mdx index 8c5c310066699..82f9a59b0db56 100644 --- a/api_docs/search_connectors.mdx +++ b/api_docs/search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchConnectors title: "searchConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the searchConnectors plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchConnectors'] --- import searchConnectorsObj from './search_connectors.devdocs.json'; diff --git a/api_docs/search_homepage.mdx b/api_docs/search_homepage.mdx index 6b6f81be203da..89ad92ad515b9 100644 --- a/api_docs/search_homepage.mdx +++ b/api_docs/search_homepage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchHomepage title: "searchHomepage" image: https://source.unsplash.com/400x175/?github description: API docs for the searchHomepage plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchHomepage'] --- import searchHomepageObj from './search_homepage.devdocs.json'; diff --git a/api_docs/search_inference_endpoints.mdx b/api_docs/search_inference_endpoints.mdx index d99e701e236d8..c0c701bc2cb29 100644 --- a/api_docs/search_inference_endpoints.mdx +++ b/api_docs/search_inference_endpoints.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchInferenceEndpoints title: "searchInferenceEndpoints" image: https://source.unsplash.com/400x175/?github description: API docs for the searchInferenceEndpoints plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchInferenceEndpoints'] --- import searchInferenceEndpointsObj from './search_inference_endpoints.devdocs.json'; diff --git a/api_docs/search_notebooks.mdx b/api_docs/search_notebooks.mdx index 5a42540a26458..ce6429f5306d8 100644 --- a/api_docs/search_notebooks.mdx +++ b/api_docs/search_notebooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchNotebooks title: "searchNotebooks" image: https://source.unsplash.com/400x175/?github description: API docs for the searchNotebooks plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchNotebooks'] --- import searchNotebooksObj from './search_notebooks.devdocs.json'; diff --git a/api_docs/search_playground.mdx b/api_docs/search_playground.mdx index 2d81c7a40819b..d88d9deced80e 100644 --- a/api_docs/search_playground.mdx +++ b/api_docs/search_playground.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchPlayground title: "searchPlayground" image: https://source.unsplash.com/400x175/?github description: API docs for the searchPlayground plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchPlayground'] --- import searchPlaygroundObj from './search_playground.devdocs.json'; diff --git a/api_docs/security.mdx b/api_docs/security.mdx index 22a17fcc343af..9d0917c56bf32 100644 --- a/api_docs/security.mdx +++ b/api_docs/security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/security title: "security" image: https://source.unsplash.com/400x175/?github description: API docs for the security plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'security'] --- import securityObj from './security.devdocs.json'; diff --git a/api_docs/security_solution.devdocs.json b/api_docs/security_solution.devdocs.json index 184c86f6a708c..d8012610139a2 100644 --- a/api_docs/security_solution.devdocs.json +++ b/api_docs/security_solution.devdocs.json @@ -3324,7 +3324,7 @@ "\nA list of allowed values that can be used in `xpack.securitySolution.enableExperimental`.\nThis object is then used to validate and parse the value entered." ], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: false; readonly kubernetesEnabled: true; readonly donutChartEmbeddablesEnabled: false; readonly previewTelemetryUrlEnabled: false; readonly extendedRuleExecutionLoggingEnabled: false; readonly socTrendsEnabled: false; readonly responseActionUploadEnabled: true; readonly automatedProcessActionsEnabled: true; readonly responseActionsSentinelOneV1Enabled: true; readonly responseActionsSentinelOneV2Enabled: true; readonly responseActionsSentinelOneGetFileEnabled: true; readonly responseActionsSentinelOneKillProcessEnabled: false; readonly responseActionsSentinelOneProcessesEnabled: false; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: true; readonly responseActionScanEnabled: true; readonly securitySolutionNotesEnabled: false; readonly entityAlertPreviewDisabled: false; readonly assistantModelEvaluation: false; readonly assistantKnowledgeBaseByDefault: false; readonly assistantBedrockChat: true; readonly newUserDetailsFlyoutManagedUser: false; readonly riskScoringPersistence: true; readonly riskScoringRoutesEnabled: true; readonly esqlRulesDisabled: false; readonly protectionUpdatesEnabled: true; readonly disableTimelineSaveTour: false; readonly riskEnginePrivilegesRouteEnabled: true; readonly sentinelOneDataInAnalyzerEnabled: true; readonly sentinelOneManualHostActionsEnabled: true; readonly crowdstrikeDataInAnalyzerEnabled: true; readonly jamfDataInAnalyzerEnabled: false; readonly timelineEsqlTabDisabled: false; readonly unifiedComponentsInTimelineDisabled: false; readonly analyzerDatePickersAndSourcererDisabled: false; readonly prebuiltRulesCustomizationEnabled: false; readonly malwareOnWriteScanOptionAvailable: true; readonly unifiedManifestEnabled: true; readonly valueListItemsModalEnabled: true; readonly manualRuleRunEnabled: false; readonly filterProcessDescendantsForEventFiltersEnabled: true; readonly dataIngestionHubEnabled: false; }" + "{ readonly excludePoliciesInFilterEnabled: false; readonly kubernetesEnabled: true; readonly donutChartEmbeddablesEnabled: false; readonly previewTelemetryUrlEnabled: false; readonly extendedRuleExecutionLoggingEnabled: false; readonly socTrendsEnabled: false; readonly responseActionUploadEnabled: true; readonly automatedProcessActionsEnabled: true; readonly responseActionsSentinelOneV1Enabled: true; readonly responseActionsSentinelOneV2Enabled: true; readonly responseActionsSentinelOneGetFileEnabled: true; readonly responseActionsSentinelOneKillProcessEnabled: true; readonly responseActionsSentinelOneProcessesEnabled: true; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: true; readonly responseActionScanEnabled: true; readonly securitySolutionNotesEnabled: false; readonly entityAlertPreviewDisabled: false; readonly assistantModelEvaluation: false; readonly assistantKnowledgeBaseByDefault: false; readonly assistantBedrockChat: true; readonly newUserDetailsFlyoutManagedUser: false; readonly riskScoringPersistence: true; readonly riskScoringRoutesEnabled: true; readonly esqlRulesDisabled: false; readonly protectionUpdatesEnabled: true; readonly disableTimelineSaveTour: false; readonly riskEnginePrivilegesRouteEnabled: true; readonly sentinelOneDataInAnalyzerEnabled: true; readonly sentinelOneManualHostActionsEnabled: true; readonly crowdstrikeDataInAnalyzerEnabled: true; readonly jamfDataInAnalyzerEnabled: false; readonly timelineEsqlTabDisabled: false; readonly unifiedComponentsInTimelineDisabled: false; readonly analyzerDatePickersAndSourcererDisabled: false; readonly prebuiltRulesCustomizationEnabled: false; readonly malwareOnWriteScanOptionAvailable: true; readonly unifiedManifestEnabled: true; readonly valueListItemsModalEnabled: true; readonly manualRuleRunEnabled: false; readonly filterProcessDescendantsForEventFiltersEnabled: true; readonly dataIngestionHubEnabled: false; }" ], "path": "x-pack/plugins/security_solution/common/experimental_features.ts", "deprecated": false, diff --git a/api_docs/security_solution.mdx b/api_docs/security_solution.mdx index 4ddbc85270121..f9722f893a3ae 100644 --- a/api_docs/security_solution.mdx +++ b/api_docs/security_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolution title: "securitySolution" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolution plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolution'] --- import securitySolutionObj from './security_solution.devdocs.json'; diff --git a/api_docs/security_solution_ess.mdx b/api_docs/security_solution_ess.mdx index af38a1a660c98..c89f5bf4c1360 100644 --- a/api_docs/security_solution_ess.mdx +++ b/api_docs/security_solution_ess.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionEss title: "securitySolutionEss" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionEss plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionEss'] --- import securitySolutionEssObj from './security_solution_ess.devdocs.json'; diff --git a/api_docs/security_solution_serverless.mdx b/api_docs/security_solution_serverless.mdx index 696c7d2c6ff57..c5735055289b4 100644 --- a/api_docs/security_solution_serverless.mdx +++ b/api_docs/security_solution_serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionServerless title: "securitySolutionServerless" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionServerless plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionServerless'] --- import securitySolutionServerlessObj from './security_solution_serverless.devdocs.json'; diff --git a/api_docs/serverless.mdx b/api_docs/serverless.mdx index 9c3e3e11eee64..57e0f47313731 100644 --- a/api_docs/serverless.mdx +++ b/api_docs/serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverless title: "serverless" image: https://source.unsplash.com/400x175/?github description: API docs for the serverless plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverless'] --- import serverlessObj from './serverless.devdocs.json'; diff --git a/api_docs/serverless_observability.mdx b/api_docs/serverless_observability.mdx index 72f18dc7055a2..6eab40e789051 100644 --- a/api_docs/serverless_observability.mdx +++ b/api_docs/serverless_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessObservability title: "serverlessObservability" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessObservability plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessObservability'] --- import serverlessObservabilityObj from './serverless_observability.devdocs.json'; diff --git a/api_docs/serverless_search.mdx b/api_docs/serverless_search.mdx index c6ea3565cac86..0b6c069e85fd7 100644 --- a/api_docs/serverless_search.mdx +++ b/api_docs/serverless_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessSearch title: "serverlessSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessSearch plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessSearch'] --- import serverlessSearchObj from './serverless_search.devdocs.json'; diff --git a/api_docs/session_view.mdx b/api_docs/session_view.mdx index 4a02108dccd22..f54b19caea4ee 100644 --- a/api_docs/session_view.mdx +++ b/api_docs/session_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/sessionView title: "sessionView" image: https://source.unsplash.com/400x175/?github description: API docs for the sessionView plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'sessionView'] --- import sessionViewObj from './session_view.devdocs.json'; diff --git a/api_docs/share.mdx b/api_docs/share.mdx index c19dca3c1152c..322c59f57f2d9 100644 --- a/api_docs/share.mdx +++ b/api_docs/share.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/share title: "share" image: https://source.unsplash.com/400x175/?github description: API docs for the share plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'share'] --- import shareObj from './share.devdocs.json'; diff --git a/api_docs/slo.mdx b/api_docs/slo.mdx index 657c99782443c..0221692963d0b 100644 --- a/api_docs/slo.mdx +++ b/api_docs/slo.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/slo title: "slo" image: https://source.unsplash.com/400x175/?github description: API docs for the slo plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'slo'] --- import sloObj from './slo.devdocs.json'; diff --git a/api_docs/snapshot_restore.mdx b/api_docs/snapshot_restore.mdx index 2399ccc4a2474..20094174e9b8a 100644 --- a/api_docs/snapshot_restore.mdx +++ b/api_docs/snapshot_restore.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/snapshotRestore title: "snapshotRestore" image: https://source.unsplash.com/400x175/?github description: API docs for the snapshotRestore plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'snapshotRestore'] --- import snapshotRestoreObj from './snapshot_restore.devdocs.json'; diff --git a/api_docs/spaces.mdx b/api_docs/spaces.mdx index 96924884591b8..0f44754daca7f 100644 --- a/api_docs/spaces.mdx +++ b/api_docs/spaces.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/spaces title: "spaces" image: https://source.unsplash.com/400x175/?github description: API docs for the spaces plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'spaces'] --- import spacesObj from './spaces.devdocs.json'; diff --git a/api_docs/stack_alerts.mdx b/api_docs/stack_alerts.mdx index e2503bd40b6c6..5485764131ceb 100644 --- a/api_docs/stack_alerts.mdx +++ b/api_docs/stack_alerts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackAlerts title: "stackAlerts" image: https://source.unsplash.com/400x175/?github description: API docs for the stackAlerts plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackAlerts'] --- import stackAlertsObj from './stack_alerts.devdocs.json'; diff --git a/api_docs/stack_connectors.mdx b/api_docs/stack_connectors.mdx index 881a3500b5346..3a20f3a8b842c 100644 --- a/api_docs/stack_connectors.mdx +++ b/api_docs/stack_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackConnectors title: "stackConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the stackConnectors plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackConnectors'] --- import stackConnectorsObj from './stack_connectors.devdocs.json'; diff --git a/api_docs/task_manager.mdx b/api_docs/task_manager.mdx index eadd886a53d12..bd810be492ac2 100644 --- a/api_docs/task_manager.mdx +++ b/api_docs/task_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/taskManager title: "taskManager" image: https://source.unsplash.com/400x175/?github description: API docs for the taskManager plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'taskManager'] --- import taskManagerObj from './task_manager.devdocs.json'; diff --git a/api_docs/telemetry.mdx b/api_docs/telemetry.mdx index d10e614ddd448..17e7aa6929bc0 100644 --- a/api_docs/telemetry.mdx +++ b/api_docs/telemetry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetry title: "telemetry" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetry plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetry'] --- import telemetryObj from './telemetry.devdocs.json'; diff --git a/api_docs/telemetry_collection_manager.mdx b/api_docs/telemetry_collection_manager.mdx index b8fc2e5e31b19..3f41cb48619fc 100644 --- a/api_docs/telemetry_collection_manager.mdx +++ b/api_docs/telemetry_collection_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionManager title: "telemetryCollectionManager" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionManager plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionManager'] --- import telemetryCollectionManagerObj from './telemetry_collection_manager.devdocs.json'; diff --git a/api_docs/telemetry_collection_xpack.mdx b/api_docs/telemetry_collection_xpack.mdx index de03f32aef554..938485f9a6877 100644 --- a/api_docs/telemetry_collection_xpack.mdx +++ b/api_docs/telemetry_collection_xpack.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionXpack title: "telemetryCollectionXpack" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionXpack plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionXpack'] --- import telemetryCollectionXpackObj from './telemetry_collection_xpack.devdocs.json'; diff --git a/api_docs/telemetry_management_section.mdx b/api_docs/telemetry_management_section.mdx index 6490952b00ea1..fa377cfc20765 100644 --- a/api_docs/telemetry_management_section.mdx +++ b/api_docs/telemetry_management_section.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryManagementSection title: "telemetryManagementSection" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryManagementSection plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryManagementSection'] --- import telemetryManagementSectionObj from './telemetry_management_section.devdocs.json'; diff --git a/api_docs/threat_intelligence.mdx b/api_docs/threat_intelligence.mdx index 305996525b254..7313ec0ef205b 100644 --- a/api_docs/threat_intelligence.mdx +++ b/api_docs/threat_intelligence.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/threatIntelligence title: "threatIntelligence" image: https://source.unsplash.com/400x175/?github description: API docs for the threatIntelligence plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'threatIntelligence'] --- import threatIntelligenceObj from './threat_intelligence.devdocs.json'; diff --git a/api_docs/timelines.mdx b/api_docs/timelines.mdx index 17ffcf19d6728..b97f72b161389 100644 --- a/api_docs/timelines.mdx +++ b/api_docs/timelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/timelines title: "timelines" image: https://source.unsplash.com/400x175/?github description: API docs for the timelines plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'timelines'] --- import timelinesObj from './timelines.devdocs.json'; diff --git a/api_docs/transform.mdx b/api_docs/transform.mdx index e723c6aa211a8..c918b146818b3 100644 --- a/api_docs/transform.mdx +++ b/api_docs/transform.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/transform title: "transform" image: https://source.unsplash.com/400x175/?github description: API docs for the transform plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'transform'] --- import transformObj from './transform.devdocs.json'; diff --git a/api_docs/triggers_actions_ui.mdx b/api_docs/triggers_actions_ui.mdx index b3f11b82d2942..67504e1a17d6f 100644 --- a/api_docs/triggers_actions_ui.mdx +++ b/api_docs/triggers_actions_ui.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/triggersActionsUi title: "triggersActionsUi" image: https://source.unsplash.com/400x175/?github description: API docs for the triggersActionsUi plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'triggersActionsUi'] --- import triggersActionsUiObj from './triggers_actions_ui.devdocs.json'; diff --git a/api_docs/ui_actions.mdx b/api_docs/ui_actions.mdx index ec2671e868acc..b2cc8beb5a8af 100644 --- a/api_docs/ui_actions.mdx +++ b/api_docs/ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActions title: "uiActions" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActions plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActions'] --- import uiActionsObj from './ui_actions.devdocs.json'; diff --git a/api_docs/ui_actions_enhanced.mdx b/api_docs/ui_actions_enhanced.mdx index e604b6418d674..d896799e4685d 100644 --- a/api_docs/ui_actions_enhanced.mdx +++ b/api_docs/ui_actions_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActionsEnhanced title: "uiActionsEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActionsEnhanced plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActionsEnhanced'] --- import uiActionsEnhancedObj from './ui_actions_enhanced.devdocs.json'; diff --git a/api_docs/unified_doc_viewer.mdx b/api_docs/unified_doc_viewer.mdx index e03e4491d714d..9d9351b586415 100644 --- a/api_docs/unified_doc_viewer.mdx +++ b/api_docs/unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedDocViewer title: "unifiedDocViewer" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedDocViewer plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedDocViewer'] --- import unifiedDocViewerObj from './unified_doc_viewer.devdocs.json'; diff --git a/api_docs/unified_histogram.mdx b/api_docs/unified_histogram.mdx index 046c4a331601e..a5d1345782325 100644 --- a/api_docs/unified_histogram.mdx +++ b/api_docs/unified_histogram.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedHistogram title: "unifiedHistogram" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedHistogram plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedHistogram'] --- import unifiedHistogramObj from './unified_histogram.devdocs.json'; diff --git a/api_docs/unified_search.mdx b/api_docs/unified_search.mdx index 47d0ce8c5f94e..3520b2b3e94cb 100644 --- a/api_docs/unified_search.mdx +++ b/api_docs/unified_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch title: "unifiedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch'] --- import unifiedSearchObj from './unified_search.devdocs.json'; diff --git a/api_docs/unified_search_autocomplete.mdx b/api_docs/unified_search_autocomplete.mdx index 8e931d49aabcd..f6147dd75ebcf 100644 --- a/api_docs/unified_search_autocomplete.mdx +++ b/api_docs/unified_search_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch-autocomplete title: "unifiedSearch.autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch.autocomplete plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch.autocomplete'] --- import unifiedSearchAutocompleteObj from './unified_search_autocomplete.devdocs.json'; diff --git a/api_docs/uptime.mdx b/api_docs/uptime.mdx index 428abe7c2493f..27d03ba36cfea 100644 --- a/api_docs/uptime.mdx +++ b/api_docs/uptime.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uptime title: "uptime" image: https://source.unsplash.com/400x175/?github description: API docs for the uptime plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uptime'] --- import uptimeObj from './uptime.devdocs.json'; diff --git a/api_docs/url_forwarding.mdx b/api_docs/url_forwarding.mdx index bd75332ad8b20..bf5256bc53648 100644 --- a/api_docs/url_forwarding.mdx +++ b/api_docs/url_forwarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/urlForwarding title: "urlForwarding" image: https://source.unsplash.com/400x175/?github description: API docs for the urlForwarding plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'urlForwarding'] --- import urlForwardingObj from './url_forwarding.devdocs.json'; diff --git a/api_docs/usage_collection.mdx b/api_docs/usage_collection.mdx index 4add15065d1b1..39938068cca57 100644 --- a/api_docs/usage_collection.mdx +++ b/api_docs/usage_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/usageCollection title: "usageCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the usageCollection plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'usageCollection'] --- import usageCollectionObj from './usage_collection.devdocs.json'; diff --git a/api_docs/ux.mdx b/api_docs/ux.mdx index 7260cdf7118e3..92205d35c44c7 100644 --- a/api_docs/ux.mdx +++ b/api_docs/ux.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ux title: "ux" image: https://source.unsplash.com/400x175/?github description: API docs for the ux plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ux'] --- import uxObj from './ux.devdocs.json'; diff --git a/api_docs/vis_default_editor.mdx b/api_docs/vis_default_editor.mdx index e08b8a653f2fe..aa2d08b86f98c 100644 --- a/api_docs/vis_default_editor.mdx +++ b/api_docs/vis_default_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visDefaultEditor title: "visDefaultEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the visDefaultEditor plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visDefaultEditor'] --- import visDefaultEditorObj from './vis_default_editor.devdocs.json'; diff --git a/api_docs/vis_type_gauge.mdx b/api_docs/vis_type_gauge.mdx index eae6191c4b222..0761b8a1124b5 100644 --- a/api_docs/vis_type_gauge.mdx +++ b/api_docs/vis_type_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeGauge title: "visTypeGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeGauge plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeGauge'] --- import visTypeGaugeObj from './vis_type_gauge.devdocs.json'; diff --git a/api_docs/vis_type_heatmap.mdx b/api_docs/vis_type_heatmap.mdx index 0b18b906a46fe..5e233ac6d91a5 100644 --- a/api_docs/vis_type_heatmap.mdx +++ b/api_docs/vis_type_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeHeatmap title: "visTypeHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeHeatmap plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeHeatmap'] --- import visTypeHeatmapObj from './vis_type_heatmap.devdocs.json'; diff --git a/api_docs/vis_type_pie.mdx b/api_docs/vis_type_pie.mdx index b1ee21dadc1f2..10f405d5d6ed9 100644 --- a/api_docs/vis_type_pie.mdx +++ b/api_docs/vis_type_pie.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypePie title: "visTypePie" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypePie plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypePie'] --- import visTypePieObj from './vis_type_pie.devdocs.json'; diff --git a/api_docs/vis_type_table.mdx b/api_docs/vis_type_table.mdx index 20dc20b6673f7..f07c0f1137e20 100644 --- a/api_docs/vis_type_table.mdx +++ b/api_docs/vis_type_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTable title: "visTypeTable" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTable plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTable'] --- import visTypeTableObj from './vis_type_table.devdocs.json'; diff --git a/api_docs/vis_type_timelion.mdx b/api_docs/vis_type_timelion.mdx index 80147d0cd8f5e..d6a7e55130ba3 100644 --- a/api_docs/vis_type_timelion.mdx +++ b/api_docs/vis_type_timelion.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimelion title: "visTypeTimelion" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimelion plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimelion'] --- import visTypeTimelionObj from './vis_type_timelion.devdocs.json'; diff --git a/api_docs/vis_type_timeseries.mdx b/api_docs/vis_type_timeseries.mdx index c106cfa735c76..506ec4e0506ad 100644 --- a/api_docs/vis_type_timeseries.mdx +++ b/api_docs/vis_type_timeseries.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimeseries title: "visTypeTimeseries" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimeseries plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimeseries'] --- import visTypeTimeseriesObj from './vis_type_timeseries.devdocs.json'; diff --git a/api_docs/vis_type_vega.mdx b/api_docs/vis_type_vega.mdx index d9bf6484d7890..e5b2f89b6e9b5 100644 --- a/api_docs/vis_type_vega.mdx +++ b/api_docs/vis_type_vega.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVega title: "visTypeVega" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVega plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVega'] --- import visTypeVegaObj from './vis_type_vega.devdocs.json'; diff --git a/api_docs/vis_type_vislib.mdx b/api_docs/vis_type_vislib.mdx index 65633d1ca9435..5cea6e77cec8a 100644 --- a/api_docs/vis_type_vislib.mdx +++ b/api_docs/vis_type_vislib.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVislib title: "visTypeVislib" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVislib plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVislib'] --- import visTypeVislibObj from './vis_type_vislib.devdocs.json'; diff --git a/api_docs/vis_type_xy.mdx b/api_docs/vis_type_xy.mdx index 0b768566f4767..6616b980c7ad3 100644 --- a/api_docs/vis_type_xy.mdx +++ b/api_docs/vis_type_xy.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeXy title: "visTypeXy" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeXy plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeXy'] --- import visTypeXyObj from './vis_type_xy.devdocs.json'; diff --git a/api_docs/visualizations.mdx b/api_docs/visualizations.mdx index daff9ebc9e83d..72a8bbd8b19bd 100644 --- a/api_docs/visualizations.mdx +++ b/api_docs/visualizations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visualizations title: "visualizations" image: https://source.unsplash.com/400x175/?github description: API docs for the visualizations plugin -date: 2024-08-12 +date: 2024-08-14 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visualizations'] --- import visualizationsObj from './visualizations.devdocs.json'; diff --git a/docs/api/synthetics/monitors/delete-monitor-api.asciidoc b/docs/api/synthetics/monitors/delete-monitor-api.asciidoc index 8730cc272a446..70861fcd60a36 100644 --- a/docs/api/synthetics/monitors/delete-monitor-api.asciidoc +++ b/docs/api/synthetics/monitors/delete-monitor-api.asciidoc @@ -8,9 +8,9 @@ Deletes one or more monitors from the Synthetics app. === {api-request-title} -`DELETE :/api/synthetics/monitors` +`DELETE :/api/synthetics/monitors/` -`DELETE :/s//api/synthetics/monitors` +`DELETE :/s//api/synthetics/monitors/` === {api-prereq-title} @@ -20,6 +20,26 @@ You must have `all` privileges for the *Synthetics* feature in the *{observabili You must have `all` privileges for the *Synthetics* feature in the *{observability}* section of the <>. + +[[delete-monitor-api-path-params]] +=== {api-path-parms-title} + +`config_id`:: +(Required, string) The ID of the monitor that you want to delete. + + +Here is an example of a DELETE request to delete a monitor by ID: + +[source,sh] +-------------------------------------------------- +DELETE /api/synthetics/monitors/monitor1-id +-------------------------------------------------- + +==== Bulk Delete Monitors + +You can delete multiple monitors by sending a list of config ids to a DELETE request to the `/api/synthetics/monitors` endpoint. + + [[monitors-delete-request-body]] ==== Request Body diff --git a/examples/controls_example/public/app/react_control_example/react_control_example.tsx b/examples/controls_example/public/app/react_control_example/react_control_example.tsx index 9436adc208ebd..690c33d0aad97 100644 --- a/examples/controls_example/public/app/react_control_example/react_control_example.tsx +++ b/examples/controls_example/public/app/react_control_example/react_control_example.tsx @@ -99,6 +99,9 @@ export const ReactControlExample = ({ const saveNotification$ = useMemo(() => { return new Subject(); }, []); + const reload$ = useMemo(() => { + return new Subject(); + }, []); const [dataLoading, timeRange, viewMode] = useBatchedPublishingSubjects( dataLoading$, timeRange$, @@ -138,6 +141,7 @@ export const ReactControlExample = ({ }, lastUsedDataViewId: new BehaviorSubject(WEB_LOGS_DATA_VIEW_ID), saveNotification$, + reload$, }; // eslint-disable-next-line react-hooks/exhaustive-deps }, []); @@ -381,6 +385,9 @@ export const ReactControlExample = ({ to: end, }); }} + onRefresh={() => { + reload$.next(); + }} /> { ) .subscribe((next) => { dataLoading$.next(false); - if (next && next.hasOwnProperty('count') && next.count !== undefined) { + if (next && Object.hasOwn(next, 'count') && next.count !== undefined) { count$.next(next.count); } - if (next && next.hasOwnProperty('error')) { + if (next && Object.hasOwn(next, 'error')) { blockingError$.next(next.error); } }); diff --git a/examples/ui_actions_explorer/public/trigger_context_example.tsx b/examples/ui_actions_explorer/public/trigger_context_example.tsx index 3e94cd253a215..5769c4c6c02b9 100644 --- a/examples/ui_actions_explorer/public/trigger_context_example.tsx +++ b/examples/ui_actions_explorer/public/trigger_context_example.tsx @@ -108,7 +108,7 @@ export function TriggerContextExample({ uiActionsApi }: Props) { const renderCellValue = useMemo(() => { return ({ rowIndex, columnId }: EuiDataGridCellValueElementProps) => { - return rows.hasOwnProperty(rowIndex) ? rows[rowIndex][columnId] : null; + return Object.hasOwn(rows, rowIndex) ? rows[rowIndex][columnId] : null; }; }, [rows]); diff --git a/oas_docs/.spectral.yaml b/oas_docs/.spectral.yaml index d01a1e93cc7c4..ec05decbc1fe4 100644 --- a/oas_docs/.spectral.yaml +++ b/oas_docs/.spectral.yaml @@ -1,6 +1,6 @@ -extends: ["spectral:oas"] +extends: ['spectral:oas'] rules: -# Built-in rules + # Built-in rules # Descriptions oas3-parameter-description: warn oas2-parameter-description: warn @@ -13,10 +13,10 @@ rules: oas3-valid-media-example: false oas3-valid-schema-example: false oas2-valid-media-example: false - # Operations - operation-operationId: warn - operation-operationId-unique: warn - operation-operationId-valid-in-url: warn + # Operations + operation-operationId: error + operation-operationId-unique: error + operation-operationId-valid-in-url: error operation-tag-defined: warn operation-tags: warn # Responses @@ -25,28 +25,30 @@ rules: oas3-schema: error oas2-schema: error array-items: false + # Bump.sh handles $ref siblings. Documentation wise it's convenient to have properties like descriptions next to $ref. + no-$ref-siblings: off # Tags openapi-tags: warn openapi-tags-alphabetical: info # Turn off some built-in rules operation-description: false operation-singular-tag: false -# Custom rules + # Custom rules # Descriptions avoid-problematic-words: description: Ban certain words from descriptions - message: "Use appropriate replacements for problematic terms" + message: 'Use appropriate replacements for problematic terms' severity: warn - given: "$..*.description" + given: '$..*.description' then: function: pattern functionOptions: notMatch: /(blacklist|whitelist|execute|kill)/i # Examples operation-success-examples: - formats: ["oas3_1"] + formats: ['oas3_1'] description: Response code 200 should have at least one example. - message: "Each response body should have a realistic example. It must not contain any sensitive or confidential data." + message: 'Each response body should have a realistic example. It must not contain any sensitive or confidential data.' severity: info given: $.paths[*][*].responses.[200].content.[application/json] then: @@ -55,7 +57,7 @@ rules: # Extensions internal-extension: description: Operations should not have x-internal extension. - message: "Do not publish x-internal operations" + message: 'Do not publish x-internal operations' severity: error given: $.paths[*][*] then: @@ -64,16 +66,16 @@ rules: # Operations operation-summary: description: Operations should have summaries. - message: "Each operation should have a summary" + message: 'Each operation should have a summary' severity: error recommended: true given: $.paths[*][*] then: field: summary - function: defined + function: defined operation-summary-length: description: Operation summary should be between 5 and 45 characters - given: "$.paths[*][*]" + given: '$.paths[*][*]' then: field: summary function: length @@ -83,14 +85,14 @@ rules: severity: warn simple-verbs-in-summary: given: - - "$.paths[*][*].summary" + - '$.paths[*][*].summary' then: function: pattern functionOptions: - notMatch: "Retrieve|Return|List *" + notMatch: 'Retrieve|Return|List *' severity: warn description: Summaries should use common verbs. - message: "Summaries should use common verbs like Get, Update, Delete whenever possible" + message: 'Summaries should use common verbs like Get, Update, Delete whenever possible' # NOTE: This one hiccups on acronyms so perhaps too noisy # docs-operation-summary-sentence-case: # description: Operation summary should be sentence cased @@ -101,4 +103,3 @@ rules: # functionOptions: # match: /^[A-Z]+[^A-Z]+$/ # severity: warn - diff --git a/oas_docs/kibana.info.yaml b/oas_docs/kibana.info.yaml index 0b6c2b2ea0fec..97766ed5f9b58 100644 --- a/oas_docs/kibana.info.yaml +++ b/oas_docs/kibana.info.yaml @@ -7,15 +7,15 @@ info: Each request that you make happens in isolation from other calls and must include all of the necessary information for Kibana to fulfill the request. API requests return JSON output, which is a format that is machine-readable and works well for automation. - + To interact with Kibana APIs, use the following operations: - + - GET: Fetches the information. - PATCH: Applies partial modifications to the existing information. - POST: Adds new information. - PUT: Updates the existing information. - DELETE: Removes the information. - + You can prepend any Kibana API endpoint with `kbn:` and run the request in **Dev Tools → Console**. For example: @@ -24,26 +24,26 @@ info: ``` For more information about the console, refer to [Run API requests](https://www.elastic.co/guide/en/kibana/current/console-kibana.html). - version: "1.0.2" + version: '1.0.2' license: name: Elastic License 2.0 url: https://www.elastic.co/licensing/elastic-license - contact: + contact: name: Kibana Team -# servers: -# - url: https://{kibana_url} -# variables: -# kibana_url: -# default: localhost:5601 -# security: -# - apiKeyAuth: [] -# components: -# securitySchemes: -# apiKeyAuth: -# type: apiKey -# in: header -# name: Authorization -# description: > -# These APIs use key-based authentication. -# You must create an API key and use the encoded value in the request header. -# For example: `Authorization: ApiKey base64AccessApiKey` \ No newline at end of file +servers: + - url: https://{kibana_url} + variables: + kibana_url: + default: localhost:5601 +security: + - apiKeyAuth: [] +components: + securitySchemes: + apiKeyAuth: + type: apiKey + in: header + name: Authorization + description: > + These APIs use key-based authentication. + You must create an API key and use the encoded value in the request header. + For example: `Authorization: ApiKey base64AccessApiKey` diff --git a/oas_docs/makefile b/oas_docs/makefile index 6943921b1c6fe..6e300734cdd17 100644 --- a/oas_docs/makefile +++ b/oas_docs/makefile @@ -14,7 +14,12 @@ # permission is obtained from Elasticsearch B.V. .PHONY: api-docs -api-docs: ## Generate kibana.serverless.yaml and kibana.yaml +api-docs: ## Generate Serverless and ESS Kibana OpenAPI bundles with kbn-openapi-bundler + @node scripts/merge_serverless_oas.js + @node scripts/merge_ess_oas.js + +.PHONY: api-docs-redocly +api-docs-redocly: ## Generate kibana.serverless.yaml and kibana.yaml with Redocly CLI @npx @redocly/cli join "kibana.info.serverless.yaml" "../x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml" "../x-pack/plugins/actions/docs/openapi/bundled_serverless.yaml" "../src/plugins/data_views/docs/openapi/bundled.yaml" "../x-pack/plugins/ml/common/openapi/ml_apis_serverless.yaml" "../packages/core/saved-objects/docs/openapi/bundled_serverless.yaml" "../x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml" "bundle.serverless.json" -o "output/kibana.serverless.yaml" --prefix-components-with-info-prop title @npx @redocly/cli join "kibana.info.yaml" "../x-pack/plugins/alerting/docs/openapi/bundled.yaml" "../x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml" "../x-pack/plugins/cases/docs/openapi/bundled.yaml" "../x-pack/plugins/actions/docs/openapi/bundled.yaml" "../src/plugins/data_views/docs/openapi/bundled.yaml" "../x-pack/plugins/ml/common/openapi/ml_apis.yaml" "../packages/core/saved-objects/docs/openapi/bundled.yaml" "bundle.json" -o "output/kibana.yaml" --prefix-components-with-info-prop title diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 7629eb0319cbc..0626823f8739a 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -1,27 +1,20 @@ openapi: 3.0.3 info: - title: Kibana Serverless APIs + contact: + name: Kibana Team description: > - **Technical preview** - - This functionality is in technical preview and may be changed or removed in - a future release. - - Elastic will work to fix any issues, but features in technical preview are - not subject to the support SLA of official GA features. + The Kibana REST APIs enable you to manage resources such as connectors, data + views, and saved objects. + The API calls are stateless. - The Kibana REST APIs for Elastic serverless enable you to manage resources + Each request that you make happens in isolation from other calls and must + include all of the necessary information for Kibana to fulfill the - such as connectors, data views, and saved objects. The API calls are + request. - stateless. Each request that you make happens in isolation from other calls - - and must include all of the necessary information for Kibana to fulfill the - - request. API requests return JSON output, which is a format that is - - machine-readable and works well for automation. + API requests return JSON output, which is a format that is machine-readable + and works well for automation. To interact with Kibana APIs, use the following operations: @@ -29,6 +22,8 @@ info: - GET: Fetches the information. + - PATCH: Applies partial modifications to the existing information. + - POST: Adds new information. - PUT: Updates the existing information. @@ -37,8 +32,9 @@ info: You can prepend any Kibana API endpoint with `kbn:` and run the request in + **Dev Tools → Console**. - **Dev Tools → Console**. For example: + For example: ``` @@ -46,246 +42,30 @@ info: GET kbn:/api/data_views ``` - version: 1.0.2 + + + For more information about the console, refer to [Run API + requests](https://www.elastic.co/guide/en/kibana/current/console-kibana.html). license: name: Elastic License 2.0 - url: https://www.elastic.co/licensing/elastic-license - contact: - name: Kibana Team + url: 'https://www.elastic.co/licensing/elastic-license' + title: Kibana APIs + version: 1.0.2 servers: - - url: https://{kibanaUrl} - variables: - kibanaUrl: - default: localhost:5601 - - url: https://{kibana_url} + - url: 'https://{kibana_url}' variables: kibana_url: - default: localhost:5601 - - url: / - - url: http://localhost:5601 - description: local - - url: http://localhost:5622 -tags: - - name: APM agent keys - description: > - Configure APM agent keys to authorize requests from APM agents to the APM - Server. - x-displayName: APM agent keys - - name: APM annotations - description: > - Annotate visualizations in the APM app with significant events. - Annotations enable you to easily see how events are impacting the - performance of your applications. - x-displayName: APM annotations - - name: connectors - description: Connector APIs enable you to create and manage connectors. - x-displayName: connectors - - name: data views - description: >- - Data view APIs enable you to manage data views, formerly known as Kibana - index patterns. - x-displayName: data views - - name: ml - description: Machine learning - x-displayName: ml - - name: saved objects - description: >- - Manage Kibana saved objects, including dashboards, visualizations, and - more. - x-displayName: saved objects - - name: slo - description: SLO APIs enable you to define, manage and track service-level objectives - x-displayName: slo - - name: system - x-displayName: system + default: 'localhost:5601' paths: - /api/apm/agent_keys: - post: - summary: Create an APM agent key - description: Create a new agent key for APM. - operationId: createAgentKey - tags: - - APM agent keys - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - name: - type: string - privileges: - type: array - items: - type: string - enum: - - event:write - - config_agent:read - responses: - '200': - description: Agent key created successfully - content: - application/json: - schema: - type: object - properties: - api_key: - type: string - expiration: - type: integer - format: int64 - id: - type: string - name: - type: string - encoded: - type: string - /api/apm/services/{serviceName}/annotation/search: - get: - summary: Search for annotations - description: Search for annotations related to a specific service. - operationId: getAnnotation - tags: - - APM annotations - parameters: - - name: serviceName - in: path - required: true - description: The name of the service - schema: - type: string - - name: environment - in: query - required: false - description: The environment to filter annotations by - schema: - type: string - - name: start - in: query - required: false - description: The start date for the search - schema: - type: string - - name: end - in: query - required: false - description: The end date for the search - schema: - type: string - responses: - '200': - description: Successful response - content: - application/json: - schema: - type: object - properties: - annotations: - type: array - items: - type: object - properties: - type: - type: string - enum: - - version - id: - type: string - '@timestamp': - type: number - text: - type: string - /api/apm/services/{serviceName}/annotation: - post: - summary: Create a service annotation - description: Create a new annotation for a specific service. - operationId: createAnnotation - tags: - - APM annotations - parameters: - - name: serviceName - in: path - required: true - description: The name of the service - schema: - type: string - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - '@timestamp': - type: string - service: - type: object - properties: - version: - type: string - environment: - type: string - message: - type: string - tags: - type: array - items: - type: string - responses: - '200': - description: Annotation created successfully - content: - application/json: - schema: - type: object - properties: - _id: - type: string - _index: - type: string - _source: - type: object - properties: - annotation: - type: string - tags: - type: array - items: - type: string - message: - type: string - service: - type: object - properties: - name: - type: string - environment: - type: string - version: - type: string - event: - type: object - properties: - created: - type: string - '@timestamp': - type: string /api/actions/connector: post: - summary: Create a connector with a random ID - operationId: createConnector description: The connector identifier is randomly generated. - tags: - - connectors + operationId: createConnector parameters: - $ref: '#/components/parameters/Connectors_kbn_xsrf' requestBody: - required: true content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_create_connector_request' + application/json; Elastic-Api-Version=2023-10-31: examples: createEmailConnectorRequest: $ref: >- @@ -299,13 +79,13 @@ paths: createXmattersConnectorRequest: $ref: >- #/components/examples/Connectors_create_xmatters_connector_request + schema: + $ref: '#/components/schemas/Connectors_create_connector_request' + required: true responses: '200': - description: Indicates a successful call. content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_connector_response_properties' + application/json; Elastic-Api-Version=2023-10-31: examples: createEmailConnectorResponse: $ref: >- @@ -319,4130 +99,11255 @@ paths: createXmattersConnectorResponse: $ref: >- #/components/examples/Connectors_create_xmatters_connector_response - '401': - $ref: '#/components/responses/Connectors_401' - /api/actions/connector/{connectorId}: - get: - summary: Get a connector information - operationId: getConnector - tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_connector_id' - responses: - '200': - description: Indicates a successful call. - content: - application/json: schema: $ref: '#/components/schemas/Connectors_connector_response_properties' - examples: - getConnectorResponse: - $ref: '#/components/examples/Connectors_get_connector_response' - '401': - $ref: '#/components/responses/Connectors_401' - '404': - $ref: '#/components/responses/Connectors_404' - delete: - summary: Delete a connector - operationId: deleteConnector - tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - $ref: '#/components/parameters/Connectors_connector_id' - responses: - '204': description: Indicates a successful call. '401': $ref: '#/components/responses/Connectors_401' - '404': - $ref: '#/components/responses/Connectors_404' - post: - summary: Create a connector - operationId: createConnectorId + summary: Create a connector with a random ID tags: - connectors + /api/actions/connector_types: + get: + operationId: getConnectorTypes parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - in: path - name: connectorId - description: > - A UUID v1 or v4 identifier for the connector. If you omit this - parameter, an identifier is randomly generated. - required: true + - description: >- + A filter to limit the retrieved connector types to those that + support a specific feature (such as alerting or cases). + in: query + name: feature_id schema: - type: string - example: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_create_connector_request' - examples: - createIndexConnectorRequest: - $ref: >- - #/components/examples/Connectors_create_index_connector_request + $ref: '#/components/schemas/Connectors_features' responses: '200': - description: Indicates a successful call. content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_connector_response_properties' + application/json; Elastic-Api-Version=2023-10-31: examples: - createIndexConnectorResponse: - $ref: >- - #/components/examples/Connectors_create_index_connector_response - '401': - $ref: '#/components/responses/Connectors_401' - put: - summary: Update a connector - operationId: updateConnector - tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - $ref: '#/components/parameters/Connectors_connector_id' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_update_connector_request' - examples: - updateIndexConnectorRequest: - $ref: >- - #/components/examples/Connectors_update_index_connector_request - responses: - '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_connector_response_properties' - '400': - $ref: '#/components/responses/Connectors_401' - '401': - $ref: '#/components/responses/Connectors_401' - '404': - $ref: '#/components/responses/Connectors_404' - /api/actions/connectors: - get: - summary: Get all connectors - operationId: getConnectors - tags: - - connectors - responses: - '200': - description: Indicates a successful call. - content: - application/json: - schema: - type: array - items: + getConnectorTypesServerlessResponse: $ref: >- - #/components/schemas/Connectors_connector_response_properties - examples: - getConnectorsResponse: - $ref: '#/components/examples/Connectors_get_connectors_response' - '401': - $ref: '#/components/responses/Connectors_401' - /api/actions/connector_types: - get: - summary: Get all connector types - operationId: getConnectorTypes - tags: - - connectors - parameters: - - in: query - name: feature_id - description: >- - A filter to limit the retrieved connector types to those that - support a specific feature (such as alerting or cases). - schema: - $ref: '#/components/schemas/Connectors_features' - responses: - '200': - description: Indicates a successful call. - content: - application/json: + #/components/examples/Connectors_get_connector_types_generativeai_response schema: - title: Get connector types response body properties description: The properties vary for each connector type. - type: array items: type: object properties: enabled: - type: boolean description: >- Indicates whether the connector type is enabled in Kibana. example: true - enabled_in_config: type: boolean + enabled_in_config: description: >- Indicates whether the connector type is enabled in the Kibana configuration file. example: true - enabled_in_license: type: boolean + enabled_in_license: description: >- Indicates whether the connector is enabled in the license. example: true + type: boolean id: $ref: '#/components/schemas/Connectors_connector_types' is_system_action_type: - type: boolean example: false + type: boolean minimum_license_required: - type: string description: The license that is required to use the connector type. example: basic - name: type: string + name: description: The name of the connector type. example: Index + type: string supported_feature_ids: - type: array description: The features that are supported by the connector type. - items: - $ref: '#/components/schemas/Connectors_features' example: - alerting - cases - siem - examples: - getConnectorTypesServerlessResponse: - $ref: >- - #/components/examples/Connectors_get_connector_types_generativeai_response + items: + $ref: '#/components/schemas/Connectors_features' + type: array + title: Get connector types response body properties + type: array + description: Indicates a successful call. '401': $ref: '#/components/responses/Connectors_401' - /api/data_views: - get: - summary: Get all data views - operationId: getAllDataViewsDefault + summary: Get all connector types tags: - - data views + - connectors + '/api/actions/connector/{connectorId}': + delete: + operationId: deleteConnector + parameters: + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_connector_id' responses: - '200': + '204': description: Indicates a successful call. + '401': + $ref: '#/components/responses/Connectors_401' + '404': + $ref: '#/components/responses/Connectors_404' + summary: Delete a connector + tags: + - connectors + get: + operationId: getConnector + parameters: + - $ref: '#/components/parameters/Connectors_connector_id' + responses: + '200': content: - application/json: - schema: - type: object - properties: - data_view: - type: array - items: - type: object - properties: - id: - type: string - name: - type: string - namespaces: - type: array - items: - type: string - title: - type: string - typeMeta: - type: object + application/json; Elastic-Api-Version=2023-10-31: examples: - getAllDataViewsResponse: - $ref: '#/components/examples/Data_views_get_data_views_response' - '400': - description: Bad request - content: - application/json: + getConnectorResponse: + $ref: '#/components/examples/Connectors_get_connector_response' schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view: - post: - summary: Create a data view - operationId: createDataViewDefaultw + $ref: '#/components/schemas/Connectors_connector_response_properties' + description: Indicates a successful call. + '401': + $ref: '#/components/responses/Connectors_401' + '404': + $ref: '#/components/responses/Connectors_404' + summary: Get a connector information tags: - - data views + - connectors + post: + operationId: createConnectorId parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - description: > + A UUID v1 or v4 identifier for the connector. If you omit this + parameter, an identifier is randomly generated. + in: path + name: connectorId + required: true + schema: + example: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 + type: string requestBody: - required: true content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_create_data_view_request_object' + application/json; Elastic-Api-Version=2023-10-31: examples: - createDataViewRequest: - $ref: '#/components/examples/Data_views_create_data_view_request' + createIndexConnectorRequest: + $ref: >- + #/components/examples/Connectors_create_index_connector_request + schema: + $ref: '#/components/schemas/Connectors_create_connector_request' + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createIndexConnectorResponse: + $ref: >- + #/components/examples/Connectors_create_index_connector_response schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view/{viewId}: - get: - summary: Get a data view - operationId: getDataViewDefault + $ref: '#/components/schemas/Connectors_connector_response_properties' + description: Indicates a successful call. + '401': + $ref: '#/components/responses/Connectors_401' + summary: Create a connector tags: - - data views + - connectors + put: + operationId: updateConnector parameters: - - $ref: '#/components/parameters/Data_views_view_id' + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_connector_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateIndexConnectorRequest: + $ref: >- + #/components/examples/Connectors_update_index_connector_request + schema: + $ref: '#/components/schemas/Connectors_update_connector_request' + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - examples: - getDataViewResponse: - $ref: '#/components/examples/Data_views_get_data_view_response' + $ref: '#/components/schemas/Connectors_connector_response_properties' + description: Indicates a successful call. + '400': + $ref: '#/components/responses/Connectors_401' + '401': + $ref: '#/components/responses/Connectors_401' '404': - description: Object is not found. - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_404_response' - delete: - summary: Delete a data view - operationId: deleteDataViewDefault - description: | - WARNING: When you delete a data view, it cannot be recovered. + $ref: '#/components/responses/Connectors_404' + summary: Update a connector tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '204': - description: Indicates a successful call. - '404': - description: Object is not found. - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_404_response' - post: - summary: Update a data view - operationId: updateDataViewDefault - tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_update_data_view_request_object' - examples: - updateDataViewRequest: - $ref: '#/components/examples/Data_views_update_data_view_request' + - connectors + /api/actions/connectors: + get: + operationId: getConnectors responses: '200': - description: Indicates a successful call. content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - '400': - description: Bad request - content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getConnectorsResponse: + $ref: '#/components/examples/Connectors_get_connectors_response' schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view/{viewId}/fields: - post: - summary: Update data view fields metadata - operationId: updateFieldsMetadataDefault - description: > - Update fields presentation metadata such as count, customLabel, - customDescription, and format. - tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - required: true - content: - application/json: - schema: - type: object - required: - - fields - properties: - fields: - description: The field object. - type: object - examples: - updateFieldsMetadataRequest: - $ref: '#/components/examples/Data_views_update_field_metadata_request' - responses: - '200': + items: + $ref: >- + #/components/schemas/Connectors_connector_response_properties + type: array description: Indicates a successful call. - content: - application/json: - schema: - type: object - properties: - acknowledged: - type: boolean - '400': - description: Bad request - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view/{viewId}/runtime_field: - post: - summary: Create a runtime field - operationId: createRuntimeFieldDefault + '401': + $ref: '#/components/responses/Connectors_401' + summary: Get all connectors tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' + - connectors + /api/apm/agent_keys: + post: + description: Create a new agent key for APM. + operationId: createAgentKey requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object - required: - - name - - runtimeField properties: name: type: string - description: | - The name for a runtime field. - runtimeField: - type: object - description: | - The runtime field definition object. - examples: - createRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_create_runtime_field_request' + privileges: + items: + enum: + - 'event:write' + - 'config_agent:read' + type: string + type: array + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object - put: - summary: Create or update a runtime field - operationId: createUpdateRuntimeFieldDefault + properties: + api_key: + type: string + encoded: + type: string + expiration: + format: int64 + type: integer + id: + type: string + name: + type: string + description: Agent key created successfully + summary: Create an APM agent key tags: - - data views + - APM agent keys + '/api/apm/services/{serviceName}/annotation': + post: + description: Create a new annotation for a specific service. + operationId: createAnnotation parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - name: viewId + - description: The name of the service in: path - description: | - The ID of the data view fields you want to update. + name: serviceName required: true schema: type: string requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object - required: - - name - - runtimeField properties: - name: + '@timestamp': type: string - description: | - The name for a runtime field. - runtimeField: + message: + type: string + service: type: object - description: | - The runtime field definition object. - examples: - updateRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_create_runtime_field_request' + properties: + environment: + type: string + version: + type: string + tags: + items: + type: string + type: array + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - data_view: + _id: + type: string + _index: + type: string + _source: type: object - fields: - type: array - items: - type: object - '400': - description: Bad request - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: - get: - summary: Get a runtime field - operationId: getRuntimeFieldDefault + properties: + '@timestamp': + type: string + annotation: + type: string + event: + type: object + properties: + created: + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + name: + type: string + version: + type: string + tags: + items: + type: string + type: array + description: Annotation created successfully + summary: Create a service annotation tags: - - data views + - APM annotations + '/api/apm/services/{serviceName}/annotation/search': + get: + description: Search for annotations related to a specific service. + operationId: getAnnotation parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + - description: The environment to filter annotations by + in: query + name: environment + required: false + schema: + type: string + - description: The start date for the search + in: query + name: start + required: false + schema: + type: string + - description: The end date for the search + in: query + name: end + required: false + schema: + type: string responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - data_view: - type: object - fields: - type: array + annotations: items: type: object - examples: - getRuntimeFieldResponse: - $ref: '#/components/examples/Data_views_get_runtime_field_response' - '404': - description: Object is not found. - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_404_response' - delete: - summary: Delete a runtime field from a data view - operationId: deleteRuntimeFieldDefault + properties: + '@timestamp': + type: number + id: + type: string + text: + type: string + type: + enum: + - version + type: string + type: array + description: Successful response + summary: Search for annotations tags: - - data views + - APM annotations + /api/asset_criticality: + delete: + operationId: DeleteAssetCriticalityRecord parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + - description: If 'wait_for' the request will wait for the index refresh. + in: query + name: refresh + required: false + schema: + enum: + - wait_for + type: string responses: '200': - description: Indicates a successful call. - '404': - description: Object is not found. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_404_response' - post: - summary: Update a runtime field - operationId: updateRuntimeFieldDefault + type: object + properties: + deleted: + description: >- + If the record was deleted. If false the record did not + exist. + type: boolean + record: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + required: + - deleted + description: Successful response + '400': + description: Invalid request + summary: Delete Criticality Record tags: - - data views + - Security Solution Entity Analytics API + get: + operationId: GetAssetCriticalityRecord parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + '404': + description: Criticality record not found + summary: Get Criticality Record + tags: + - Security Solution Entity Analytics API + post: + operationId: CreateAssetCriticalityRecord requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + refresh: + description: >- + If 'wait_for' the request will wait for the index + refresh. + enum: + - wait_for + type: string required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + summary: Create Criticality Record + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/bulk: + post: + operationId: BulkUpsertAssetCriticalityRecords + requestBody: content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: + example: + records: + - criticality_level: low_impact + id_field: host.name + id_value: host-1 + - criticality_level: medium_impact + id_field: host.name + id_value: host-2 type: object - required: - - runtimeField properties: - runtimeField: - type: object - description: | - The runtime field definition object. - - You can update following fields: - - - `type` - - `script` - examples: - updateRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_update_runtime_field_request' + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + maxItems: 1000 + minItems: 1 + type: array + required: + - records responses: '200': - description: Indicates a successful call. - '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/default: - get: - summary: Get the default data view - operationId: getDefaultDataViewDefault + example: + errors: + - index: 0 + message: Invalid ID field + stats: + failed: 1 + successful: 1 + total: 2 + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem + type: array + stats: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats + required: + - errors + - stats + description: Bulk upload successful + '413': + description: File too large + summary: >- + Bulk upsert asset criticality data, creating or updating records as + needed tags: - - data views + - Security Solution Entity Analytics API + /api/asset_criticality/list: + post: + operationId: FindAssetCriticalityRecords + parameters: + - description: The field to sort by. + in: query + name: sort_field + required: false + schema: + enum: + - id_value + - id_field + - criticality_level + - \@timestamp + type: string + - description: The order to sort by. + in: query + name: sort_direction + required: false + schema: + enum: + - asc + - desc + type: string + - description: The page number to return. + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of records to return per page. + in: query + name: per_page + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + - description: The kuery to filter by. + in: query + name: kuery + required: false + schema: + type: string responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - data_view_id: - type: string + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Bulk upload successful + summary: 'List asset criticality data, filtering and sorting as needed' + tags: + - Security Solution Entity Analytics API + /api/data_views: + get: + operationId: getAllDataViewsDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: examples: - getDefaultDataViewResponse: - $ref: >- - #/components/examples/Data_views_get_default_data_view_response + getAllDataViewsResponse: + $ref: '#/components/examples/Data_views_get_data_views_response' + schema: + type: object + properties: + data_view: + items: + type: object + properties: + id: + type: string + name: + type: string + namespaces: + items: + type: string + type: array + title: + type: string + typeMeta: + type: object + type: array + description: Indicates a successful call. '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: $ref: '#/components/schemas/Data_views_400_response' - post: - summary: Set the default data view - operationId: setDefaultDatailViewDefault + description: Bad request + summary: Get all data views tags: - data views + /api/data_views/data_view: + post: + operationId: createDataViewDefaultw parameters: - $ref: '#/components/parameters/Data_views_kbn_xsrf' requestBody: - required: true content: - application/json: - schema: - type: object - required: - - data_view_id - properties: - data_view_id: - type: string - nullable: true - description: > - The data view identifier. NOTE: The API does not validate - whether it is a valid identifier. Use `null` to unset the - default data view. - force: - type: boolean - description: Update an existing default data view identifier. - default: false + application/json; Elastic-Api-Version=2023-10-31: examples: - setDefaultDataViewRequest: - $ref: '#/components/examples/Data_views_set_default_data_view_request' + createDataViewRequest: + $ref: '#/components/examples/Data_views_create_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_create_data_view_request_object' + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - acknowledged: - type: boolean + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/swap_references: - post: - summary: Swap saved object references - operationId: swapDataViewsDefault - description: > - Changes saved object references from one data view identifier to - another. WARNING: Misuse can break large numbers of saved objects! - Practicing with a backup is recommended. + description: Bad request + summary: Create a data view tags: - data views + '/api/data_views/data_view/{viewId}': + delete: + description: | + WARNING: When you delete a data view, it cannot be recovered. + operationId: deleteDataViewDefault parameters: - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_swap_data_view_request_object' - examples: - swapDataViewRequest: - $ref: '#/components/examples/Data_views_swap_data_view_request' + - $ref: '#/components/parameters/Data_views_view_id' responses: - '200': + '204': description: Indicates a successful call. + '404': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - deleteStatus: - type: object - properties: - deletePerformed: - type: boolean - remainingRefs: - type: integer - result: - type: array - items: - type: object - properties: - id: - type: string - description: A saved object identifier. - type: - type: string - description: The saved object type. - /api/data_views/swap_references/_preview: - post: - summary: Preview a saved object reference swap - operationId: previewSwapDataViewsDefault - description: > - Preview the impact of swapping saved object references from one data - view identifier to another. + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a data view tags: - data views + get: + operationId: getDataViewDefault parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_swap_data_view_request_object' - examples: - previewSwapDataViewRequest: - $ref: >- - #/components/examples/Data_views_preview_swap_data_view_request + - $ref: '#/components/parameters/Data_views_view_id' responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDataViewResponse: + $ref: '#/components/examples/Data_views_get_data_view_response' + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' description: Indicates a successful call. + '404': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - result: - type: array - items: - type: object - properties: - id: - type: string - description: A saved object identifier. - type: - type: string - description: The saved object type. - /api/ml/saved_objects/sync: - get: - summary: Sync machine learning saved objects - description: > - Synchronizes Kibana saved objects for machine learning jobs and trained - models. This API runs automatically when you start Kibana and - periodically thereafter. - operationId: mlSync + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a data view tags: - - ml + - data views + post: + operationId: updateDataViewDefault parameters: - - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateDataViewRequest: + $ref: '#/components/examples/Data_views_update_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_update_data_view_request_object' + required: true responses: '200': - description: Indicates a successful call content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' - examples: - syncExample: - $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' - '401': - description: Authorization information is missing or invalid. + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' - /api/saved_objects/_export: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a data view + tags: + - data views + '/api/data_views/data_view/{viewId}/fields': post: - summary: Export saved objects - operationId: exportSavedObjectsDefault description: > - Retrieve sets of saved objects that you want to import into Kibana. - - You must include `type` or `objects` in the request body. - - - Exported saved objects are not backwards compatible and cannot be - imported into an older version of Kibana. - - - NOTE: The `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be exported. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - tags: - - saved objects + Update fields presentation metadata such as count, customLabel, + customDescription, and format. + operationId: updateFieldsMetadataDefault parameters: - - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateFieldsMetadataRequest: + $ref: '#/components/examples/Data_views_update_field_metadata_request' schema: type: object properties: - excludeExportDetails: - description: Do not add export details entry at the end of the stream. - type: boolean - default: false - includeReferencesDeep: - description: >- - Includes all of the referenced objects in the exported - objects. - type: boolean - objects: - description: A list of objects to export. - type: array - items: - type: object - type: - description: >- - The saved object types to include in the export. Use `*` to - export all the types. - oneOf: - - type: string - - type: array - items: - type: string - examples: - exportSavedObjectsRequest: - $ref: >- - #/components/examples/Serverless_saved_objects_export_objects_request + fields: + description: The field object. + type: object + required: + - fields + required: true responses: '200': - description: Indicates a successful call. content: - application/x-ndjson: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object - additionalProperties: true - examples: - exportSavedObjectsResponse: - $ref: >- - #/components/examples/Serverless_saved_objects_export_objects_response + properties: + acknowledged: + type: boolean + description: Indicates a successful call. '400': - description: Bad request. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Serverless_saved_objects_400_response' - /api/saved_objects/_import: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update data view fields metadata + tags: + - data views + '/api/data_views/data_view/{viewId}/runtime_field': post: - summary: Import saved objects - operationId: importSavedObjectsDefault - description: > - Create sets of Kibana saved objects from a file created by the export - API. - - Saved objects can be imported only into the same version, a newer minor - on the same major, or the next major. Exported saved objects are not - backwards compatible and cannot be imported into an older version of - Kibana. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. + operationId: createRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + summary: Create a runtime field tags: - - saved objects + - data views + put: + operationId: createUpdateRuntimeFieldDefault parameters: - - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' - - in: query - name: createNewCopies - schema: - type: boolean - required: false - description: > - Creates copies of saved objects, regenerates each object ID, and - resets the origin. When used, potential conflict errors are avoided. - NOTE: This option cannot be used with the `overwrite` and - `compatibilityMode` options. - - in: query - name: overwrite - schema: - type: boolean - required: false - description: > - Overwrites saved objects when they already exist. When used, - potential conflict errors are automatically resolved by overwriting - the destination object. NOTE: This option cannot be used with the - `createNewCopies` option. - - in: query - name: compatibilityMode + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - description: | + The ID of the data view fields you want to update. + in: path + name: viewId + required: true schema: - type: boolean - required: false - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. Use this option only if you encounter issues with imported - saved objects. NOTE: This option cannot be used with the - `createNewCopies` option. + type: string requestBody: - required: true content: - multipart/form-data: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' schema: type: object properties: - file: - description: > - A file exported using the export API. NOTE: The - `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be included in - this file. Similarly, the - `savedObjects.maxImportPayloadBytes` setting limits the - overall size of the file that can be imported. - examples: - importObjectsRequest: - $ref: >- - #/components/examples/Serverless_saved_objects_import_objects_request + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - success: - type: boolean - description: > - Indicates when the import was successfully completed. When - set to false, some objects may not have been created. For - additional information, refer to the `errors` and - `successResults` properties. - successCount: - type: integer - description: Indicates the number of successfully imported records. - errors: - type: array + data_view: + type: object + fields: items: type: object - description: > - Indicates the import was unsuccessful and specifies the - objects that failed to import. - - - NOTE: One object may result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and conflict error. - successResults: type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create or update a runtime field + tags: + - data views + '/api/data_views/data_view/{viewId}/runtime_field/{fieldName}': + delete: + operationId: deleteRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a runtime field from a data view + tags: + - data views + get: + operationId: getRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getRuntimeFieldResponse: + $ref: '#/components/examples/Data_views_get_runtime_field_response' + schema: + type: object + properties: + data_view: + type: object + fields: items: type: object - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. + type: array + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a runtime field + tags: + - data views + post: + operationId: updateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_update_runtime_field_request' + schema: + type: object + properties: + runtimeField: + description: | + The runtime field definition object. + You can update following fields: - NOTE: Objects are created only when all resolvable errors - are addressed, including conflicts and missing references. - If objects are created as new copies, each entry in the - `successResults` array includes a `destinationId` - attribute. + - `type` + - `script` + type: object + required: + - runtimeField + required: true + responses: + '200': + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a runtime field + tags: + - data views + /api/data_views/default: + get: + operationId: getDefaultDataViewDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: examples: - importObjectsResponse: + getDefaultDataViewResponse: $ref: >- - #/components/examples/Serverless_saved_objects_import_objects_response + #/components/examples/Data_views_get_default_data_view_response + schema: + type: object + properties: + data_view_id: + type: string + description: Indicates a successful call. '400': - description: Bad request. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Serverless_saved_objects_400_response' - /s/{spaceId}/api/observability/slos: - post: - summary: Create an SLO - operationId: createSloOp - description: > - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get the default data view tags: - - slo + - data views + post: + operationId: setDefaultDatailViewDefault parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/Data_views_kbn_xsrf' requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setDefaultDataViewRequest: + $ref: '#/components/examples/Data_views_set_default_data_view_request' schema: - $ref: '#/components/schemas/SLOs_create_slo_request' + type: object + properties: + data_view_id: + description: > + The data view identifier. NOTE: The API does not validate + whether it is a valid identifier. Use `null` to unset the + default data view. + nullable: true + type: string + force: + default: false + description: Update an existing default data view identifier. + type: boolean + required: + - data_view_id + required: true responses: '200': - description: Successful request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_create_slo_response' + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - '401': - description: Unauthorized response - content: - application/json: - schema: - $ref: '#/components/schemas/SLOs_401_response' - '403': - description: Unauthorized response + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Set the default data view + tags: + - data views + /api/data_views/swap_references: + post: + description: > + Changes saved object references from one data view identifier to + another. WARNING: Misuse can break large numbers of saved objects! + Practicing with a backup is recommended. + operationId: swapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + swapDataViewRequest: + $ref: '#/components/examples/Data_views_swap_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - '409': - description: Conflict - The SLO id already exists + type: object + properties: + deleteStatus: + type: object + properties: + deletePerformed: + type: boolean + remainingRefs: + type: integer + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Swap saved object references + tags: + - data views + /api/data_views/swap_references/_preview: + post: + description: > + Preview the impact of swapping saved object references from one data + view identifier to another. + operationId: previewSwapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + previewSwapDataViewRequest: + $ref: >- + #/components/examples/Data_views_preview_swap_data_view_request + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_409_response' - servers: - - url: https://localhost:5601 + type: object + properties: + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Preview a saved object reference swap + tags: + - data views + /api/detection_engine/privileges: get: - summary: Get a paginated list of SLOs - operationId: findSlosOp description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. + Retrieves whether or not the user is authenticated, and the user's + Kibana + + space and index privileges, which determine if the user can create an + + index for the Elastic Security alerts generated by + + detection engine rules. + operationId: ReadPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + has_encryption_key: + type: boolean + is_authenticated: + type: boolean + required: + - is_authenticated + - has_encryption_key + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Returns user privileges for the Kibana space tags: - - slo + - Security Solution Detections API + - Privileges API + /api/detection_engine/rules: + delete: + description: Delete a detection rule using the `rule_id` or `id` field. + operationId: DeleteRule parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - name: kqlQuery - in: query - description: A valid kql query to filter the SLO with - schema: - type: string - example: 'slo.name:latency* and slo.tags : "prod"' - - name: page - in: query - description: The page to use for pagination, must be greater or equal than 1 - schema: - type: integer - default: 1 - example: 1 - - name: perPage + - description: The rule's `id` value. in: query - description: Number of SLOs returned by page + name: id + required: false schema: - type: integer - default: 25 - maximum: 5000 - example: 25 - - name: sortBy + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. in: query - description: Sort by field + name: rule_id + required: false schema: - type: string - enum: - - sli_value - - status - - error_budget_consumed - - error_budget_remaining - default: status - example: status - - name: sortDirection + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Delete a detection rule + tags: + - Security Solution Detections API + - Rules API + get: + description: Retrieve a detection rule using the `rule_id` or `id` field. + operationId: ReadRule + parameters: + - description: The rule's `id` value. in: query - description: Sort order + name: id + required: false schema: - type: string - enum: - - asc - - desc - default: asc - example: asc - - name: hideStale + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. in: query - description: >- - Hide stale SLOs from the list as defined by stale SLO threshold in - SLO settings + name: rule_id + required: false schema: - type: boolean + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId responses: '200': - description: Successful request - content: - application/json: - schema: - $ref: '#/components/schemas/SLOs_find_slo_response' - '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - '401': - description: Unauthorized response + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Retrieve a detection rule + tags: + - Security Solution Detections API + - Rules API + patch: + description: >- + Update specific fields of an existing detection rule using the `rule_id` + or `id` field. + operationId: PatchRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' - '403': - description: Unauthorized response + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Patch a detection rule + tags: + - Security Solution Detections API + - Rules API + post: + description: Create a new detection rule. + operationId: CreateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - '404': - description: Not found response + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Create a detection rule + tags: + - Security Solution Detections API + - Rules API + put: + description: > + Update a detection rule using the `rule_id` or `id` field. The original + rule is replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: UpdateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - /s/{spaceId}/api/observability/slos/{sloId}: - get: - summary: Get an SLO - operationId: getSloOp - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Update a detection rule tags: - - slo + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_bulk_action: + post: + description: >- + Apply a bulk action, such as bulk edit, duplicate, or delete, to + multiple detection rules. The bulk action is applied to all rules that + match the query or to the rules listed by their IDs. + operationId: PerformRulesBulkAction parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - - name: instanceId + - description: Enables dry run mode for the request call. in: query - description: the specific instanceId used by the summary calculation + name: dry_run + required: false schema: - type: string - example: host-abcde + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDeleteRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDisableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEnableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDuplicateRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkManualRuleRun + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditRules responses: '200': - description: Successful request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - '400': - description: Bad request - content: - application/json: - schema: - $ref: '#/components/schemas/SLOs_400_response' - '401': - description: Unauthorized response + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportActionResponse + description: OK + summary: Apply a bulk action to detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_export: + post: + description: > + Export detection rules to an `.ndjson` file. The following configuration + items are also included in the `.ndjson` file: + + - Actions + + - Exception lists + + > info + + > You cannot export prebuilt rules. + operationId: ExportRules + parameters: + - description: Determines whether a summary of the exported rules is returned. + in: query + name: exclude_export_details + required: false + schema: + default: false + type: boolean + - description: File name for saving the exported rules. + in: query + name: file_name + required: false + schema: + default: export.ndjson + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + nullable: true + type: object + properties: + objects: + description: >- + Array of `rule_id` fields. Exports all rules when + unspecified. + items: + type: object + properties: + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - rule_id + type: array + required: + - objects + required: false + responses: + '200': content: - application/json: + application/ndjson; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' - '403': - description: Unauthorized response + description: An `.ndjson` file containing the returned rules. + format: binary + type: string + description: Indicates a successful call. + summary: Export detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/_find: + get: + description: >- + Retrieve a paginated list of detection rules. By default, the first page + is returned, with 20 results per page. + operationId: FindRules + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_FindRulesSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Rules per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - '404': - description: Not found response + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + summary: List all detection rules + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_import: + post: + description: > + Import detection rules from an `.ndjson` file, including actions and + exception lists. The request must include: + + - The `Content-Type: multipart/form-data` HTTP header. + + - A link to the `.ndjson` file containing the rules. + operationId: ImportRules + parameters: + - description: >- + Determines whether existing rules with the same `rule_id` are + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing exception lists with the same `list_id` + are overwritten. + in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing actions with the same + `kibana.alert.rule.actions.id` are overwritten. + in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: Generates a new list ID for each imported exception list. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: The `.ndjson` file containing the rules. + format: binary + type: string + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - put: - summary: Update an SLO - operationId: updateSloOp - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. + additionalProperties: false + type: object + properties: + action_connectors_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + action_connectors_success: + type: boolean + action_connectors_success_count: + minimum: 0 + type: integer + action_connectors_warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_WarningSchema + type: array + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_success: + type: boolean + exceptions_success_count: + minimum: 0 + type: integer + rules_count: + minimum: 0 + type: integer + success: + type: boolean + success_count: + minimum: 0 + type: integer + required: + - exceptions_success + - exceptions_success_count + - exceptions_errors + - rules_count + - success + - success_count + - errors + - action_connectors_errors + - action_connectors_warnings + - action_connectors_success + - action_connectors_success_count + description: Indicates a successful call. + summary: Import detection rules tags: - - slo + - Security Solution Detections API + - Import/Export API + '/api/detection_engine/rules/{id}/exceptions': + post: + operationId: CreateRuleExceptionListItems parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' + - description: Detection rule's identifier + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_RuleId' requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_update_slo_request' + type: object + properties: + items: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps + type: array + required: + - items + description: Rule exception list items + required: true responses: '200': - description: Successful request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response '401': - description: Unauthorized response content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response '403': - description: Unauthorized response content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - '404': - description: Not found response + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - delete: - summary: Delete an SLO - operationId: deleteSloOp - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Creates rule exception list items tags: - - slo - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' + - Security Solution Exceptions API + /api/detection_engine/rules/preview: + post: + operationId: RulePreview + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + discriminator: + propertyName: type + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true responses: - '204': - description: Successful request - '400': - description: Bad request + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' - '401': - description: Unauthorized response + type: object + properties: + isAborted: + type: boolean + logs: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLogs + type: array + previewId: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - logs + description: Successful response + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' - '403': - description: Unauthorized response + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - '404': - description: Not found response + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - /s/{spaceId}/api/observability/slos/{sloId}/enable: - post: - summary: Enable an SLO - operationId: enableSloOp - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Preview rule alerts generated on specified time range tags: - - slo - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - description: Bad request - content: - application/json: - schema: - $ref: '#/components/schemas/SLOs_400_response' - '401': - description: Unauthorized response + - Security Solution Detections API + - Rule preview API + /api/detection_engine/signals/assignees: + post: + description: | + Assign users to detection alerts, and unassign them from alerts. + > info + > You cannot add and remove the same assignee in the same request. + operationId: SetAlertAssignees + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assignees: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertAssignees + description: Details about the assignees to assign and unassign. + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + description: List of alerts ids to assign and unassign passed assignees. + required: + - assignees + - ids + required: true + responses: + '200': + description: Indicates a successful call. + '400': + description: Invalid request. + summary: Assign and unassign users from detection alerts + tags: + - Security Solution Detections API + /api/detection_engine/signals/search: + post: + description: Find and/or aggregate detection alerts that match the given query. + operationId: SearchAlerts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + description: Elasticsearch query and aggregation request + type: object + properties: + _source: + oneOf: + - type: boolean + - type: string + - items: + type: string + type: array + aggs: + additionalProperties: true + type: object + fields: + items: + type: string + type: array + query: + additionalProperties: true + type: object + runtime_mappings: + additionalProperties: true + type: object + size: + minimum: 0 + type: integer + sort: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSort + track_total_hits: + type: boolean + description: Search and/or aggregation query + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' - '403': - description: Unauthorized response + additionalProperties: true + description: Elasticsearch search response + type: object + description: Successful response + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - '404': - description: Not found response + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - /s/{spaceId}/api/observability/slos/{sloId}/disable: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Find and/or aggregate detection alerts + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/status: post: - summary: Disable an SLO - operationId: disableSloOp - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. + description: Set the status of one or more detection alerts. + operationId: SetAlertsStatus + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByIds + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByQuery + description: >- + An object containing desired status and explicit alert ids or a query + to select alerts + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Set a detection alert status tags: - - slo - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/tags: + post: + description: | + And tags to detection alerts, and remove them from alerts. + > info + > You cannot add and remove the same alert tag in the same request. + operationId: SetAlertTags + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertTags + required: + - ids + - tags + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true responses: '200': - description: Successful request + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response '401': - description: Unauthorized response content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' - '403': - description: Unauthorized response + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - '404': - description: Not found response + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Add and remove detection alert tags + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/tags: + get: + description: List all unique tags from all detection rules. + operationId: ReadTags + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - /s/{spaceId}/api/observability/slos/{sloId}/_reset: - post: - summary: Reset an SLO - operationId: resetSloOp - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + description: Indicates a successful call + summary: List all detection rule tags tags: - - slo - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' + - Security Solution Detections API + - Tags API + /api/endpoint_list: + post: + description: Creates an endpoint list or does nothing if the list already exists + operationId: CreateEndpointList responses: - '204': - description: Successful request + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointList + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data '401': - description: Unauthorized response content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication '403': - description: Unauthorized response content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - '404': - description: Not found response + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_404_response' - /s/{spaceId}/api/observability/slos/_delete_instances: - post: - summary: Batch delete rollup and summary data - operationId: deleteSloInstancesOp - description: > - The deletion occurs for the specified list of `sloId` and `instanceId`. - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - tags: - - slo + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Creates an endpoint list + /api/endpoint_list/items: + delete: + operationId: DeleteEndpointListItem parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId responses: - '204': - description: Successful request + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_400_response' + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data '401': - description: Unauthorized response content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_401_response' + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication '403': - description: Unauthorized response content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/SLOs_403_response' - servers: - - url: https://localhost:5601 - /api/status: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Deletes an endpoint list item get: - operationId: /api/status#0 + operationId: ReadEndpointListItem parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Set to "true" to get the response in v7 format. + - description: Either `id` or `item_id` must be specified in: query - name: v7format + name: id required: false schema: - type: boolean - - description: Set to "true" to get the response in v8 format. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified in: query - name: v8format + name: item_id required: false schema: - type: boolean + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: Overall status is OK and Kibana should be functioning normally. - '503': + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: application/json; Elastic-Api-Version=2023-10-31: schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Reads an endpoint list item + post: + operationId: CreateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: >- - Kibana or some of it's essential services are unavailable. Kibana - may be degraded or unavailable. - summary: Get Kibana's current status + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item already exists + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Creates an endpoint list item + put: + operationId: UpdateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Updates an endpoint list item + /api/endpoint_list/items/_find: + get: + operationId: FindEndpointListItems + parameters: + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Finds endpoint list items + /api/endpoint/action: + get: + description: Get a list of action requests and their responses + operationId: EndpointGetActionsList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Actions List schema tags: - - system - security: - - Kibana_HTTP_APIs_basicAuth: [] -components: - parameters: - Connectors_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - Connectors_connector_id: - in: path - name: connectorId - description: An identifier for the connector. - required: true - schema: - type: string - example: df770e30-8b8b-11ed-a780-3b746c987a81 - Data_views_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - Data_views_view_id: - in: path - name: viewId - description: An identifier for the data view. - required: true - schema: - type: string - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_field_name: - in: path - name: fieldName - description: The name of the runtime field. - required: true - schema: - type: string - example: hour_of_day - Machine_learning_APIs_simulateParam: - in: query - name: simulate - description: >- - When true, simulates the synchronization by returning only the list of - actions that would be performed. - required: false - schema: - type: boolean - example: 'true' - Serverless_saved_objects_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - SLOs_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - SLOs_space_id: - in: path - name: spaceId - description: >- - An identifier for the space. If `/s/` and the identifier are omitted - from the path, the default space is used. - required: true - schema: - type: string - example: default - SLOs_slo_id: - in: path - name: sloId - description: An identifier for the slo. - required: true - schema: - type: string - example: 9c235211-6834-11ea-a78c-6feb38a34414 - schemas: - Connectors_create_connector_request_bedrock: - title: Create Amazon Bedrock connector request - description: >- - The Amazon Bedrock connector uses axios to send a POST request to Amazon - Bedrock. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_bedrock' - connector_type_id: - type: string - description: The type of connector. - enum: - - .bedrock - example: .bedrock - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_bedrock' - Connectors_create_connector_request_gemini: - title: Create Google Gemini connector request - description: >- - The Google Gemini connector uses axios to send a POST request to Google - Gemini. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_gemini' - connector_type_id: - type: string - description: The type of connector. - enum: - - .gemini - example: .gemini - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_gemini' - Connectors_create_connector_request_cases_webhook: - title: Create Webhook - Case Managment connector request - description: > - The Webhook - Case Management connector uses axios to send POST, PUT, - and GET requests to a case management RESTful API web service. - type: object - required: - - config - - connector_type_id - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' - connector_type_id: - type: string - description: The type of connector. - enum: - - .cases-webhook - example: .cases-webhook - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_cases_webhook' - Connectors_create_connector_request_d3security: - title: Create D3 Security connector request - description: > - The connector uses axios to send a POST request to a D3 Security - endpoint. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_d3security' - connector_type_id: - type: string - description: The type of connector. - enum: - - .d3security - example: .d3security - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_d3security' - Connectors_create_connector_request_email: - title: Create email connector request - description: > - The email connector uses the SMTP protocol to send mail messages, using - an integration of Nodemailer. An exception is Microsoft Exchange, which - uses HTTP protocol for sending emails, Send mail. Email message text is - sent as both plain text and html text. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_email' - connector_type_id: - type: string - description: The type of connector. - enum: - - .email - example: .email - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_email' - Connectors_create_connector_request_genai: - title: Create OpenAI connector request - description: > - The OpenAI connector uses axios to send a POST request to either OpenAI - or Azure OpenAPI. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_genai' - connector_type_id: - type: string - description: The type of connector. - enum: - - .gen-ai - example: .gen-ai - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_genai' - Connectors_create_connector_request_index: - title: Create index connector request - description: The index connector indexes a document into Elasticsearch. - type: object - required: - - config - - connector_type_id - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_index' - connector_type_id: - type: string - description: The type of connector. - enum: - - .index - example: .index - name: - type: string - description: The display name for the connector. - example: my-connector - Connectors_create_connector_request_jira: - title: Create Jira connector request - description: The Jira connector uses the REST API v2 to create Jira issues. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_jira' - connector_type_id: - type: string - description: The type of connector. - enum: - - .jira - example: .jira - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_jira' - Connectors_create_connector_request_opsgenie: - title: Create Opsgenie connector request - description: The Opsgenie connector uses the Opsgenie alert API. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_opsgenie' - connector_type_id: - type: string - description: The type of connector. - enum: - - .opsgenie - example: .opsgenie - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_opsgenie' - Connectors_create_connector_request_pagerduty: - title: Create PagerDuty connector request - description: > - The PagerDuty connector uses the v2 Events API to trigger, acknowledge, - and resolve PagerDuty alerts. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_pagerduty' - connector_type_id: - type: string - description: The type of connector. - enum: - - .pagerduty - example: .pagerduty - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_pagerduty' - Connectors_create_connector_request_resilient: - title: Create IBM Resilient connector request - description: >- - The IBM Resilient connector uses the RESILIENT REST v2 to create IBM - Resilient incidents. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_resilient' - connector_type_id: - description: The type of connector. - type: string - example: .resilient - enum: - - .resilient - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_resilient' - Connectors_create_connector_request_sentinelone: - title: Create SentinelOne connector request - description: > - The SentinelOne connector communicates with SentinelOne Management - Console via REST API. This functionality is in technical preview and may - be changed or removed in a future release. Elastic will work to fix any - issues, but features in technical preview are not subject to the support - SLA of official GA features. - x-technical-preview: true - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_sentinelone' - connector_type_id: - type: string - description: The type of connector. - enum: - - .sentinelone - example: .sentinelone - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_sentinelone' - Connectors_create_connector_request_serverlog: - title: Create server log connector request - description: This connector writes an entry to the Kibana server log. - type: object - required: - - connector_type_id - - name - properties: - connector_type_id: - type: string - description: The type of connector. - enum: - - .server-log - example: .server-log - name: - type: string - description: The display name for the connector. - example: my-connector - Connectors_create_connector_request_servicenow: - title: Create ServiceNow ITSM connector request - description: > - The ServiceNow ITSM connector uses the import set API to create - ServiceNow incidents. You can use the connector for rule actions and - cases. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow - example: .servicenow - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_create_connector_request_servicenow_itom: - title: Create ServiceNow ITOM connector request - description: > - The ServiceNow ITOM connector uses the event API to create ServiceNow - events. You can use the connector for rule actions. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow-itom - example: .servicenow-itom - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_create_connector_request_servicenow_sir: - title: Create ServiceNow SecOps connector request - description: > - The ServiceNow SecOps connector uses the import set API to create - ServiceNow security incidents. You can use the connector for rule - actions and cases. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow-sir - example: .servicenow-sir - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_create_connector_request_slack_api: - title: Create Slack connector request - description: The Slack connector uses an API method to send Slack messages. - type: object - required: - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_slack_api' - connector_type_id: - type: string - description: The type of connector. - enum: - - .slack_api - example: .slack_api - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_slack_api' - Connectors_create_connector_request_slack_webhook: - title: Create Slack connector request - description: The Slack connector uses Slack Incoming Webhooks. - type: object - required: - - connector_type_id - - name - - secrets - properties: - connector_type_id: - type: string - description: The type of connector. - enum: - - .slack - example: .slack - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_slack_webhook' - Connectors_create_connector_request_swimlane: - title: Create Swimlane connector request - description: >- - The Swimlane connector uses the Swimlane REST API to create Swimlane - records. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_swimlane' - connector_type_id: - type: string - description: The type of connector. - enum: - - .swimlane - example: .swimlane - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_swimlane' - Connectors_create_connector_request_teams: - title: Create Microsoft Teams connector request - description: The Microsoft Teams connector uses Incoming Webhooks. - type: object - required: - - connector_type_id - - name - - secrets - properties: - connector_type_id: - type: string - description: The type of connector. - enum: - - .teams - example: .teams - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_teams' - Connectors_create_connector_request_tines: - title: Create Tines connector request - description: > - The Tines connector uses Tines Webhook actions to send events via POST - request. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_tines' - connector_type_id: - type: string - description: The type of connector. - enum: - - .tines - example: .tines - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_tines' - Connectors_create_connector_request_torq: - title: Create Torq connector request - description: > - The Torq connector uses a Torq webhook to trigger workflows with Kibana - actions. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_torq' - connector_type_id: - type: string - description: The type of connector. - enum: - - .torq - example: .torq - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_torq' - Connectors_create_connector_request_webhook: - title: Create Webhook connector request - description: > - The Webhook connector uses axios to send a POST or PUT request to a web - service. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_webhook' - connector_type_id: - type: string - description: The type of connector. - enum: - - .webhook - example: .webhook - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_webhook' - Connectors_create_connector_request_xmatters: - title: Create xMatters connector request - description: > - The xMatters connector uses the xMatters Workflow for Elastic to send - actionable alerts to on-call xMatters resources. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_xmatters' - connector_type_id: - type: string - description: The type of connector. - enum: - - .xmatters - example: .xmatters - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_xmatters' - Connectors_config_properties_bedrock: - title: Connector request properties for an Amazon Bedrock connector - description: Defines properties for connectors when type is `.bedrock`. - type: object - required: - - apiUrl - properties: - apiUrl: - type: string - description: The Amazon Bedrock request URL. - defaultModel: - type: string - description: > - The generative artificial intelligence model for Amazon Bedrock to - use. Current support is for the Anthropic Claude models. - default: anthropic.claude-3-5-sonnet-20240620-v1:0 - Connectors_secrets_properties_bedrock: - title: Connector secrets properties for an Amazon Bedrock connector - description: Defines secrets for connectors when type is `.bedrock`. - type: object - required: - - accessKey - - secret - properties: - accessKey: - type: string - description: The AWS access key for authentication. - secret: - type: string - description: The AWS secret for authentication. - Connectors_config_properties_gemini: - title: Connector request properties for an Google Gemini connector - description: Defines properties for connectors when type is `.gemini`. - type: object - required: - - apiUrl - - gcpRegion - - gcpProjectID - properties: - apiUrl: - type: string - description: The Google Gemini request URL. - defaultModel: - type: string - description: >- - The generative artificial intelligence model for Google Gemini to - use. - default: gemini-1.5-pro-001 - gcpRegion: - type: string - description: The GCP region where the Vertex AI endpoint enabled. - gcpProjectID: - type: string - description: The Google ProjectID that has Vertex AI endpoint enabled. - Connectors_secrets_properties_gemini: - title: Connector secrets properties for a Google Gemini connector - description: Defines secrets for connectors when type is `.gemini`. - type: object - required: - - credentialsJSON - properties: - credentialsJSON: - type: string - description: >- - The service account credentials JSON file. The service account - should have Vertex AI user IAM role assigned to it. - Connectors_config_properties_cases_webhook: - title: Connector request properties for Webhook - Case Management connector - required: - - createIncidentJson - - createIncidentResponseKey - - createIncidentUrl - - getIncidentResponseExternalTitleKey - - getIncidentUrl - - updateIncidentJson - - updateIncidentUrl - - viewIncidentUrl - description: Defines properties for connectors when type is `.cases-webhook`. - type: object - properties: - createCommentJson: - type: string - description: > - A JSON payload sent to the create comment URL to create a case - comment. You can use variables to add Kibana Cases data to the - payload. The required variable is `case.comment`. Due to Mustache - template variables (the text enclosed in triple braces, for example, - `{{{case.title}}}`), the JSON is not validated when you create the - connector. The JSON is validated once the Mustache variables have - been placed when the REST method runs. Manually ensure that the JSON - is valid, disregarding the Mustache variables, so the later - validation will pass. - example: '{"body": {{{case.comment}}}}' - createCommentMethod: - type: string - description: > - The REST API HTTP request method to create a case comment in the - third-party system. Valid values are `patch`, `post`, and `put`. - default: put - enum: - - patch - - post - - put - createCommentUrl: - type: string - description: > - The REST API URL to create a case comment by ID in the third-party - system. You can use a variable to add the external system ID to the - URL. If you are using the `xpack.actions.allowedHosts setting`, add - the hostname to the allowed hosts. - example: https://example.com/issue/{{{external.system.id}}}/comment - createIncidentJson: - type: string - description: > - A JSON payload sent to the create case URL to create a case. You can - use variables to add case data to the payload. Required variables - are `case.title` and `case.description`. Due to Mustache template - variables (which is the text enclosed in triple braces, for example, - `{{{case.title}}}`), the JSON is not validated when you create the - connector. The JSON is validated after the Mustache variables have - been placed when REST method runs. Manually ensure that the JSON is - valid to avoid future validation errors; disregard Mustache - variables during your review. - example: >- - {"fields": {"summary": {{{case.title}}},"description": - {{{case.description}}},"labels": {{{case.tags}}}}} - createIncidentMethod: - type: string - description: > - The REST API HTTP request method to create a case in the third-party - system. Valid values are `patch`, `post`, and `put`. - enum: - - patch - - post - - put - default: post - createIncidentResponseKey: - type: string - description: >- - The JSON key in the create external case response that contains the - case ID. - createIncidentUrl: - type: string - description: > - The REST API URL to create a case in the third-party system. If you - are using the `xpack.actions.allowedHosts` setting, add the hostname - to the allowed hosts. - getIncidentResponseExternalTitleKey: - type: string - description: >- - The JSON key in get external case response that contains the case - title. - getIncidentUrl: - type: string - description: > - The REST API URL to get the case by ID from the third-party system. - If you are using the `xpack.actions.allowedHosts` setting, add the - hostname to the allowed hosts. You can use a variable to add the - external system ID to the URL. Due to Mustache template variables - (the text enclosed in triple braces, for example, - `{{{case.title}}}`), the JSON is not validated when you create the - connector. The JSON is validated after the Mustache variables have - been placed when REST method runs. Manually ensure that the JSON is - valid, disregarding the Mustache variables, so the later validation - will pass. - example: https://example.com/issue/{{{external.system.id}}} - hasAuth: - type: boolean - description: >- - If true, a username and password for login type authentication must - be provided. - default: true - headers: - type: string - description: > - A set of key-value pairs sent as headers with the request URLs for - the create case, update case, get case, and create comment methods. - updateIncidentJson: - type: string - description: > - The JSON payload sent to the update case URL to update the case. You - can use variables to add Kibana Cases data to the payload. Required - variables are `case.title` and `case.description`. Due to Mustache - template variables (which is the text enclosed in triple braces, for - example, `{{{case.title}}}`), the JSON is not validated when you - create the connector. The JSON is validated after the Mustache - variables have been placed when REST method runs. Manually ensure - that the JSON is valid to avoid future validation errors; disregard - Mustache variables during your review. - example: >- - {"fields": {"summary": {{{case.title}}},"description": - {{{case.description}}},"labels": {{{case.tags}}}}} - updateIncidentMethod: - type: string - description: > - The REST API HTTP request method to update the case in the - third-party system. Valid values are `patch`, `post`, and `put`. - default: put - enum: - - patch - - post - - put - updateIncidentUrl: - type: string - description: > - The REST API URL to update the case by ID in the third-party system. - You can use a variable to add the external system ID to the URL. If - you are using the `xpack.actions.allowedHosts` setting, add the - hostname to the allowed hosts. - example: https://example.com/issue/{{{external.system.ID}}} - viewIncidentUrl: - type: string - description: > - The URL to view the case in the external system. You can use - variables to add the external system ID or external system title to - the URL. - example: >- - https://testing-jira.atlassian.net/browse/{{{external.system.title}}} - Connectors_secrets_properties_cases_webhook: - title: Connector secrets properties for Webhook - Case Management connector - type: object - properties: - password: - type: string - description: >- - The password for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. - user: - type: string - description: >- - The username for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. - Connectors_config_properties_d3security: - title: Connector request properties for a D3 Security connector - description: Defines properties for connectors when type is `.d3security`. - type: object - required: - - url - properties: - url: - type: string - description: > - The D3 Security API request URL. If you are using the - `xpack.actions.allowedHosts` setting, add the hostname to the - allowed hosts. - Connectors_secrets_properties_d3security: - title: Connector secrets properties for a D3 Security connector - description: Defines secrets for connectors when type is `.d3security`. - required: - - token - type: object - properties: - token: - type: string - description: The D3 Security token. - Connectors_config_properties_email: - title: Connector request properties for an email connector - description: Defines properties for connectors when type is `.email`. - required: - - from - type: object - properties: - clientId: - description: > - The client identifier, which is a part of OAuth 2.0 client - credentials authentication, in GUID format. If `service` is - `exchange_server`, this property is required. - type: string - nullable: true - from: - description: > - The from address for all emails sent by the connector. It must be - specified in `user@host-name` format. - type: string - hasAuth: - description: > - Specifies whether a user and password are required inside the - secrets configuration. - default: true - type: boolean - host: - description: > - The host name of the service provider. If the `service` is - `elastic_cloud` (for Elastic Cloud notifications) or one of - Nodemailer's well-known email service providers, this property is - ignored. If `service` is `other`, this property must be defined. - type: string - oauthTokenUrl: - type: string - nullable: true - port: - description: > - The port to connect to on the service provider. If the `service` is - `elastic_cloud` (for Elastic Cloud notifications) or one of - Nodemailer's well-known email service providers, this property is - ignored. If `service` is `other`, this property must be defined. - type: integer - secure: - description: > - Specifies whether the connection to the service provider will use - TLS. If the `service` is `elastic_cloud` (for Elastic Cloud - notifications) or one of Nodemailer's well-known email service - providers, this property is ignored. - type: boolean - service: - description: | - The name of the email service. - type: string - enum: - - elastic_cloud - - exchange_server - - gmail - - other - - outlook365 - - ses - tenantId: - description: > - The tenant identifier, which is part of OAuth 2.0 client credentials - authentication, in GUID format. If `service` is `exchange_server`, - this property is required. - type: string - nullable: true - Connectors_secrets_properties_email: - title: Connector secrets properties for an email connector - description: Defines secrets for connectors when type is `.email`. - type: object - properties: - clientSecret: - type: string - description: > - The Microsoft Exchange Client secret for OAuth 2.0 client - credentials authentication. It must be URL-encoded. If `service` is - `exchange_server`, this property is required. - password: - type: string - description: > - The password for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. - user: - type: string - description: > - The username for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. - Connectors_config_properties_genai_azure: - title: >- - Connector request properties for an OpenAI connector that uses Azure - OpenAI - description: > - Defines properties for connectors when type is `.gen-ai` and the API - provider is `Azure OpenAI'. - type: object - required: - - apiProvider - - apiUrl - properties: - apiProvider: - type: string - description: The OpenAI API provider. - enum: - - Azure OpenAI - apiUrl: - type: string - description: The OpenAI API endpoint. - Connectors_config_properties_genai_openai: - title: Connector request properties for an OpenAI connector - description: > - Defines properties for connectors when type is `.gen-ai` and the API - provider is `OpenAI'. - type: object - required: - - apiProvider - - apiUrl - properties: - apiProvider: - type: string - description: The OpenAI API provider. - enum: - - OpenAI - apiUrl: - type: string - description: The OpenAI API endpoint. - defaultModel: - type: string - description: The default model to use for requests. - Connectors_config_properties_genai: - title: Connector request properties for an OpenAI connector - description: Defines properties for connectors when type is `.gen-ai`. - oneOf: - - $ref: '#/components/schemas/Connectors_config_properties_genai_azure' - - $ref: '#/components/schemas/Connectors_config_properties_genai_openai' - discriminator: - propertyName: apiProvider - mapping: - Azure OpenAI: '#/components/schemas/Connectors_config_properties_genai_azure' - OpenAI: '#/components/schemas/Connectors_config_properties_genai_openai' - Connectors_secrets_properties_genai: - title: Connector secrets properties for an OpenAI connector - description: Defines secrets for connectors when type is `.gen-ai`. - type: object - properties: - apiKey: - type: string - description: The OpenAI API key. - Connectors_config_properties_index: - title: Connector request properties for an index connector - required: - - index - description: Defines properties for connectors when type is `.index`. - type: object - properties: - executionTimeField: - description: A field that indicates when the document was indexed. - default: null - type: string - nullable: true - index: - description: The Elasticsearch index to be written to. - type: string - refresh: - description: > - The refresh policy for the write request, which affects when changes - are made visible to search. Refer to the refresh setting for - Elasticsearch document APIs. - default: false - type: boolean - Connectors_config_properties_jira: - title: Connector request properties for a Jira connector - required: - - apiUrl - - projectKey - description: Defines properties for connectors when type is `.jira`. - type: object - properties: - apiUrl: - description: The Jira instance URL. - type: string - projectKey: - description: The Jira project key. - type: string - Connectors_secrets_properties_jira: - title: Connector secrets properties for a Jira connector - required: - - apiToken - - email - description: Defines secrets for connectors when type is `.jira`. - type: object - properties: - apiToken: - description: The Jira API authentication token for HTTP basic authentication. - type: string - email: - description: The account email for HTTP Basic authentication. - type: string - Connectors_config_properties_opsgenie: - title: Connector request properties for an Opsgenie connector - required: - - apiUrl - description: Defines properties for connectors when type is `.opsgenie`. - type: object - properties: - apiUrl: - description: > - The Opsgenie URL. For example, `https://api.opsgenie.com` or - `https://api.eu.opsgenie.com`. If you are using the - `xpack.actions.allowedHosts` setting, add the hostname to the - allowed hosts. - type: string - Connectors_secrets_properties_opsgenie: - title: Connector secrets properties for an Opsgenie connector - required: - - apiKey - description: Defines secrets for connectors when type is `.opsgenie`. - type: object - properties: - apiKey: - description: The Opsgenie API authentication key for HTTP Basic authentication. - type: string - Connectors_config_properties_pagerduty: - title: Connector request properties for a PagerDuty connector - description: Defines properties for connectors when type is `.pagerduty`. - type: object - properties: - apiUrl: - description: The PagerDuty event URL. - type: string - nullable: true - example: https://events.pagerduty.com/v2/enqueue - Connectors_secrets_properties_pagerduty: - title: Connector secrets properties for a PagerDuty connector - description: Defines secrets for connectors when type is `.pagerduty`. - type: object - required: - - routingKey - properties: - routingKey: - description: > - A 32 character PagerDuty Integration Key for an integration on a - service. - type: string - Connectors_config_properties_resilient: - title: Connector request properties for a IBM Resilient connector - required: - - apiUrl - - orgId - description: Defines properties for connectors when type is `.resilient`. - type: object - properties: - apiUrl: - description: The IBM Resilient instance URL. - type: string - orgId: - description: The IBM Resilient organization ID. - type: string - Connectors_secrets_properties_resilient: - title: Connector secrets properties for IBM Resilient connector - required: - - apiKeyId - - apiKeySecret - description: Defines secrets for connectors when type is `.resilient`. - type: object - properties: - apiKeyId: - type: string - description: The authentication key ID for HTTP Basic authentication. - apiKeySecret: - type: string - description: The authentication key secret for HTTP Basic authentication. - Connectors_config_properties_sentinelone: - title: Connector request properties for a SentinelOne connector - required: - - url - description: Defines properties for connectors when type is `.sentinelone`. - type: object - properties: - url: - description: > - The SentinelOne tenant URL. If you are using the - `xpack.actions.allowedHosts` setting, add the hostname to the - allowed hosts. - type: string - Connectors_secrets_properties_sentinelone: - title: Connector secrets properties for a SentinelOne connector - description: Defines secrets for connectors when type is `.sentinelone`. - type: object - required: - - token - properties: - token: - description: The A SentinelOne API token. - type: string - Connectors_config_properties_servicenow: - title: Connector request properties for a ServiceNow ITSM connector - required: - - apiUrl - description: Defines properties for connectors when type is `.servicenow`. - type: object - properties: - apiUrl: - type: string - description: The ServiceNow instance URL. - clientId: - description: > - The client ID assigned to your OAuth application. This property is - required when `isOAuth` is `true`. - type: string - isOAuth: - description: > - The type of authentication to use. The default value is false, which - means basic authentication is used instead of open authorization - (OAuth). - default: false - type: boolean - jwtKeyId: - description: > - The key identifier assigned to the JWT verifier map of your OAuth - application. This property is required when `isOAuth` is `true`. - type: string - userIdentifierValue: - description: > - The identifier to use for OAuth authentication. This identifier - should be the user field you selected when you created an OAuth JWT - API endpoint for external clients in your ServiceNow instance. For - example, if the selected user field is `Email`, the user identifier - should be the user's email address. This property is required when - `isOAuth` is `true`. - type: string - usesTableApi: - description: > - Determines whether the connector uses the Table API or the Import - Set API. This property is supported only for ServiceNow ITSM and - ServiceNow SecOps connectors. NOTE: If this property is set to - `false`, the Elastic application should be installed in ServiceNow. - default: true - type: boolean - Connectors_secrets_properties_servicenow: - title: >- - Connector secrets properties for ServiceNow ITOM, ServiceNow ITSM, and - ServiceNow SecOps connectors - description: >- - Defines secrets for connectors when type is `.servicenow`, - `.servicenow-sir`, or `.servicenow-itom`. - type: object - properties: - clientSecret: - type: string - description: >- - The client secret assigned to your OAuth application. This property - is required when `isOAuth` is `true`. - password: - type: string - description: >- - The password for HTTP basic authentication. This property is - required when `isOAuth` is `false`. - privateKey: - type: string - description: >- - The RSA private key that you created for use in ServiceNow. This - property is required when `isOAuth` is `true`. - privateKeyPassword: - type: string - description: >- - The password for the RSA private key. This property is required when - `isOAuth` is `true` and you set a password on your private key. - username: - type: string - description: >- - The username for HTTP basic authentication. This property is - required when `isOAuth` is `false`. - Connectors_config_properties_servicenow_itom: - title: Connector request properties for a ServiceNow ITSM connector - required: - - apiUrl - description: Defines properties for connectors when type is `.servicenow`. - type: object - properties: - apiUrl: - type: string - description: The ServiceNow instance URL. - clientId: - description: > - The client ID assigned to your OAuth application. This property is - required when `isOAuth` is `true`. - type: string - isOAuth: - description: > - The type of authentication to use. The default value is false, which - means basic authentication is used instead of open authorization - (OAuth). - default: false - type: boolean - jwtKeyId: - description: > - The key identifier assigned to the JWT verifier map of your OAuth - application. This property is required when `isOAuth` is `true`. - type: string - userIdentifierValue: - description: > - The identifier to use for OAuth authentication. This identifier - should be the user field you selected when you created an OAuth JWT - API endpoint for external clients in your ServiceNow instance. For - example, if the selected user field is `Email`, the user identifier - should be the user's email address. This property is required when - `isOAuth` is `true`. - type: string - Connectors_config_properties_slack_api: - title: Connector request properties for a Slack connector - description: Defines properties for connectors when type is `.slack_api`. - type: object - properties: - allowedChannels: - type: array - description: A list of valid Slack channels. - items: + - Security Solution Endpoint Management API + '/api/endpoint/action_log/{agent_id}': + get: + deprecated: true + description: Get action requests log + operationId: EndpointGetActionLog + parameters: + - in: path + name: agent_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionLogRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get action requests log schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_status: + get: + description: Get action status + operationId: EndpointGetActionsStatus + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agent_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse + description: OK + summary: Get Actions status schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/action/{action_id}': + get: + description: Get action details + operationId: EndpointGetActionsDetails + parameters: + - in: path + name: action_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Action details schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/action/{action_id}/file/{file_id}/download`': + get: + description: Download a file from an endpoint + operationId: EndpointFileDownload + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: File Download schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/action/{action_id}/file/{file_id}`': + get: + description: Get file info + operationId: EndpointFileInfo + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: File Info schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/execute: + post: + description: Execute a given command on an endpoint + operationId: EndpointExecuteAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Execute Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/get_file: + post: + description: Get a file from an endpoint + operationId: EndpointGetFileAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get File Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/isolate: + post: + description: Isolate an endpoint + operationId: EndpointIsolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Isolate Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/kill_process: + post: + description: Kill a running process on an endpoint + operationId: EndpointKillProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Kill process Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/running_procs: + post: + description: Get list of running processes on an endpoint + operationId: EndpointGetProcessesAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Running Processes Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/scan: + post: + description: Scan a file or directory + operationId: EndpointScanAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ScanRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Scan Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/state: + get: + operationId: EndpointGetActionsState + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse + description: OK + summary: Get Action State schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/suspend_process: + post: + description: Suspend a running process on an endpoint + operationId: EndpointSuspendProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Suspend process Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/unisolate: + post: + description: Release an endpoint + operationId: EndpointUnisolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Unisolate Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/upload: + post: + description: Upload a file to an endpoint + operationId: EndpointUploadAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UploadRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Upload Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata: + get: + operationId: GetEndpointMetadataList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ListRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Metadata List schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/metadata/{id}': + get: + operationId: GetEndpointMetadata + parameters: + - in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Metadata schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/transforms: + get: + operationId: GetEndpointMetadataTransform + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Metadata Transform schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy_response: + get: + operationId: GetPolicyResponse + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agentId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Policy Response schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy/summaries: + get: + deprecated: true + operationId: GetAgentPolicySummary + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + package_name: + type: string + policy_id: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Agent Policy Summary schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/protection_updates_note/{package_policy_id}': + get: + operationId: GetProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Get Protection Updates Note schema + tags: + - Security Solution Endpoint Management API + post: + operationId: CreateUpdateProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + note: + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Create Update Protection Updates Note schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/suggestions/{suggestion_type}': + post: + operationId: GetEndpointSuggestions + parameters: + - in: path + name: suggestion_type + required: true + schema: + enum: + - eventFilters + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + field: + type: string + fieldMeta: {} + filters: {} + query: + type: string + required: + - parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get suggestions + tags: + - Security Solution Endpoint Management API + /api/exception_lists: + delete: + operationId: DeleteExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Deletes an exception list + tags: + - Security Solution Exceptions API + get: + operationId: ReadExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Retrieves an exception list using its `id` or `list_id` field + tags: + - Security Solution Exceptions API + post: + operationId: CreateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + default: 1 + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Creates an exception list + tags: + - Security Solution Exceptions API + put: + operationId: UpdateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Updates an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_duplicate: + post: + operationId: DuplicateExceptionList + parameters: + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list to duplicate not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Duplicates an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_export: + post: + description: Exports an exception list and its associated items to an .ndjson file + operationId: ExportExceptionList + parameters: + - description: Exception list's identifier + in: query + name: id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: >- + A `.ndjson` file containing specified exception list and its + items + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Exports an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_find: + get: + operationId: FindExceptionLists + parameters: + - description: > + Filters the returned results according to the value of the specified + field. + + + Uses the `so type.field name:field` value syntax, where `so type` + can be: + + + - `exception-list`: Specify a space-aware exception list. + + - `exception-list-agnostic`: Specify an exception list that is + shared across spaces. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListsFilter + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of exception lists to return per page + in: query + name: per_page + required: false + schema: + minimum: 1 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + type: string + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Finds exception lists + tags: + - Security Solution Exceptions API + /api/exception_lists/_import: + post: + description: Imports an exception list and associated items + operationId: ImportExceptionList + parameters: + - description: > + Determines whether existing exception lists with the same `list_id` + are overwritten. + + If any exception items have the same `item_id`, those are also + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: > + Determines whether the list being imported will have a new `list_id` + generated. + + Additional `item_id`'s are generated for each exception item. Both + the exception + + list and its items are overwritten. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: A `.ndjson` file containing the exception list + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + errors: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray + success: + type: boolean + success_count: + minimum: 0 + type: integer + success_count_exception_list_items: + minimum: 0 + type: integer + success_count_exception_lists: + minimum: 0 + type: integer + success_exception_list_items: + type: boolean + success_exception_lists: + type: boolean + required: + - errors + - success + - success_count + - success_exception_lists + - success_count_exception_lists + - success_exception_list_items + - success_count_exception_list_items + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Imports an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/items: + delete: + operationId: DeleteExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Deletes an exception list item + tags: + - Security Solution Exceptions API + get: + operationId: ReadExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Gets an exception list item + tags: + - Security Solution Exceptions API + post: + operationId: CreateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - list_id + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Creates an exception list item + tags: + - Security Solution Exceptions API + put: + operationId: UpdateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Updates an exception list item + tags: + - Security Solution Exceptions API + /api/exception_lists/items/_find: + get: + operationId: FindExceptionListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + type: array + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + default: [] + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListItemsFilter + type: array + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - in: query + name: search + required: false + schema: + type: string + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Finds exception list items + tags: + - Security Solution Exceptions API + /api/exception_lists/summary: + get: + operationId: ReadExceptionListSummary + parameters: + - description: Exception list's identifier generated upon creation + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human readable identifier + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + - description: Search filter clause + in: query + name: filter + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + linux: + minimum: 0 + type: integer + macos: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + windows: + minimum: 0 + type: integer + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Retrieves an exception list summary + tags: + - Security Solution Exceptions API + /api/exceptions/shared: + post: + operationId: CreateSharedExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + required: + - name + - description + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Creates a shared exception list + tags: + - Security Solution Exceptions API + /api/lists: + delete: + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Deletes a list + tags: + - Security Solution Lists API + get: + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Retrieves a list using its id field + tags: + - Security Solution Lists API + patch: + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patches a list + tags: + - Security Solution Lists API + post: + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Creates a list + tags: + - Security Solution Lists API + put: + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Updates a list + tags: + - Security Solution Lists API + /api/lists/_find: + get: + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListsCursor + data: + items: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Finds lists + tags: + - Security Solution Lists API + /api/lists/index: + delete: + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Deletes list data streams + tags: + - Security Solution Lists API + get: + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list data stream existence status + tags: + - Security Solution Lists API + post: + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Creates necessary list data streams + tags: + - Security Solution Lists API + /api/lists/items: + delete: + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Deletes a list item + tags: + - Security Solution Lists API + get: + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Gets a list item + tags: + - Security Solution Lists API + patch: + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patches a list item + tags: + - Security Solution Lists API + post: + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Creates a list item + tags: + - Security Solution Lists API + put: + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Updates a list item + tags: + - Security Solution Lists API + /api/lists/items/_export: + post: + description: Exports list item values from the specified list + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Exports list items + tags: + - Security Solution Lists API + /api/lists/items/_find: + get: + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsFilter + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Finds list items + tags: + - Security Solution Lists API + /api/lists/items/_import: + post: + description: > + Imports a list of items from a `.txt` or `.csv` file. The maximum file + size is 9 million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Imports list items + tags: + - Security Solution Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemPrivileges + lists: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListPrivileges + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Gets list privileges + tags: + - Security Solution Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models. This API runs automatically when you start Kibana and + periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync machine learning saved objects + tags: + - ml + /api/note: + delete: + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The id of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Deletes a note from a timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + get: + description: Gets notes + operationId: GetNotes + parameters: + - in: query + name: documentIds + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DocumentIds' + - in: query + name: page + schema: + nullable: true + type: number + - in: query + name: perPage + schema: + nullable: true + type: number + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + description: Indicates the requested notes were returned. + summary: Get all notes for a given document. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + patch: + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to persist or update along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + type: object + properties: + code: + type: number + message: + type: string + note: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Note + required: + - code + - message + - note + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Persists a note to a timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/osquery/live_queries: + get: + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Find live queries + tags: + - Security Solution Osquery API + post: + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Solution Osquery API + '/api/osquery/live_queries/{id}': + get: + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true type: object - required: - - id - - name - maxItems: 25 - properties: - id: - type: string - description: The Slack channel ID. - example: C123ABC456 - minLength: 1 - name: + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Solution Osquery API + '/api/osquery/live_queries/{id}/results/{actionId}': + get: + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Solution Osquery API + /api/osquery/packs: + get: + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindPacksRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Find packs + tags: + - Security Solution Osquery API + post: + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a packs + tags: + - Security Solution Osquery API + '/api/osquery/packs/{id}': + delete: + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete packs + tags: + - Security Solution Osquery API + get: + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs details + tags: + - Security Solution Osquery API + put: + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update packs + tags: + - Security Solution Osquery API + /api/osquery/saved_queries: + get: + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Find saved queries + tags: + - Security Solution Osquery API + post: + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Solution Osquery API + '/api/osquery/saved_queries/{id}': + delete: + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete saved query + tags: + - Security Solution Osquery API + get: + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Solution Osquery API + put: + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update saved query + tags: + - Security Solution Osquery API + /api/pinned_event: + patch: + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to persist or update along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + - type: object + properties: + code: + type: number + message: + type: string + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicate the event was successfully pinned in the timeline. + summary: Persists a pinned event to a timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_request + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_response + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_request + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_response + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: + description: >- + The bulk action is applied to all anonymization fields that match the + filter or to the list of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Applies a bulk action to multiple anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Finds anonymization fields that match the given query. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Finds anonymization fields that match the given query. + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Creates a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary type: string - description: The Slack channel name. - minLength: 1 - Connectors_secrets_properties_slack_api: - title: Connector secrets properties for a Web API Slack connector - description: Defines secrets for connectors when type is `.slack`. - required: - - token - type: object - properties: - token: - type: string - description: Slack bot user OAuth token. - Connectors_secrets_properties_slack_webhook: - title: Connector secrets properties for a Webhook Slack connector - description: Defines secrets for connectors when type is `.slack`. - required: - - webhookUrl - type: object - properties: - webhookUrl: - type: string - description: Slack webhook url. - Connectors_config_properties_swimlane: - title: Connector request properties for a Swimlane connector - required: - - apiUrl - - appId - - connectorType - description: Defines properties for connectors when type is `.swimlane`. - type: object - properties: - apiUrl: - description: The Swimlane instance URL. - type: string - appId: - description: The Swimlane application ID. - type: string - connectorType: + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Creates a model response for the given chat conversation. + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a conversation + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Finds conversations that match the given query. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Finds conversations that match the given query. + tags: + - Security AI Assistant API + - Conversations API + '/api/security_ai_assistant/current_user/conversations/{id}': + delete: + description: Deletes a single conversation using the `id` field. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Deletes a single conversation using the `id` field. + tags: + - Security AI Assistant API + - Conversation API + get: + description: Read a single conversation + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Read a single conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update a single conversation + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + The bulk action is applied to all prompts that match the filter or to + the list of prompts by their IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Applies a bulk action to multiple prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Finds prompts that match the given query. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Finds prompts that match the given query. + tags: + - Security AI Assistant API + - Prompts API + /api/status: + get: + operationId: /api/status#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. description: >- - The type of connector. Valid values are `all`, `alerts`, and - `cases`. - type: string - enum: - - all - - alerts - - cases - mappings: - title: Connector mappings properties for a Swimlane connector - description: The field mapping. - type: object - properties: - alertIdConfig: - title: Alert identifier mapping - description: Mapping for the alert ID. + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The ids of the timelines or timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the timeline was successfully deleted. + summary: Deletes one or more timelines or timeline templates. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + get: + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to retrieve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: Indicates that the (template) timeline was found and returned. + summary: >- + Get an existing saved timeline or timeline template. This API is used to + retrieve an existing saved timeline or timeline template. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + patch: + description: >- + Updates an existing timeline. This API is used to update the title, + description, date range, pinned events, pinned queries, and/or pinned + saved queries of an existing timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - required: - - fieldType - - id - - key - - name properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true type: string - description: The key for the field in Swimlane. - name: + version: + nullable: true type: string - description: The name of the field in Swimlane. - caseIdConfig: - title: Case identifier mapping - description: Mapping for the case ID. - type: object required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - caseNameConfig: - title: Case name mapping - description: Mapping for the case name. + - timelineId + - version + - timeline + description: The timeline updates along with the timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft timeline was successfully created. In the + event the user already has a draft timeline, the existing draft + timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft timeline. + summary: Updates an existing timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + post: + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - required: - - fieldType - - id - - key - - name properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: + status: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineStatus + nullable: true + templateTimelineId: + nullable: true type: string - description: The identifier for the field in Swimlane. - key: + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true type: string - description: The key for the field in Swimlane. - name: + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + version: + nullable: true type: string - description: The name of the field in Swimlane. - commentsConfig: - title: Case comment mapping - description: Mapping for the case comments. - type: object required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - descriptionConfig: - title: Case description mapping - description: Mapping for the case description. + - timeline + description: >- + The required timeline fields used to create a new timeline along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - persistTimeline + required: + - data + description: Indicates the timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the timeline creation. + summary: Creates a new timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_draft: + get: + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: Indicates that the draft timeline was successfully retrieved. + '403': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft timeline. + '409': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft timeline was not found and + we attempted to create one, it indicates that there is already a + draft timeline with the given timelineId. + summary: >- + Retrieves the draft timeline for the current user. If the user does not + have a draft timeline, an empty timeline is returned. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + post: + description: > + Retrieves a clean draft timeline. If a draft timeline does not exist, it + is created and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - required: - - fieldType - - id - - key - - name properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - ruleNameConfig: - title: Rule name mapping - description: Mapping for the name of the alert's rule. + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + required: + - timelineType + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft timeline was successfully created. In the + event the user already has a draft timeline, the existing draft + timeline is cleared and returned. + '403': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft timeline. + '409': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft timeline with the given + timelineId. + summary: Retrieves a draft timeline or timeline template. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_export: + post: + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - required: - - fieldType - - id - - key - - name properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - severityConfig: - title: Severity mapping - description: Mapping for the severity. + ids: + items: + type: string + nullable: true + type: array + description: The ids of the timelines to export + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported timelines + type: string + description: Indicates the timelines were successfully exported + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded + summary: Exports timelines as an NDJSON file + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_favorite: + patch: + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - required: - - fieldType - - id - - key - - name properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: + templateTimelineId: + nullable: true type: string - description: The key for the field in Swimlane. - name: + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true type: string - description: The name of the field in Swimlane. - Connectors_secrets_properties_swimlane: - title: Connector secrets properties for a Swimlane connector - description: Defines secrets for connectors when type is `.swimlane`. - type: object - properties: - apiToken: - description: Swimlane API authentication token. - type: string - Connectors_secrets_properties_teams: - title: Connector secrets properties for a Microsoft Teams connector - description: Defines secrets for connectors when type is `.teams`. - type: object - required: - - webhookUrl - properties: - webhookUrl: - type: string - description: > - The URL of the incoming webhook. If you are using the - `xpack.actions.allowedHosts` setting, add the hostname to the - allowed hosts. - Connectors_config_properties_tines: - title: Connector request properties for a Tines connector - description: Defines properties for connectors when type is `.tines`. - type: object - required: - - url - properties: - url: - description: > - The Tines tenant URL. If you are using the - `xpack.actions.allowedHosts` setting, make sure this hostname is - added to the allowed hosts. - type: string - Connectors_secrets_properties_tines: - title: Connector secrets properties for a Tines connector - description: Defines secrets for connectors when type is `.tines`. - type: object - required: - - email - - token - properties: - email: - description: The email used to sign in to Tines. - type: string - token: - description: The Tines API token. - type: string - Connectors_config_properties_torq: - title: Connector request properties for a Torq connector - description: Defines properties for connectors when type is `.torq`. - type: object - required: - - webhookIntegrationUrl - properties: - webhookIntegrationUrl: - description: The endpoint URL of the Elastic Security integration in Torq. - type: string - Connectors_secrets_properties_torq: - title: Connector secrets properties for a Torq connector - description: Defines secrets for connectors when type is `.torq`. - type: object - required: - - token - properties: - token: - description: The secret of the webhook authentication header. - type: string - Connectors_config_properties_webhook: - title: Connector request properties for a Webhook connector - description: Defines properties for connectors when type is `.webhook`. - type: object - properties: - authType: - type: string - nullable: true - enum: - - webhook-authentication-basic - - webhook-authentication-ssl - description: | - The type of authentication to use: basic, SSL, or none. - ca: - type: string - description: > - A base64 encoded version of the certificate authority file that the - connector can trust to sign and validate certificates. This option - is available for all authentication types. - certType: - type: string - description: > - If the `authType` is `webhook-authentication-ssl`, specifies whether - the certificate authentication data is in a CRT and key file format - or a PFX file format. - enum: - - ssl-crt-key - - ssl-pfx - hasAuth: - type: boolean - description: > - If `true`, a user name and password must be provided for login type - authentication. - headers: - type: object - nullable: true - description: A set of key-value pairs sent as headers with the request. - method: - type: string - default: post - enum: - - post - - put - description: | - The HTTP request method, either `post` or `put`. - url: - type: string - description: > - The request URL. If you are using the `xpack.actions.allowedHosts` - setting, add the hostname to the allowed hosts. - verificationMode: - type: string - enum: - - certificate - - full - - none - default: full - description: > - Controls the verification of certificates. Use `full` to validate - that the certificate has an issue date within the `not_before` and - `not_after` dates, chains to a trusted certificate authority (CA), - and has a hostname or IP address that matches the names within the - certificate. Use `certificate` to validate the certificate and - verify that it is signed by a trusted authority; this option does - not check the certificate hostname. Use `none` to skip certificate - validation. - Connectors_secrets_properties_webhook: - title: Connector secrets properties for a Webhook connector - description: Defines secrets for connectors when type is `.webhook`. - type: object - properties: - crt: - type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + body: + type: string + statusCode: + type: number description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT - file. - key: - type: string + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Persists a given users favorite status of a timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_import: + post: + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Readable + - type: object + properties: + hapi: + type: object + properties: + filename: + type: string + headers: + type: object + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - filename + - headers + required: + - hapi + description: The timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the import of timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-crt-key`, it is a base64 encoded version of the KEY file. - pfx: - type: string + Indicates the import of timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. - password: - type: string - description: > - The password for HTTP basic authentication or the passphrase for the - SSL certificate files. If `hasAuth` is set to `true` and `authType` - is `webhook-authentication-basic`, this property is required. - user: - type: string - description: > - The username for HTTP basic authentication. If `hasAuth` is set to - `true` and `authType` is `webhook-authentication-basic`, this - property is required. - Connectors_config_properties_xmatters: - title: Connector request properties for an xMatters connector - description: Defines properties for connectors when type is `.xmatters`. - type: object - properties: - configUrl: - description: > - The request URL for the Elastic Alerts trigger in xMatters. It is - applicable only when `usesBasic` is `true`. - type: string - nullable: true - usesBasic: + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of timelines was unsuccessful. + summary: Imports timelines. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_prepackaged: + post: + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + type: array + timelinesToInstall: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + timelinesToUpdate: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the installation of prepackaged timelines was successful. + '500': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + body: + type: string + statusCode: + type: number description: >- - Specifies whether the connector uses HTTP basic authentication - (`true`) or URL authentication (`false`). - type: boolean - default: true - Connectors_secrets_properties_xmatters: - title: Connector secrets properties for an xMatters connector - description: Defines secrets for connectors when type is `.xmatters`. - type: object + Indicates the installation of prepackaged timelines was + unsuccessful. + summary: Installs prepackaged timelines. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: The (template) timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) timeline was not found + summary: Get an existing saved timeline or timeline template. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timelines: + get: + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SortFieldTimeline + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timelines + - totalCount + - defaultTimelineCount + - templateTimelineCount + - favoriteCount + - elasticTemplateTimelineCount + - customTemplateTimelineCount + required: + - data + description: Indicates that the (template) timelines were found and returned. + '400': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: >- + This API is used to retrieve a list of existing saved timelines or + timeline templates. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + '/s/{spaceId}/api/observability/slos': + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: 'The page to use for pagination, must be greater or equal than 1' + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + summary: Create an SLO + tags: + - slo + '/s/{spaceId}/api/observability/slos/_delete_instances': + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + summary: Batch delete rollup and summary data + tags: + - slo + '/s/{spaceId}/api/observability/slos/{sloId}': + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + '/s/{spaceId}/api/observability/slos/{sloId}/_reset': + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + '/s/{spaceId}/api/observability/slos/{sloId}/disable': + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + '/s/{spaceId}/api/observability/slos/{sloId}/enable': + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Connectors_create_email_connector_request: + summary: Create an email connector. + value: + config: + from: tester@example.com + hasAuth: true + host: 'https://example.com' + port: 1025 + secure: false + service: other + connector_type_id: .email + name: email-connector-1 + secrets: + password: password + user: username + Connectors_create_email_connector_response: + summary: A new email connector. + value: + config: + clientId: null + from: tester@example.com + hasAuth: true + host: 'https://example.com' + oauthTokenUrl: null + port: 1025 + secure: false + service: other + tenantId: null + connector_type_id: .email + id: 90a82c60-478f-11ee-a343-f98a117c727f + is_deprecated: false + is_missing_secrets: false + is_preconfigured: false + is_system_action: false + name: email-connector-1 + Connectors_create_index_connector_request: + summary: Create an index connector. + value: + config: + index: test-index + connector_type_id: .index + name: my-connector + Connectors_create_index_connector_response: + summary: A new index connector. + value: + config: + executionTimeField: null + index: test-index + refresh: false + connector_type_id: .index + id: c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad + is_deprecated: false + is_missing_secrets: false + is_preconfigured: false + is_system_action: false + name: my-connector + Connectors_create_webhook_connector_request: + summary: Create a webhook connector with SSL authentication. + value: + config: + authType: webhook-authentication-ssl + certType: ssl-crt-key + method: post + url: 'https://example.com' + connector_type_id: .webhook + name: my-webhook-connector + secrets: + crt: QmFnIEF0dH... + key: LS0tLS1CRUdJ... + password: my-passphrase + Connectors_create_webhook_connector_response: + summary: A new webhook connector. + value: + config: + authType: webhook-authentication-ssl + certType: ssl-crt-key + hasAuth: true + headers: null + method: post + url: 'https://example.com' + verificationMode: full + connector_type_id: .webhook + id: 900eb010-3b9d-11ee-a642-8ffbb94e38bd + is_deprecated: false + is_missing_secrets: false + is_preconfigured: false + is_system_action: false + name: my-webhook-connector + Connectors_create_xmatters_connector_request: + summary: Create an xMatters connector with URL authentication. + value: + config: + usesBasic: false + connector_type_id: .xmatters + name: my-xmatters-connector + secrets: + secretsUrl: 'https://example.com?apiKey=xxxxx' + Connectors_create_xmatters_connector_response: + summary: A new xMatters connector. + value: + config: + configUrl: null + usesBasic: false + connector_type_id: .xmatters + id: 4d2d8da0-4d1f-11ee-9367-577408be4681 + is_deprecated: false + is_missing_secrets: false + is_preconfigured: false + is_system_action: false + name: my-xmatters-connector + Connectors_get_connector_response: + summary: Get connector details. + value: + config: {} + connector_type_id: .server-log + id: df770e30-8b8b-11ed-a780-3b746c987a81 + is_deprecated: false + is_missing_secrets: false + is_preconfigured: false + is_system_action: false + name: my_server_log_connector + Connectors_get_connector_types_generativeai_response: + summary: A list of connector types for the `generativeAI` feature. + value: + - enabled: true + enabled_in_config: true + enabled_in_license: true + id: .gen-ai + is_system_action_type: false + minimum_license_required: enterprise + name: OpenAI + supported_feature_ids: + - generativeAIForSecurity + - generativeAIForObservability + - generativeAIForSearchPlayground + - enabled: true + enabled_in_config: true + enabled_in_license: true + id: .bedrock + is_system_action_type: false + minimum_license_required: enterprise + name: AWS Bedrock + supported_feature_ids: + - generativeAIForSecurity + - generativeAIForObservability + - generativeAIForSearchPlayground + - enabled: true + enabled_in_config: true + enabled_in_license: true + id: .gemini + is_system_action_type: false + minimum_license_required: enterprise + name: Google Gemini + supported_feature_ids: + - generativeAIForSecurity + Connectors_get_connectors_response: + summary: A list of connectors + value: + - connector_type_id: .email + id: preconfigured-email-connector + is_deprecated: false + is_preconfigured: true + is_system_action: false + name: my-preconfigured-email-notification + referenced_by_count: 0 + - config: + executionTimeField: null + index: test-index + refresh: false + connector_type_id: .index + id: e07d0c80-8b8b-11ed-a780-3b746c987a81 + is_deprecated: false + is_missing_secrets: false + is_preconfigured: false + is_system_action: false + name: my-index-connector + referenced_by_count: 2 + Connectors_update_index_connector_request: + summary: Update an index connector. + value: + config: + index: updated-index + name: updated-connector + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. + value: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: 'emit(doc[''shape_name''].value)' + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: 'emit(doc["foo"].value)' + type: long + Data_views_get_data_view_response: + summary: >- + The get data view API returns a JSON object that contains information + about the data view. + value: + data_view: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: '$0,0.00' + products.base_unit_price: + id: number + params: + pattern: '$0,0.00' + products.min_price: + id: number + params: + pattern: '$0,0.00' + products.price: + id: number + params: + pattern: '$0,0.00' + products.taxful_price: + id: number + params: + pattern: '$0,0.00' + products.taxless_price: + id: number + params: + pattern: '$0,0.00' + taxful_total_price: + id: number + params: + pattern: '$0,0.[00]' + taxless_total_price: + id: number + params: + pattern: '$0,0.00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category + type: string + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name + type: string + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name + type: string + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name + type: string + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + email: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer + type: string + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id + type: string + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category + type: string + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer + type: string + products.min_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.price: + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.product_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.product_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.product_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.product_name + type: string + products.quantity: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: products.quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.tax_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.tax_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxful_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.taxful_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + taxful_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.[00]' + isMapped: true + name: taxful_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + taxless_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: taxless_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_unique_products + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + type: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: type + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + user: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: user + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. + value: + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: '$0,0.[00]' + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: '$0,0.[00]' + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightDelayType + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightNum: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightNum + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeMin: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: 'emit(doc[''timestamp''].value.getHour());' + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Origin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: OriginLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + OriginRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: 'emit(doc[''timestamp''].value.getHour());' + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: 'emit(doc[''timestamp''].value.getHour());' + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: 'emit(doc["bar"].value)' + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Serverless_saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Serverless_saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Serverless_saved_objects_import_objects_request: + value: + file: file.ndjson + Serverless_saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + parameters: + Connectors_connector_id: + description: An identifier for the connector. + in: path + name: connectorId + required: true + schema: + example: df770e30-8b8b-11ed-a780-3b746c987a81 + type: string + Connectors_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Serverless_saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + responses: + Connectors_401: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + properties: + error: + enum: + - Unauthorized + example: Unauthorized + type: string + message: + type: string + statusCode: + enum: + - 401 + example: 401 + type: integer + title: Unauthorized response + type: object + description: Authorization information is missing or invalid. + Connectors_404: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [action/baf33fc0-920c-11ed-b36a-874bd1548a00] not + found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + title: Not found response + type: object + description: Object is not found. + schemas: + Connectors_config_properties_bedrock: + description: Defines properties for connectors when type is `.bedrock`. properties: - password: - description: > - A user name for HTTP basic authentication. It is applicable only - when `usesBasic` is `true`. - type: string - secretsUrl: - description: > - The request URL for the Elastic Alerts trigger in xMatters with the - API key included in the URL. It is applicable only when `usesBasic` - is `false`. + apiUrl: + description: The Amazon Bedrock request URL. type: string - user: + defaultModel: + default: 'anthropic.claude-3-5-sonnet-20240620-v1:0' description: > - A password for HTTP basic authentication. It is applicable only when - `usesBasic` is `true`. + The generative artificial intelligence model for Amazon Bedrock to + use. Current support is for the Anthropic Claude models. type: string - Connectors_create_connector_request: - title: Create connector request body properties - description: The properties vary depending on the connector type. - oneOf: - - $ref: '#/components/schemas/Connectors_create_connector_request_bedrock' - - $ref: '#/components/schemas/Connectors_create_connector_request_gemini' - - $ref: >- - #/components/schemas/Connectors_create_connector_request_cases_webhook - - $ref: '#/components/schemas/Connectors_create_connector_request_d3security' - - $ref: '#/components/schemas/Connectors_create_connector_request_email' - - $ref: '#/components/schemas/Connectors_create_connector_request_genai' - - $ref: '#/components/schemas/Connectors_create_connector_request_index' - - $ref: '#/components/schemas/Connectors_create_connector_request_jira' - - $ref: '#/components/schemas/Connectors_create_connector_request_opsgenie' - - $ref: '#/components/schemas/Connectors_create_connector_request_pagerduty' - - $ref: '#/components/schemas/Connectors_create_connector_request_resilient' - - $ref: '#/components/schemas/Connectors_create_connector_request_sentinelone' - - $ref: '#/components/schemas/Connectors_create_connector_request_serverlog' - - $ref: '#/components/schemas/Connectors_create_connector_request_servicenow' - - $ref: >- - #/components/schemas/Connectors_create_connector_request_servicenow_itom - - $ref: >- - #/components/schemas/Connectors_create_connector_request_servicenow_sir - - $ref: '#/components/schemas/Connectors_create_connector_request_slack_api' - - $ref: >- - #/components/schemas/Connectors_create_connector_request_slack_webhook - - $ref: '#/components/schemas/Connectors_create_connector_request_swimlane' - - $ref: '#/components/schemas/Connectors_create_connector_request_teams' - - $ref: '#/components/schemas/Connectors_create_connector_request_tines' - - $ref: '#/components/schemas/Connectors_create_connector_request_torq' - - $ref: '#/components/schemas/Connectors_create_connector_request_webhook' - - $ref: '#/components/schemas/Connectors_create_connector_request_xmatters' - discriminator: - propertyName: connector_type_id - mapping: - .bedrock: '#/components/schemas/Connectors_create_connector_request_bedrock' - .gemini: '#/components/schemas/Connectors_create_connector_request_gemini' - .cases-webhook: >- - #/components/schemas/Connectors_create_connector_request_cases_webhook - .d3security: '#/components/schemas/Connectors_create_connector_request_d3security' - .email: '#/components/schemas/Connectors_create_connector_request_email' - .gen-ai: '#/components/schemas/Connectors_create_connector_request_genai' - .index: '#/components/schemas/Connectors_create_connector_request_index' - .jira: '#/components/schemas/Connectors_create_connector_request_jira' - .opsgenie: '#/components/schemas/Connectors_create_connector_request_opsgenie' - .pagerduty: '#/components/schemas/Connectors_create_connector_request_pagerduty' - .resilient: '#/components/schemas/Connectors_create_connector_request_resilient' - .sentinelone: '#/components/schemas/Connectors_create_connector_request_sentinelone' - .server-log: '#/components/schemas/Connectors_create_connector_request_serverlog' - .servicenow: '#/components/schemas/Connectors_create_connector_request_servicenow' - .servicenow-itom: >- - #/components/schemas/Connectors_create_connector_request_servicenow_itom - .servicenow-sir: >- - #/components/schemas/Connectors_create_connector_request_servicenow_sir - .slack_api: '#/components/schemas/Connectors_create_connector_request_slack_api' - .slack: >- - #/components/schemas/Connectors_create_connector_request_slack_webhook - .swimlane: '#/components/schemas/Connectors_create_connector_request_swimlane' - .teams: '#/components/schemas/Connectors_create_connector_request_teams' - .tines: '#/components/schemas/Connectors_create_connector_request_tines' - .torq: '#/components/schemas/Connectors_create_connector_request_torq' - .webhook: '#/components/schemas/Connectors_create_connector_request_webhook' - .xmatters: '#/components/schemas/Connectors_create_connector_request_xmatters' - Connectors_connector_response_properties_bedrock: - title: Connector response properties for an Amazon Bedrock connector - type: object required: - - config - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_bedrock' - connector_type_id: - type: string - description: The type of connector. - enum: - - .bedrock - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - Connectors_connector_response_properties_gemini: - title: Connector response properties for a Google Gemini connector + - apiUrl + title: Connector request properties for an Amazon Bedrock connector + type: object + Connectors_config_properties_cases_webhook: + description: Defines properties for connectors when type is `.cases-webhook`. type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_gemini' - connector_type_id: + createCommentJson: + description: > + A JSON payload sent to the create comment URL to create a case + comment. You can use variables to add Kibana Cases data to the + payload. The required variable is `case.comment`. Due to Mustache + template variables (the text enclosed in triple braces, for example, + `{{{case.title}}}`), the JSON is not validated when you create the + connector. The JSON is validated once the Mustache variables have + been placed when the REST method runs. Manually ensure that the JSON + is valid, disregarding the Mustache variables, so the later + validation will pass. + example: '{"body": {{{case.comment}}}}' type: string - description: The type of connector. + createCommentMethod: + default: put + description: > + The REST API HTTP request method to create a case comment in the + third-party system. Valid values are `patch`, `post`, and `put`. enum: - - .gemini - id: + - patch + - post + - put type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + createCommentUrl: + description: > + The REST API URL to create a case comment by ID in the third-party + system. You can use a variable to add the external system ID to the + URL. If you are using the `xpack.actions.allowedHosts setting`, add + the hostname to the allowed hosts. + example: 'https://example.com/issue/{{{external.system.id}}}/comment' type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_cases_webhook: - title: Connector request properties for a Webhook - Case Management connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' - connector_type_id: - description: The type of connector. + createIncidentJson: + description: > + A JSON payload sent to the create case URL to create a case. You can + use variables to add case data to the payload. Required variables + are `case.title` and `case.description`. Due to Mustache template + variables (which is the text enclosed in triple braces, for example, + `{{{case.title}}}`), the JSON is not validated when you create the + connector. The JSON is validated after the Mustache variables have + been placed when REST method runs. Manually ensure that the JSON is + valid to avoid future validation errors; disregard Mustache + variables during your review. + example: >- + {"fields": {"summary": {{{case.title}}},"description": + {{{case.description}}},"labels": {{{case.tags}}}}} type: string + createIncidentMethod: + default: post + description: > + The REST API HTTP request method to create a case in the third-party + system. Valid values are `patch`, `post`, and `put`. enum: - - .cases-webhook - id: + - patch + - post + - put type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + createIncidentResponseKey: + description: >- + The JSON key in the create external case response that contains the + case ID. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_d3security: - title: Connector response properties for a D3 Security connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_d3security' - connector_type_id: + createIncidentUrl: + description: > + The REST API URL to create a case in the third-party system. If you + are using the `xpack.actions.allowedHosts` setting, add the hostname + to the allowed hosts. type: string - description: The type of connector. - enum: - - .d3security - id: + getIncidentResponseExternalTitleKey: + description: >- + The JSON key in get external case response that contains the case + title. type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + getIncidentUrl: + description: > + The REST API URL to get the case by ID from the third-party system. + If you are using the `xpack.actions.allowedHosts` setting, add the + hostname to the allowed hosts. You can use a variable to add the + external system ID to the URL. Due to Mustache template variables + (the text enclosed in triple braces, for example, + `{{{case.title}}}`), the JSON is not validated when you create the + connector. The JSON is validated after the Mustache variables have + been placed when REST method runs. Manually ensure that the JSON is + valid, disregarding the Mustache variables, so the later validation + will pass. + example: 'https://example.com/issue/{{{external.system.id}}}' type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_email: - title: Connector response properties for an email connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_email' - connector_type_id: + hasAuth: + default: true + description: >- + If true, a username and password for login type authentication must + be provided. + type: boolean + headers: + description: > + A set of key-value pairs sent as headers with the request URLs for + the create case, update case, get case, and create comment methods. type: string - description: The type of connector. + updateIncidentJson: + description: > + The JSON payload sent to the update case URL to update the case. You + can use variables to add Kibana Cases data to the payload. Required + variables are `case.title` and `case.description`. Due to Mustache + template variables (which is the text enclosed in triple braces, for + example, `{{{case.title}}}`), the JSON is not validated when you + create the connector. The JSON is validated after the Mustache + variables have been placed when REST method runs. Manually ensure + that the JSON is valid to avoid future validation errors; disregard + Mustache variables during your review. + example: >- + {"fields": {"summary": {{{case.title}}},"description": + {{{case.description}}},"labels": {{{case.tags}}}}} + type: string + updateIncidentMethod: + default: put + description: > + The REST API HTTP request method to update the case in the + third-party system. Valid values are `patch`, `post`, and `put`. enum: - - .email - id: + - patch + - post + - put type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + updateIncidentUrl: + description: > + The REST API URL to update the case by ID in the third-party system. + You can use a variable to add the external system ID to the URL. If + you are using the `xpack.actions.allowedHosts` setting, add the + hostname to the allowed hosts. + example: 'https://example.com/issue/{{{external.system.ID}}}' + type: string + viewIncidentUrl: + description: > + The URL to view the case in the external system. You can use + variables to add the external system ID or external system title to + the URL. + example: >- + https://testing-jira.atlassian.net/browse/{{{external.system.title}}} + type: string + required: + - createIncidentJson + - createIncidentResponseKey + - createIncidentUrl + - getIncidentResponseExternalTitleKey + - getIncidentUrl + - updateIncidentJson + - updateIncidentUrl + - viewIncidentUrl + title: Connector request properties for Webhook - Case Management connector + Connectors_config_properties_d3security: + description: Defines properties for connectors when type is `.d3security`. + properties: + url: + description: > + The D3 Security API request URL. If you are using the + `xpack.actions.allowedHosts` setting, add the hostname to the + allowed hosts. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_genai: - title: Connector response properties for an OpenAI connector - type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - url + title: Connector request properties for a D3 Security connector + type: object + Connectors_config_properties_email: + description: Defines properties for connectors when type is `.email`. + type: object properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_genai' - connector_type_id: + clientId: + description: > + The client identifier, which is a part of OAuth 2.0 client + credentials authentication, in GUID format. If `service` is + `exchange_server`, this property is required. + nullable: true type: string - description: The type of connector. + from: + description: > + The from address for all emails sent by the connector. It must be + specified in `user@host-name` format. + type: string + hasAuth: + default: true + description: > + Specifies whether a user and password are required inside the + secrets configuration. + type: boolean + host: + description: > + The host name of the service provider. If the `service` is + `elastic_cloud` (for Elastic Cloud notifications) or one of + Nodemailer's well-known email service providers, this property is + ignored. If `service` is `other`, this property must be defined. + type: string + oauthTokenUrl: + nullable: true + type: string + port: + description: > + The port to connect to on the service provider. If the `service` is + `elastic_cloud` (for Elastic Cloud notifications) or one of + Nodemailer's well-known email service providers, this property is + ignored. If `service` is `other`, this property must be defined. + type: integer + secure: + description: > + Specifies whether the connection to the service provider will use + TLS. If the `service` is `elastic_cloud` (for Elastic Cloud + notifications) or one of Nodemailer's well-known email service + providers, this property is ignored. + type: boolean + service: + description: | + The name of the email service. enum: - - .gen-ai - id: + - elastic_cloud + - exchange_server + - gmail + - other + - outlook365 + - ses type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + tenantId: + description: > + The tenant identifier, which is part of OAuth 2.0 client credentials + authentication, in GUID format. If `service` is `exchange_server`, + this property is required. + nullable: true type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_index: - title: Connector response properties for an index connector - type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - from + title: Connector request properties for an email connector + Connectors_config_properties_gemini: + description: Defines properties for connectors when type is `.gemini`. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_index' - connector_type_id: + apiUrl: + description: The Google Gemini request URL. type: string - description: The type of connector. - enum: - - .index - id: + defaultModel: + default: gemini-1.5-pro-001 + description: >- + The generative artificial intelligence model for Google Gemini to + use. type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + gcpProjectID: + description: The Google ProjectID that has Vertex AI endpoint enabled. + type: string + gcpRegion: + description: The GCP region where the Vertex AI endpoint enabled. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_jira: - title: Connector response properties for a Jira connector - type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - apiUrl + - gcpRegion + - gcpProjectID + title: Connector request properties for an Google Gemini connector + type: object + Connectors_config_properties_genai: + description: Defines properties for connectors when type is `.gen-ai`. + discriminator: + mapping: + Azure OpenAI: '#/components/schemas/Connectors_config_properties_genai_azure' + OpenAI: '#/components/schemas/Connectors_config_properties_genai_openai' + propertyName: apiProvider + oneOf: + - $ref: '#/components/schemas/Connectors_config_properties_genai_azure' + - $ref: '#/components/schemas/Connectors_config_properties_genai_openai' + title: Connector request properties for an OpenAI connector + Connectors_config_properties_genai_azure: + description: > + Defines properties for connectors when type is `.gen-ai` and the API + provider is `Azure OpenAI'. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_jira' - connector_type_id: - type: string - description: The type of connector. + apiProvider: + description: The OpenAI API provider. enum: - - .jira - id: + - Azure OpenAI type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + apiUrl: + description: The OpenAI API endpoint. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_opsgenie: - title: Connector response properties for an Opsgenie connector - type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - apiProvider + - apiUrl + title: >- + Connector request properties for an OpenAI connector that uses Azure + OpenAI + type: object + Connectors_config_properties_genai_openai: + description: > + Defines properties for connectors when type is `.gen-ai` and the API + provider is `OpenAI'. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_opsgenie' - connector_type_id: - type: string - description: The type of connector. + apiProvider: + description: The OpenAI API provider. enum: - - .opsgenie - id: + - OpenAI type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + apiUrl: + description: The OpenAI API endpoint. + type: string + defaultModel: + description: The default model to use for requests. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_pagerduty: - title: Connector response properties for a PagerDuty connector - type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - apiProvider + - apiUrl + title: Connector request properties for an OpenAI connector + type: object + Connectors_config_properties_index: + description: Defines properties for connectors when type is `.index`. + type: object properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_pagerduty' - connector_type_id: - type: string - description: The type of connector. - enum: - - .pagerduty - id: + executionTimeField: + default: null + description: A field that indicates when the document was indexed. + nullable: true type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + index: + description: The Elasticsearch index to be written to. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_resilient: - title: Connector response properties for a IBM Resilient connector - type: object + refresh: + default: false + description: > + The refresh policy for the write request, which affects when changes + are made visible to search. Refer to the refresh setting for + Elasticsearch document APIs. + type: boolean required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - index + title: Connector request properties for an index connector + Connectors_config_properties_jira: + description: Defines properties for connectors when type is `.jira`. + type: object properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_resilient' - connector_type_id: - type: string - description: The type of connector. - enum: - - .resilient - id: + apiUrl: + description: The Jira instance URL. type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + projectKey: + description: The Jira project key. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_sentinelone: - title: Connector response properties for a SentinelOne connector + required: + - apiUrl + - projectKey + title: Connector request properties for a Jira connector + Connectors_config_properties_opsgenie: + description: Defines properties for connectors when type is `.opsgenie`. type: object + properties: + apiUrl: + description: > + The Opsgenie URL. For example, `https://api.opsgenie.com` or + `https://api.eu.opsgenie.com`. If you are using the + `xpack.actions.allowedHosts` setting, add the hostname to the + allowed hosts. + type: string required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - apiUrl + title: Connector request properties for an Opsgenie connector + Connectors_config_properties_pagerduty: + description: Defines properties for connectors when type is `.pagerduty`. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_sentinelone' - connector_type_id: + apiUrl: + description: The PagerDuty event URL. + example: 'https://events.pagerduty.com/v2/enqueue' + nullable: true type: string - description: The type of connector. - enum: - - .sentinelone - id: + title: Connector request properties for a PagerDuty connector + type: object + Connectors_config_properties_resilient: + description: Defines properties for connectors when type is `.resilient`. + type: object + properties: + apiUrl: + description: The IBM Resilient instance URL. type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + orgId: + description: The IBM Resilient organization ID. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_serverlog: - title: Connector response properties for a server log connector + required: + - apiUrl + - orgId + title: Connector request properties for a IBM Resilient connector + Connectors_config_properties_sentinelone: + description: Defines properties for connectors when type is `.sentinelone`. type: object + properties: + url: + description: > + The SentinelOne tenant URL. If you are using the + `xpack.actions.allowedHosts` setting, add the hostname to the + allowed hosts. + type: string required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - url + title: Connector request properties for a SentinelOne connector + Connectors_config_properties_servicenow: + description: Defines properties for connectors when type is `.servicenow`. + type: object properties: - config: - type: object - nullable: true - connector_type_id: + apiUrl: + description: The ServiceNow instance URL. type: string - description: The type of connector. - enum: - - .server-log - id: + clientId: + description: > + The client ID assigned to your OAuth application. This property is + required when `isOAuth` is `true`. type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + isOAuth: + default: false + description: > + The type of authentication to use. The default value is false, which + means basic authentication is used instead of open authorization + (OAuth). + type: boolean + jwtKeyId: + description: > + The key identifier assigned to the JWT verifier map of your OAuth + application. This property is required when `isOAuth` is `true`. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_servicenow: - title: Connector response properties for a ServiceNow ITSM connector - type: object + userIdentifierValue: + description: > + The identifier to use for OAuth authentication. This identifier + should be the user field you selected when you created an OAuth JWT + API endpoint for external clients in your ServiceNow instance. For + example, if the selected user field is `Email`, the user identifier + should be the user's email address. This property is required when + `isOAuth` is `true`. + type: string + usesTableApi: + default: true + description: > + Determines whether the connector uses the Table API or the Import + Set API. This property is supported only for ServiceNow ITSM and + ServiceNow SecOps connectors. NOTE: If this property is set to + `false`, the Elastic application should be installed in ServiceNow. + type: boolean required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - apiUrl + title: Connector request properties for a ServiceNow ITSM connector + Connectors_config_properties_servicenow_itom: + description: Defines properties for connectors when type is `.servicenow`. + type: object properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - connector_type_id: + apiUrl: + description: The ServiceNow instance URL. type: string - description: The type of connector. - enum: - - .servicenow - id: + clientId: + description: > + The client ID assigned to your OAuth application. This property is + required when `isOAuth` is `true`. type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + isOAuth: + default: false + description: > + The type of authentication to use. The default value is false, which + means basic authentication is used instead of open authorization + (OAuth). + type: boolean + jwtKeyId: + description: > + The key identifier assigned to the JWT verifier map of your OAuth + application. This property is required when `isOAuth` is `true`. + type: string + userIdentifierValue: + description: > + The identifier to use for OAuth authentication. This identifier + should be the user field you selected when you created an OAuth JWT + API endpoint for external clients in your ServiceNow instance. For + example, if the selected user field is `Email`, the user identifier + should be the user's email address. This property is required when + `isOAuth` is `true`. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_servicenow_itom: - title: Connector response properties for a ServiceNow ITOM connector - type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - apiUrl + title: Connector request properties for a ServiceNow ITSM connector + Connectors_config_properties_slack_api: + description: Defines properties for connectors when type is `.slack_api`. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow-itom - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_servicenow_sir: - title: Connector response properties for a ServiceNow SecOps connector + allowedChannels: + description: A list of valid Slack channels. + items: + maxItems: 25 + type: object + properties: + id: + description: The Slack channel ID. + example: C123ABC456 + minLength: 1 + type: string + name: + description: The Slack channel name. + minLength: 1 + type: string + required: + - id + - name + type: array + title: Connector request properties for a Slack connector + type: object + Connectors_config_properties_swimlane: + description: Defines properties for connectors when type is `.swimlane`. type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - connector_type_id: + apiUrl: + description: The Swimlane instance URL. type: string - description: The type of connector. - enum: - - .servicenow-sir - id: + appId: + description: The Swimlane application ID. type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + connectorType: + description: >- + The type of connector. Valid values are `all`, `alerts`, and + `cases`. + enum: + - all + - alerts + - cases type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_slack_api: - title: Connector response properties for a Slack connector - type: object + mappings: + description: The field mapping. + properties: + alertIdConfig: + description: Mapping for the alert ID. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Alert identifier mapping + type: object + caseIdConfig: + description: Mapping for the case ID. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Case identifier mapping + type: object + caseNameConfig: + description: Mapping for the case name. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Case name mapping + type: object + commentsConfig: + description: Mapping for the case comments. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Case comment mapping + type: object + descriptionConfig: + description: Mapping for the case description. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Case description mapping + type: object + ruleNameConfig: + description: Mapping for the name of the alert's rule. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Rule name mapping + type: object + severityConfig: + description: Mapping for the severity. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Severity mapping + type: object + title: Connector mappings properties for a Swimlane connector + type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + - apiUrl + - appId + - connectorType + title: Connector request properties for a Swimlane connector + Connectors_config_properties_tines: + description: Defines properties for connectors when type is `.tines`. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_slack_api' - connector_type_id: - type: string - description: The type of connector. - enum: - - .slack_api - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + url: + description: > + The Tines tenant URL. If you are using the + `xpack.actions.allowedHosts` setting, make sure this hostname is + added to the allowed hosts. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_slack_webhook: - title: Connector response properties for a Slack connector - type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - connector_type_id: - type: string - description: The type of connector. - enum: - - .slack - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_swimlane: - title: Connector response properties for a Swimlane connector + - url + title: Connector request properties for a Tines connector type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + Connectors_config_properties_torq: + description: Defines properties for connectors when type is `.torq`. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_swimlane' - connector_type_id: - type: string - description: The type of connector. - enum: - - .swimlane - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + webhookIntegrationUrl: + description: The endpoint URL of the Elastic Security integration in Torq. type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_teams: - title: Connector response properties for a Microsoft Teams connector - type: object required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - type: object - connector_type_id: - type: string - description: The type of connector. - enum: - - .teams - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_tines: - title: Connector response properties for a Tines connector + - webhookIntegrationUrl + title: Connector request properties for a Torq connector type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + Connectors_config_properties_webhook: + description: Defines properties for connectors when type is `.webhook`. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_tines' - connector_type_id: - type: string - description: The type of connector. + authType: + description: | + The type of authentication to use: basic, SSL, or none. enum: - - .tines - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + - webhook-authentication-basic + - webhook-authentication-ssl + nullable: true type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_torq: - title: Connector response properties for a Torq connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_torq' - connector_type_id: + ca: + description: > + A base64 encoded version of the certificate authority file that the + connector can trust to sign and validate certificates. This option + is available for all authentication types. type: string - description: The type of connector. + certType: + description: > + If the `authType` is `webhook-authentication-ssl`, specifies whether + the certificate authentication data is in a CRT and key file format + or a PFX file format. enum: - - .torq - id: + - ssl-crt-key + - ssl-pfx type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + hasAuth: + description: > + If `true`, a user name and password must be provided for login type + authentication. + type: boolean + headers: + description: A set of key-value pairs sent as headers with the request. + nullable: true + type: object + method: + default: post + description: | + The HTTP request method, either `post` or `put`. + enum: + - post + - put type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_webhook: - title: Connector response properties for a Webhook connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_webhook' - connector_type_id: + url: + description: > + The request URL. If you are using the `xpack.actions.allowedHosts` + setting, add the hostname to the allowed hosts. type: string - description: The type of connector. + verificationMode: + default: full + description: > + Controls the verification of certificates. Use `full` to validate + that the certificate has an issue date within the `not_before` and + `not_after` dates, chains to a trusted certificate authority (CA), + and has a hostname or IP address that matches the names within the + certificate. Use `certificate` to validate the certificate and + verify that it is signed by a trusted authority; this option does + not check the certificate hostname. Use `none` to skip certificate + validation. enum: - - .webhook - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + - certificate + - full + - none type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_xmatters: - title: Connector response properties for an xMatters connector + title: Connector request properties for a Webhook connector type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name + Connectors_config_properties_xmatters: + description: Defines properties for connectors when type is `.xmatters`. properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_xmatters' - connector_type_id: - type: string - description: The type of connector. - enum: - - .xmatters - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: + configUrl: + description: > + The request URL for the Elastic Alerts trigger in xMatters. It is + applicable only when `usesBasic` is `true`. + nullable: true type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_is_deprecated: - type: boolean - description: Indicates whether the connector type is deprecated. - example: false - Connectors_is_missing_secrets: - type: boolean - description: >- - Indicates whether secrets are missing for the connector. Secrets - configuration properties vary depending on the connector type. - example: false - Connectors_is_preconfigured: - type: boolean - description: > - Indicates whether it is a preconfigured connector. If true, the `config` - and `is_missing_secrets` properties are omitted from the response. - example: false - Connectors_is_system_action: - type: boolean - description: Indicates whether the connector is used for system actions. - example: false - Connectors_referenced_by_count: - type: integer - description: > - Indicates the number of saved objects that reference the connector. If - `is_preconfigured` is true, this value is not calculated. This property - is returned only by the get all connectors API. - example: 2 + usesBasic: + default: true + description: >- + Specifies whether the connector uses HTTP basic authentication + (`true`) or URL authentication (`false`). + type: boolean + title: Connector request properties for an xMatters connector + type: object Connectors_connector_response_properties: - title: Connector response properties description: The properties vary depending on the connector type. + discriminator: + mapping: + .bedrock: >- + #/components/schemas/Connectors_connector_response_properties_bedrock + .cases-webhook: >- + #/components/schemas/Connectors_connector_response_properties_cases_webhook + .d3security: >- + #/components/schemas/Connectors_connector_response_properties_d3security + .email: '#/components/schemas/Connectors_connector_response_properties_email' + .gemini: '#/components/schemas/Connectors_connector_response_properties_gemini' + .gen-ai: '#/components/schemas/Connectors_connector_response_properties_genai' + .index: '#/components/schemas/Connectors_connector_response_properties_index' + .jira: '#/components/schemas/Connectors_connector_response_properties_jira' + .opsgenie: >- + #/components/schemas/Connectors_connector_response_properties_opsgenie + .pagerduty: >- + #/components/schemas/Connectors_connector_response_properties_pagerduty + .resilient: >- + #/components/schemas/Connectors_connector_response_properties_resilient + .sentinelone: >- + #/components/schemas/Connectors_connector_response_properties_sentinelone + .server-log: >- + #/components/schemas/Connectors_connector_response_properties_serverlog + .servicenow: >- + #/components/schemas/Connectors_connector_response_properties_servicenow + .servicenow-itom: >- + #/components/schemas/Connectors_connector_response_properties_servicenow_itom + .servicenow-sir: >- + #/components/schemas/Connectors_connector_response_properties_servicenow_sir + .slack: >- + #/components/schemas/Connectors_connector_response_properties_slack_webhook + .slack_api: >- + #/components/schemas/Connectors_connector_response_properties_slack_api + .swimlane: >- + #/components/schemas/Connectors_connector_response_properties_swimlane + .teams: '#/components/schemas/Connectors_connector_response_properties_teams' + .tines: '#/components/schemas/Connectors_connector_response_properties_tines' + .torq: '#/components/schemas/Connectors_connector_response_properties_torq' + .webhook: >- + #/components/schemas/Connectors_connector_response_properties_webhook + .xmatters: >- + #/components/schemas/Connectors_connector_response_properties_xmatters + propertyName: connector_type_id oneOf: - $ref: >- #/components/schemas/Connectors_connector_response_properties_bedrock @@ -4484,406 +11389,798 @@ components: #/components/schemas/Connectors_connector_response_properties_webhook - $ref: >- #/components/schemas/Connectors_connector_response_properties_xmatters - discriminator: - propertyName: connector_type_id - mapping: - .bedrock: >- - #/components/schemas/Connectors_connector_response_properties_bedrock - .gemini: '#/components/schemas/Connectors_connector_response_properties_gemini' - .cases-webhook: >- - #/components/schemas/Connectors_connector_response_properties_cases_webhook - .d3security: >- - #/components/schemas/Connectors_connector_response_properties_d3security - .email: '#/components/schemas/Connectors_connector_response_properties_email' - .gen-ai: '#/components/schemas/Connectors_connector_response_properties_genai' - .index: '#/components/schemas/Connectors_connector_response_properties_index' - .jira: '#/components/schemas/Connectors_connector_response_properties_jira' - .opsgenie: >- - #/components/schemas/Connectors_connector_response_properties_opsgenie - .pagerduty: >- - #/components/schemas/Connectors_connector_response_properties_pagerduty - .resilient: >- - #/components/schemas/Connectors_connector_response_properties_resilient - .sentinelone: >- - #/components/schemas/Connectors_connector_response_properties_sentinelone - .server-log: >- - #/components/schemas/Connectors_connector_response_properties_serverlog - .servicenow: >- - #/components/schemas/Connectors_connector_response_properties_servicenow - .servicenow-itom: >- - #/components/schemas/Connectors_connector_response_properties_servicenow_itom - .servicenow-sir: >- - #/components/schemas/Connectors_connector_response_properties_servicenow_sir - .slack_api: >- - #/components/schemas/Connectors_connector_response_properties_slack_api - .slack: >- - #/components/schemas/Connectors_connector_response_properties_slack_webhook - .swimlane: >- - #/components/schemas/Connectors_connector_response_properties_swimlane - .teams: '#/components/schemas/Connectors_connector_response_properties_teams' - .tines: '#/components/schemas/Connectors_connector_response_properties_tines' - .torq: '#/components/schemas/Connectors_connector_response_properties_torq' - .webhook: >- - #/components/schemas/Connectors_connector_response_properties_webhook - .xmatters: >- - #/components/schemas/Connectors_connector_response_properties_xmatters - Connectors_update_connector_request_bedrock: - title: Update Amazon Bedrock connector request + title: Connector response properties + Connectors_connector_response_properties_bedrock: + title: Connector response properties for an Amazon Bedrock connector type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_bedrock' + connector_type_id: + description: The type of connector. + enum: + - .bedrock + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string required: - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name + Connectors_connector_response_properties_cases_webhook: + title: Connector request properties for a Webhook - Case Management connector + type: object properties: config: - $ref: '#/components/schemas/Connectors_config_properties_bedrock' - name: + $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' + connector_type_id: + description: The type of connector. + enum: + - .cases-webhook type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_bedrock' - Connectors_update_connector_request_gemini: - title: Update Google Gemini connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name + Connectors_connector_response_properties_d3security: + title: Connector response properties for a D3 Security connector + type: object properties: config: - $ref: '#/components/schemas/Connectors_config_properties_gemini' - name: + $ref: '#/components/schemas/Connectors_config_properties_d3security' + connector_type_id: + description: The type of connector. + enum: + - .d3security + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_gemini' - Connectors_update_connector_request_cases_webhook: - title: Update Webhook - Case Managment connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name + Connectors_connector_response_properties_email: + title: Connector response properties for an email connector + type: object properties: config: - $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' - name: + $ref: '#/components/schemas/Connectors_config_properties_email' + connector_type_id: + description: The type of connector. + enum: + - .email + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_cases_webhook' - Connectors_update_connector_request_d3security: - title: Update D3 Security connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_gemini: + title: Connector response properties for a Google Gemini connector + type: object properties: config: - $ref: '#/components/schemas/Connectors_config_properties_d3security' - name: + $ref: '#/components/schemas/Connectors_config_properties_gemini' + connector_type_id: + description: The type of connector. + enum: + - .gemini + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_d3security' - Connectors_update_connector_request_email: - title: Update email connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name + Connectors_connector_response_properties_genai: + title: Connector response properties for an OpenAI connector + type: object properties: config: - $ref: '#/components/schemas/Connectors_config_properties_email' - name: + $ref: '#/components/schemas/Connectors_config_properties_genai' + connector_type_id: + description: The type of connector. + enum: + - .gen-ai + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_email' - Connectors_update_connector_request_index: - title: Update index connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name + Connectors_connector_response_properties_index: + title: Connector response properties for an index connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_index' - name: + connector_type_id: + description: The type of connector. + enum: + - .index + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - Connectors_update_connector_request_jira: - title: Update Jira connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_jira: + title: Connector response properties for a Jira connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_jira' - name: + connector_type_id: + description: The type of connector. + enum: + - .jira + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_jira' - Connectors_update_connector_request_opsgenie: - title: Update Opsgenie connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_opsgenie: + title: Connector response properties for an Opsgenie connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_opsgenie' - name: + connector_type_id: + description: The type of connector. + enum: + - .opsgenie + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_opsgenie' - Connectors_update_connector_request_pagerduty: - title: Update PagerDuty connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_pagerduty: + title: Connector response properties for a PagerDuty connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_pagerduty' + connector_type_id: + description: The type of connector. + enum: + - .pagerduty + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' name: - type: string description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_pagerduty' - Connectors_update_connector_request_resilient: - title: Update IBM Resilient connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_resilient: + title: Connector response properties for a IBM Resilient connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_resilient' - name: + connector_type_id: + description: The type of connector. + enum: + - .resilient + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_resilient' - Connectors_update_connector_request_sentinelone: - title: Update SentinelOne connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_sentinelone: + title: Connector response properties for a SentinelOne connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_sentinelone' - name: + connector_type_id: + description: The type of connector. + enum: + - .sentinelone + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_sentinelone' - Connectors_update_connector_request_serverlog: - title: Update server log connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name + Connectors_connector_response_properties_serverlog: + title: Connector response properties for a server log connector + type: object properties: - name: + config: + nullable: true + type: object + connector_type_id: + description: The type of connector. + enum: + - .server-log + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - Connectors_update_connector_request_servicenow: - title: Update ServiceNow ITSM connector or ServiceNow SecOps request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_servicenow: + title: Connector response properties for a ServiceNow ITSM connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_servicenow' - name: + connector_type_id: + description: The type of connector. + enum: + - .servicenow + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_update_connector_request_servicenow_itom: - title: Create ServiceNow ITOM connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_servicenow_itom: + title: Connector response properties for a ServiceNow ITOM connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' - name: + connector_type_id: + description: The type of connector. + enum: + - .servicenow-itom type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_update_connector_request_slack_api: - title: Update Slack connector request + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_servicenow_sir: + title: Connector response properties for a ServiceNow SecOps connector type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + connector_type_id: + description: The type of connector. + enum: + - .servicenow-sir + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_slack_api: + title: Connector response properties for a Slack connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_slack_api' - name: + connector_type_id: + description: The type of connector. + enum: + - .slack_api type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_slack_api' - Connectors_update_connector_request_slack_webhook: - title: Update Slack connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_slack_webhook: + title: Connector response properties for a Slack connector + type: object properties: - name: + connector_type_id: + description: The type of connector. + enum: + - .slack + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_slack_webhook' - Connectors_update_connector_request_swimlane: - title: Update Swimlane connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_swimlane: + title: Connector response properties for a Swimlane connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_swimlane' - name: + connector_type_id: + description: The type of connector. + enum: + - .swimlane + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_swimlane' - Connectors_update_connector_request_teams: - title: Update Microsoft Teams connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_teams: + title: Connector response properties for a Microsoft Teams connector + type: object properties: - name: + config: + type: object + connector_type_id: + description: The type of connector. + enum: + - .teams + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_teams' - Connectors_update_connector_request_tines: - title: Update Tines connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_tines: + title: Connector response properties for a Tines connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_tines' - name: + connector_type_id: + description: The type of connector. + enum: + - .tines + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_tines' - Connectors_update_connector_request_torq: - title: Update Torq connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_torq: + title: Connector response properties for a Torq connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_torq' - name: + connector_type_id: + description: The type of connector. + enum: + - .torq + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_torq' - Connectors_update_connector_request_webhook: - title: Update Webhook connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets + Connectors_connector_response_properties_webhook: + title: Connector response properties for a Webhook connector + type: object properties: config: $ref: '#/components/schemas/Connectors_config_properties_webhook' - name: + connector_type_id: + description: The type of connector. + enum: + - .webhook + type: string + id: + description: The identifier for the connector. type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_webhook' - Connectors_update_connector_request_xmatters: - title: Update xMatters connector request - type: object + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' required: - - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_xmatters: + title: Connector response properties for an xMatters connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_xmatters' + connector_type_id: + description: The type of connector. + enum: + - .xmatters + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_xmatters' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_xmatters' - Connectors_update_connector_request: - title: Update connector request body properties - description: The properties vary depending on the connector type. - oneOf: - - $ref: '#/components/schemas/Connectors_update_connector_request_bedrock' - - $ref: '#/components/schemas/Connectors_update_connector_request_gemini' - - $ref: >- - #/components/schemas/Connectors_update_connector_request_cases_webhook - - $ref: '#/components/schemas/Connectors_update_connector_request_d3security' - - $ref: '#/components/schemas/Connectors_update_connector_request_email' - - $ref: '#/components/schemas/Connectors_create_connector_request_genai' - - $ref: '#/components/schemas/Connectors_update_connector_request_index' - - $ref: '#/components/schemas/Connectors_update_connector_request_jira' - - $ref: '#/components/schemas/Connectors_update_connector_request_opsgenie' - - $ref: '#/components/schemas/Connectors_update_connector_request_pagerduty' - - $ref: '#/components/schemas/Connectors_update_connector_request_resilient' - - $ref: '#/components/schemas/Connectors_update_connector_request_sentinelone' - - $ref: '#/components/schemas/Connectors_update_connector_request_serverlog' - - $ref: '#/components/schemas/Connectors_update_connector_request_servicenow' - - $ref: >- - #/components/schemas/Connectors_update_connector_request_servicenow_itom - - $ref: '#/components/schemas/Connectors_update_connector_request_slack_api' - - $ref: >- - #/components/schemas/Connectors_update_connector_request_slack_webhook - - $ref: '#/components/schemas/Connectors_update_connector_request_swimlane' - - $ref: '#/components/schemas/Connectors_update_connector_request_teams' - - $ref: '#/components/schemas/Connectors_update_connector_request_tines' - - $ref: '#/components/schemas/Connectors_update_connector_request_torq' - - $ref: '#/components/schemas/Connectors_update_connector_request_webhook' - - $ref: '#/components/schemas/Connectors_update_connector_request_xmatters' - Connectors_features: - type: string - description: | - The feature that uses the connector. - enum: - - alerting - - cases - - generativeAIForSecurity - - generativeAIForObservability - - generativeAIForSearchPlayground - - siem - - uptime Connectors_connector_types: - title: Connector types - type: string description: >- The type of connector. For example, `.email`, `.index`, `.jira`, `.opsgenie`, or `.server-log`. @@ -4913,3766 +12210,13439 @@ components: - .webhook - .xmatters example: .server-log - Data_views_400_response: - title: Bad request - type: object - required: - - statusCode - - error - - message - properties: - statusCode: - type: number - example: 400 - error: - type: string - example: Bad Request - message: - type: string - Data_views_allownoindex: - type: boolean - description: Allows the data view saved object to exist before the data is available. - Data_views_fieldattrs: - type: object - description: A map of field attributes by field name. - properties: - count: - type: integer - description: Popularity count for the field. - customDescription: - type: string - description: Custom description for the field. - maxLength: 300 - customLabel: - type: string - description: Custom label for the field. - Data_views_fieldformats: - type: object - description: A map of field formats by field name. - Data_views_namespaces: - type: array - description: >- - An array of space identifiers for sharing the data view between multiple - spaces. - items: - type: string - default: default - Data_views_runtimefieldmap: - type: object - description: A map of runtime field definitions by field name. - required: - - script - - type - properties: - script: - type: object - properties: - source: - type: string - description: Script for the runtime field. - type: - type: string - description: Mapping type of the runtime field. - Data_views_sourcefilters: - type: array - description: The array of field names you want to filter out in Discover. - items: - type: object - required: - - value - properties: - value: - type: string - Data_views_timefieldname: - type: string - description: The timestamp field name, which you use for time-based data views. - Data_views_title: - type: string - description: >- - Comma-separated list of data streams, indices, and aliases that you want - to search. Supports wildcards (`*`). - Data_views_type: + title: Connector types type: string - description: When set to `rollup`, identifies the rollup data views. - Data_views_typemeta: - type: object - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - required: - - aggs - - params - properties: - aggs: - type: object - description: A map of rollup restrictions by aggregation type and field name. - params: - type: object - description: Properties for retrieving rollup fields. - Data_views_create_data_view_request_object: - title: Create data view request - type: object - required: - - data_view - properties: - data_view: - type: object - required: - - title - description: The data view object. - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - type: string - name: - type: string - description: The data view name. - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - version: - type: string - override: - type: boolean - description: >- - Override an existing data view if a data view with the provided - title already exists. - default: false - Data_views_typemeta_response: - type: object + Connectors_create_connector_request: + description: The properties vary depending on the connector type. + discriminator: + mapping: + .bedrock: '#/components/schemas/Connectors_create_connector_request_bedrock' + .cases-webhook: >- + #/components/schemas/Connectors_create_connector_request_cases_webhook + .d3security: '#/components/schemas/Connectors_create_connector_request_d3security' + .email: '#/components/schemas/Connectors_create_connector_request_email' + .gemini: '#/components/schemas/Connectors_create_connector_request_gemini' + .gen-ai: '#/components/schemas/Connectors_create_connector_request_genai' + .index: '#/components/schemas/Connectors_create_connector_request_index' + .jira: '#/components/schemas/Connectors_create_connector_request_jira' + .opsgenie: '#/components/schemas/Connectors_create_connector_request_opsgenie' + .pagerduty: '#/components/schemas/Connectors_create_connector_request_pagerduty' + .resilient: '#/components/schemas/Connectors_create_connector_request_resilient' + .sentinelone: '#/components/schemas/Connectors_create_connector_request_sentinelone' + .server-log: '#/components/schemas/Connectors_create_connector_request_serverlog' + .servicenow: '#/components/schemas/Connectors_create_connector_request_servicenow' + .servicenow-itom: >- + #/components/schemas/Connectors_create_connector_request_servicenow_itom + .servicenow-sir: >- + #/components/schemas/Connectors_create_connector_request_servicenow_sir + .slack: >- + #/components/schemas/Connectors_create_connector_request_slack_webhook + .slack_api: '#/components/schemas/Connectors_create_connector_request_slack_api' + .swimlane: '#/components/schemas/Connectors_create_connector_request_swimlane' + .teams: '#/components/schemas/Connectors_create_connector_request_teams' + .tines: '#/components/schemas/Connectors_create_connector_request_tines' + .torq: '#/components/schemas/Connectors_create_connector_request_torq' + .webhook: '#/components/schemas/Connectors_create_connector_request_webhook' + .xmatters: '#/components/schemas/Connectors_create_connector_request_xmatters' + propertyName: connector_type_id + oneOf: + - $ref: '#/components/schemas/Connectors_create_connector_request_bedrock' + - $ref: '#/components/schemas/Connectors_create_connector_request_gemini' + - $ref: >- + #/components/schemas/Connectors_create_connector_request_cases_webhook + - $ref: '#/components/schemas/Connectors_create_connector_request_d3security' + - $ref: '#/components/schemas/Connectors_create_connector_request_email' + - $ref: '#/components/schemas/Connectors_create_connector_request_genai' + - $ref: '#/components/schemas/Connectors_create_connector_request_index' + - $ref: '#/components/schemas/Connectors_create_connector_request_jira' + - $ref: '#/components/schemas/Connectors_create_connector_request_opsgenie' + - $ref: '#/components/schemas/Connectors_create_connector_request_pagerduty' + - $ref: '#/components/schemas/Connectors_create_connector_request_resilient' + - $ref: '#/components/schemas/Connectors_create_connector_request_sentinelone' + - $ref: '#/components/schemas/Connectors_create_connector_request_serverlog' + - $ref: '#/components/schemas/Connectors_create_connector_request_servicenow' + - $ref: >- + #/components/schemas/Connectors_create_connector_request_servicenow_itom + - $ref: >- + #/components/schemas/Connectors_create_connector_request_servicenow_sir + - $ref: '#/components/schemas/Connectors_create_connector_request_slack_api' + - $ref: >- + #/components/schemas/Connectors_create_connector_request_slack_webhook + - $ref: '#/components/schemas/Connectors_create_connector_request_swimlane' + - $ref: '#/components/schemas/Connectors_create_connector_request_teams' + - $ref: '#/components/schemas/Connectors_create_connector_request_tines' + - $ref: '#/components/schemas/Connectors_create_connector_request_torq' + - $ref: '#/components/schemas/Connectors_create_connector_request_webhook' + - $ref: '#/components/schemas/Connectors_create_connector_request_xmatters' + title: Create connector request body properties + Connectors_create_connector_request_bedrock: description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - nullable: true - properties: - aggs: - type: object - description: A map of rollup restrictions by aggregation type and field name. - params: - type: object - description: Properties for retrieving rollup fields. - Data_views_data_view_response_object: - title: Data view response properties - type: object + The Amazon Bedrock connector uses axios to send a POST request to Amazon + Bedrock. properties: - data_view: - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - type: string - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: - type: string - description: The data view name. - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta_response' - version: - type: string - example: WzQ2LDJd - Data_views_404_response: + config: + $ref: '#/components/schemas/Connectors_config_properties_bedrock' + connector_type_id: + description: The type of connector. + enum: + - .bedrock + example: .bedrock + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_bedrock' + required: + - config + - connector_type_id + - name + - secrets + title: Create Amazon Bedrock connector request type: object + Connectors_create_connector_request_cases_webhook: + description: > + The Webhook - Case Management connector uses axios to send POST, PUT, + and GET requests to a case management RESTful API web service. properties: - error: - type: string - example: Not Found + config: + $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' + connector_type_id: + description: The type of connector. enum: - - Not Found - message: + - .cases-webhook + example: .cases-webhook type: string - example: >- - Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] - not found - statusCode: - type: integer - example: 404 - enum: - - 404 - Data_views_update_data_view_request_object: - title: Update data view request - type: object + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_cases_webhook' required: - - data_view - properties: - data_view: - type: object - description: > - The data view properties you want to update. Only the specified - properties are updated in the data view. Unspecified fields stay as - they are persisted. - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - name: - type: string - runtimeFieldMap: - type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - type: boolean - description: Reloads the data view fields after the data view is updated. - default: false - Data_views_swap_data_view_request_object: - title: Data view reference swap request + - config + - connector_type_id + - name + title: Create Webhook - Case Managment connector request type: object - required: - - fromId - - toId + Connectors_create_connector_request_d3security: + description: > + The connector uses axios to send a POST request to a D3 Security + endpoint. properties: - delete: - type: boolean - description: Deletes referenced saved object if all references are removed. - forId: - oneOf: - - type: string - - type: array - items: - type: string - description: Limit the affected saved objects to one or more by identifier. - forType: + config: + $ref: '#/components/schemas/Connectors_config_properties_d3security' + connector_type_id: + description: The type of connector. + enum: + - .d3security + example: .d3security type: string - description: Limit the affected saved objects by type. - fromId: + name: + description: The display name for the connector. + example: my-connector type: string - description: The saved object reference to change. - fromType: + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_d3security' + required: + - config + - connector_type_id + - name + - secrets + title: Create D3 Security connector request + type: object + Connectors_create_connector_request_email: + description: > + The email connector uses the SMTP protocol to send mail messages, using + an integration of Nodemailer. An exception is Microsoft Exchange, which + uses HTTP protocol for sending emails, Send mail. Email message text is + sent as both plain text and html text. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_email' + connector_type_id: + description: The type of connector. + enum: + - .email + example: .email type: string - description: > - Specify the type of the saved object reference to alter. The default - value is `index-pattern` for data views. - toId: + name: + description: The display name for the connector. + example: my-connector type: string - description: New saved object reference value to replace the old value. - Machine_learning_APIs_mlSyncResponseSuccess: - type: boolean - description: The success or failure of the synchronization. - Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_email' + required: + - config + - connector_type_id + - name + - secrets + title: Create email connector request type: object - title: Sync API response for anomaly detection jobs + Connectors_create_connector_request_gemini: description: >- - The sync machine learning saved objects API response contains this - object when there are anomaly detection jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. + The Google Gemini connector uses axios to send a POST request to Google + Gemini. properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - Machine_learning_APIs_mlSyncResponseDatafeeds: + config: + $ref: '#/components/schemas/Connectors_config_properties_gemini' + connector_type_id: + description: The type of connector. + enum: + - .gemini + example: .gemini + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_gemini' + required: + - config + - connector_type_id + - name + - secrets + title: Create Google Gemini connector request + type: object + Connectors_create_connector_request_genai: + description: > + The OpenAI connector uses axios to send a POST request to either OpenAI + or Azure OpenAPI. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_genai' + connector_type_id: + description: The type of connector. + enum: + - .gen-ai + example: .gen-ai + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_genai' + required: + - config + - connector_type_id + - name + - secrets + title: Create OpenAI connector request type: object - title: Sync API response for datafeeds - description: >- - The sync machine learning saved objects API response contains this - object when there are datafeeds affected by the synchronization. There - is an object for each relevant datafeed, which contains the - synchronization status. + Connectors_create_connector_request_index: + description: The index connector indexes a document into Elasticsearch. properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + config: + $ref: '#/components/schemas/Connectors_config_properties_index' + connector_type_id: + description: The type of connector. + enum: + - .index + example: .index + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + required: + - config + - connector_type_id + - name + title: Create index connector request type: object - title: Sync API response for data frame analytics jobs - description: >- - The sync machine learning saved objects API response contains this - object when there are data frame analytics jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. + Connectors_create_connector_request_jira: + description: The Jira connector uses the REST API v2 to create Jira issues. properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + config: + $ref: '#/components/schemas/Connectors_config_properties_jira' + connector_type_id: + description: The type of connector. + enum: + - .jira + example: .jira + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_jira' + required: + - config + - connector_type_id + - name + - secrets + title: Create Jira connector request type: object - title: Sync API response for created saved objects - description: >- - If saved objects are missing for machine learning jobs or trained - models, they are created when you run the sync machine learning saved - objects API. + Connectors_create_connector_request_opsgenie: + description: The Opsgenie connector uses the Opsgenie alert API. properties: - anomaly-detector: - type: object - description: >- - If saved objects are missing for anomaly detection jobs, they are - created. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - data-frame-analytics: - type: object - description: >- - If saved objects are missing for data frame analytics jobs, they are - created. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - trained-model: - type: object - description: If saved objects are missing for trained models, they are created. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + config: + $ref: '#/components/schemas/Connectors_config_properties_opsgenie' + connector_type_id: + description: The type of connector. + enum: + - .opsgenie + example: .opsgenie + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_opsgenie' + required: + - config + - connector_type_id + - name + - secrets + title: Create Opsgenie connector request type: object - title: Sync API response for deleted saved objects - description: >- - If saved objects exist for machine learning jobs or trained models that - no longer exist, they are deleted when you run the sync machine learning - saved objects API. + Connectors_create_connector_request_pagerduty: + description: > + The PagerDuty connector uses the v2 Events API to trigger, acknowledge, + and resolve PagerDuty alerts. properties: - anomaly-detector: - type: object - description: >- - If there are saved objects exist for nonexistent anomaly detection - jobs, they are deleted. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - data-frame-analytics: - type: object - description: >- - If there are saved objects exist for nonexistent data frame - analytics jobs, they are deleted. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - trained-model: - type: object - description: >- - If there are saved objects exist for nonexistent trained models, - they are deleted. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - Machine_learning_APIs_mlSyncResponseTrainedModels: + config: + $ref: '#/components/schemas/Connectors_config_properties_pagerduty' + connector_type_id: + description: The type of connector. + enum: + - .pagerduty + example: .pagerduty + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_pagerduty' + required: + - config + - connector_type_id + - name + - secrets + title: Create PagerDuty connector request type: object - title: Sync API response for trained models + Connectors_create_connector_request_resilient: description: >- - The sync machine learning saved objects API response contains this - object when there are trained models affected by the synchronization. - There is an object for each relevant trained model, which contains the - synchronization status. + The IBM Resilient connector uses the RESILIENT REST v2 to create IBM + Resilient incidents. properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - Machine_learning_APIs_mlSync200Response: + config: + $ref: '#/components/schemas/Connectors_config_properties_resilient' + connector_type_id: + description: The type of connector. + enum: + - .resilient + example: .resilient + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_resilient' + required: + - config + - connector_type_id + - name + - secrets + title: Create IBM Resilient connector request type: object - title: Successful sync API response - properties: - datafeedsAdded: - type: object - description: >- - If a saved object for an anomaly detection job is missing a datafeed - identifier, it is added when you run the sync machine learning saved - objects API. - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - datafeedsRemoved: - type: object - description: >- - If a saved object for an anomaly detection job references a datafeed - that no longer exists, it is deleted when you run the sync machine - learning saved objects API. - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - savedObjectsCreated: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated - savedObjectsDeleted: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted - Machine_learning_APIs_mlSync4xxResponse: + Connectors_create_connector_request_sentinelone: + description: > + The SentinelOne connector communicates with SentinelOne Management + Console via REST API. This functionality is in technical preview and may + be changed or removed in a future release. Elastic will work to fix any + issues, but features in technical preview are not subject to the support + SLA of official GA features. + title: Create SentinelOne connector request type: object - title: Unsuccessful sync API response properties: - error: + config: + $ref: '#/components/schemas/Connectors_config_properties_sentinelone' + connector_type_id: + description: The type of connector. + enum: + - .sentinelone + example: .sentinelone + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_sentinelone' + required: + - config + - connector_type_id + - name + - secrets + x-technical-preview: true + Connectors_create_connector_request_serverlog: + description: This connector writes an entry to the Kibana server log. + properties: + connector_type_id: + description: The type of connector. + enum: + - .server-log + example: .server-log type: string - example: Unauthorized - message: + name: + description: The display name for the connector. + example: my-connector type: string - statusCode: - type: integer - example: 401 - Serverless_saved_objects_400_response: - title: Bad request - type: object required: - - error - - message - - statusCode + - connector_type_id + - name + title: Create server log connector request + type: object + Connectors_create_connector_request_servicenow: + description: > + The ServiceNow ITSM connector uses the import set API to create + ServiceNow incidents. You can use the connector for rule actions and + cases. properties: - error: - type: string + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + connector_type_id: + description: The type of connector. enum: - - Bad Request - message: + - .servicenow + example: .servicenow type: string - statusCode: - type: integer - enum: - - 400 - SLOs_indicator_properties_apm_availability: - title: APM availability + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' required: - - type - - params - description: Defines properties for the APM availability indicator type + - config + - connector_type_id + - name + - secrets + title: Create ServiceNow ITSM connector request type: object + Connectors_create_connector_request_servicenow_itom: + description: > + The ServiceNow ITOM connector uses the event API to create ServiceNow + events. You can use the connector for rule actions. properties: - params: - description: An object containing the indicator parameters. - type: object - nullable: false - required: - - service - - environment - - transactionType - - transactionName - - index - properties: - service: - description: The APM service name - type: string - example: o11y-app - environment: - description: The APM service environment or "*" - type: string - example: production - transactionType: - description: The APM transaction type or "*" - type: string - example: request - transactionName: - description: The APM transaction name or "*" - type: string - example: GET /my/api - filter: - description: KQL query used for filtering the data - type: string - example: 'service.foo : "bar"' - index: - description: The index used by APM metrics - type: string - example: metrics-apm*,apm* - type: - description: The type of indicator. + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' + connector_type_id: + description: The type of connector. + enum: + - .servicenow-itom + example: .servicenow-itom type: string - example: sli.apm.transactionDuration - SLOs_filter_meta: - title: FilterMeta - description: Defines properties for a filter + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' + required: + - config + - connector_type_id + - name + - secrets + title: Create ServiceNow ITOM connector request type: object + Connectors_create_connector_request_servicenow_sir: + description: > + The ServiceNow SecOps connector uses the import set API to create + ServiceNow security incidents. You can use the connector for rule + actions and cases. properties: - alias: - type: string - nullable: true - disabled: - type: boolean - negate: - type: boolean - controlledBy: - type: string - group: - type: string - index: - type: string - isMultiIndex: - type: boolean - type: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + connector_type_id: + description: The type of connector. + enum: + - .servicenow-sir + example: .servicenow-sir type: string - key: + name: + description: The display name for the connector. + example: my-connector type: string - params: - type: object - value: + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' + required: + - config + - connector_type_id + - name + - secrets + title: Create ServiceNow SecOps connector request + type: object + Connectors_create_connector_request_slack_api: + description: The Slack connector uses an API method to send Slack messages. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_slack_api' + connector_type_id: + description: The type of connector. + enum: + - .slack_api + example: .slack_api type: string - field: + name: + description: The display name for the connector. + example: my-connector type: string - SLOs_filter: - title: Filter - description: Defines properties for a filter + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_slack_api' + required: + - connector_type_id + - name + - secrets + title: Create Slack connector request type: object + Connectors_create_connector_request_slack_webhook: + description: The Slack connector uses Slack Incoming Webhooks. properties: - query: - type: object - meta: - $ref: '#/components/schemas/SLOs_filter_meta' - SLOs_kql_with_filters: - title: KQL with filters - description: Defines properties for a filter - oneOf: - - description: the KQL query to filter the documents with. - type: string - example: 'field.environment : "production" and service.name : "my-service"' - - type: object - properties: - kqlQuery: - type: string - filters: - type: array - items: - $ref: '#/components/schemas/SLOs_filter' - SLOs_kql_with_filters_good: - title: KQL query for good events - description: The KQL query used to define the good events. - oneOf: - - description: the KQL query to filter the documents with. + connector_type_id: + description: The type of connector. + enum: + - .slack + example: .slack type: string - example: 'request.latency <= 150 and request.status_code : "2xx"' - - type: object - properties: - kqlQuery: - type: string - filters: - type: array - items: - $ref: '#/components/schemas/SLOs_filter' - SLOs_kql_with_filters_total: - title: KQL query for all events - description: The KQL query used to define all events. - oneOf: - - description: the KQL query to filter the documents with. + name: + description: The display name for the connector. + example: my-connector type: string - example: 'field.environment : "production" and service.name : "my-service"' - - type: object - properties: - kqlQuery: - type: string - filters: - type: array - items: - $ref: '#/components/schemas/SLOs_filter' - SLOs_indicator_properties_custom_kql: - title: Custom Query - required: - - type - - params - description: Defines properties for a custom query indicator type + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_slack_webhook' + required: + - connector_type_id + - name + - secrets + title: Create Slack connector request type: object + Connectors_create_connector_request_swimlane: + description: >- + The Swimlane connector uses the Swimlane REST API to create Swimlane + records. properties: - params: - description: An object containing the indicator parameters. - type: object - nullable: false - required: - - index - - timestampField - - good - - total - properties: - index: - description: The index or index pattern to use - type: string - example: my-service-* - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - type: string - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - filter: - $ref: '#/components/schemas/SLOs_kql_with_filters' - good: - $ref: '#/components/schemas/SLOs_kql_with_filters_good' - total: - $ref: '#/components/schemas/SLOs_kql_with_filters_total' - timestampField: - description: | - The timestamp field used in the source indice. - type: string - example: timestamp - type: - description: The type of indicator. + config: + $ref: '#/components/schemas/Connectors_config_properties_swimlane' + connector_type_id: + description: The type of connector. + enum: + - .swimlane + example: .swimlane type: string - example: sli.kql.custom - SLOs_indicator_properties_apm_latency: - title: APM latency + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_swimlane' required: - - type - - params - description: Defines properties for the APM latency indicator type + - config + - connector_type_id + - name + - secrets + title: Create Swimlane connector request type: object + Connectors_create_connector_request_teams: + description: The Microsoft Teams connector uses Incoming Webhooks. properties: - params: - description: An object containing the indicator parameters. - type: object - nullable: false - required: - - service - - environment - - transactionType - - transactionName - - index - - threshold - properties: - service: - description: The APM service name - type: string - example: o11y-app - environment: - description: The APM service environment or "*" - type: string - example: production - transactionType: - description: The APM transaction type or "*" - type: string - example: request - transactionName: - description: The APM transaction name or "*" - type: string - example: GET /my/api - filter: - description: KQL query used for filtering the data - type: string - example: 'service.foo : "bar"' - index: - description: The index used by APM metrics - type: string - example: metrics-apm*,apm* - threshold: - description: The latency threshold in milliseconds - type: number - example: 250 - type: - description: The type of indicator. + connector_type_id: + description: The type of connector. + enum: + - .teams + example: .teams type: string - example: sli.apm.transactionDuration - SLOs_indicator_properties_custom_metric: - title: Custom metric + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_teams' required: - - type - - params - description: Defines properties for a custom metric indicator type + - connector_type_id + - name + - secrets + title: Create Microsoft Teams connector request type: object - properties: - params: - description: An object containing the indicator parameters. - type: object - nullable: false - required: - - index - - timestampField - - good - - total - properties: - index: - description: The index or index pattern to use - type: string - example: my-service-* - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - type: string - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - filter: - description: the KQL query to filter the documents with. - type: string - example: 'field.environment : "production" and service.name : "my-service"' - timestampField: - description: | - The timestamp field used in the source indice. - type: string - example: timestamp - good: - description: | - An object defining the "good" metrics and equation - type: object - required: - - metrics - - equation - properties: - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - type: array - items: - type: object - required: - - name - - aggregation - - field - properties: - name: - description: The name of the metric. Only valid options are A-Z - type: string - example: A - pattern: ^[A-Z]$ - aggregation: - description: >- - The aggregation type of the metric. Only valid option - is "sum" - type: string - example: sum - enum: - - sum - field: - description: The field of the metric. - type: string - example: processor.processed - filter: - description: The filter to apply to the metric. - type: string - example: 'processor.outcome: "success"' - equation: - description: The equation to calculate the "good" metric. - type: string - example: A - total: - description: | - An object defining the "total" metrics and equation - type: object - required: - - metrics - - equation - properties: - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - type: array - items: - type: object - required: - - name - - aggregation - - field - properties: - name: - description: The name of the metric. Only valid options are A-Z - type: string - example: A - pattern: ^[A-Z]$ - aggregation: - description: >- - The aggregation type of the metric. Only valid option - is "sum" - type: string - example: sum - enum: - - sum - field: - description: The field of the metric. - type: string - example: processor.processed - filter: - description: The filter to apply to the metric. - type: string - example: 'processor.outcome: *' - equation: - description: The equation to calculate the "total" metric. - type: string - example: A - type: - description: The type of indicator. + Connectors_create_connector_request_tines: + description: > + The Tines connector uses Tines Webhook actions to send events via POST + request. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_tines' + connector_type_id: + description: The type of connector. + enum: + - .tines + example: .tines type: string - example: sli.metric.custom - SLOs_indicator_properties_histogram: - title: Histogram indicator + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_tines' required: - - type - - params - description: Defines properties for a histogram indicator type + - config + - connector_type_id + - name + - secrets + title: Create Tines connector request type: object + Connectors_create_connector_request_torq: + description: > + The Torq connector uses a Torq webhook to trigger workflows with Kibana + actions. properties: - params: - description: An object containing the indicator parameters. - type: object - nullable: false - required: - - index - - timestampField - - good - - total - properties: - index: - description: The index or index pattern to use - type: string - example: my-service-* - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - type: string - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - filter: - description: the KQL query to filter the documents with. - type: string - example: 'field.environment : "production" and service.name : "my-service"' - timestampField: - description: | - The timestamp field used in the source indice. - type: string - example: timestamp - good: - description: | - An object defining the "good" events - type: object - required: - - aggregation - - field - properties: - field: - description: The field use to aggregate the good events. - type: string - example: processor.latency - aggregation: - description: The type of aggregation to use. - type: string - example: value_count - enum: - - value_count - - range - filter: - description: The filter for good events. - type: string - example: 'processor.outcome: "success"' - from: - description: >- - The starting value of the range. Only required for "range" - aggregations. - type: number - example: 0 - to: - description: >- - The ending value of the range. Only required for "range" - aggregations. - type: number - example: 100 - total: - description: | - An object defining the "total" events - type: object - required: - - aggregation - - field - properties: - field: - description: The field use to aggregate the good events. - type: string - example: processor.latency - aggregation: - description: The type of aggregation to use. - type: string - example: value_count - enum: - - value_count - - range - filter: - description: The filter for total events. - type: string - example: 'processor.outcome : *' - from: - description: >- - The starting value of the range. Only required for "range" - aggregations. - type: number - example: 0 - to: - description: >- - The ending value of the range. Only required for "range" - aggregations. - type: number - example: 100 - type: - description: The type of indicator. + config: + $ref: '#/components/schemas/Connectors_config_properties_torq' + connector_type_id: + description: The type of connector. + enum: + - .torq + example: .torq type: string - example: sli.histogram.custom - SLOs_timeslice_metric_basic_metric_with_field: - title: Timeslice Metric Basic Metric with Field + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_torq' required: + - config + - connector_type_id - name - - aggregation - - field + - secrets + title: Create Torq connector request type: object + Connectors_create_connector_request_webhook: + description: > + The Webhook connector uses axios to send a POST or PUT request to a web + service. properties: - name: - description: The name of the metric. Only valid options are A-Z + config: + $ref: '#/components/schemas/Connectors_config_properties_webhook' + connector_type_id: + description: The type of connector. + enum: + - .webhook + example: .webhook type: string - example: A - pattern: ^[A-Z]$ - aggregation: - description: The aggregation type of the metric. + name: + description: The display name for the connector. + example: my-connector type: string - example: sum + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_webhook' + required: + - config + - connector_type_id + - name + - secrets + title: Create Webhook connector request + type: object + Connectors_create_connector_request_xmatters: + description: > + The xMatters connector uses the xMatters Workflow for Elastic to send + actionable alerts to on-call xMatters resources. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_xmatters' + connector_type_id: + description: The type of connector. enum: - - sum - - avg - - min - - max - - std_deviation - - last_value - - cardinality - field: - description: The field of the metric. + - .xmatters + example: .xmatters + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_xmatters' + required: + - config + - connector_type_id + - name + - secrets + title: Create xMatters connector request + type: object + Connectors_features: + description: | + The feature that uses the connector. + enum: + - alerting + - cases + - generativeAIForSecurity + - generativeAIForObservability + - generativeAIForSearchPlayground + - siem + - uptime + type: string + Connectors_is_deprecated: + description: Indicates whether the connector type is deprecated. + example: false + type: boolean + Connectors_is_missing_secrets: + description: >- + Indicates whether secrets are missing for the connector. Secrets + configuration properties vary depending on the connector type. + example: false + type: boolean + Connectors_is_preconfigured: + description: > + Indicates whether it is a preconfigured connector. If true, the `config` + and `is_missing_secrets` properties are omitted from the response. + example: false + type: boolean + Connectors_is_system_action: + description: Indicates whether the connector is used for system actions. + example: false + type: boolean + Connectors_referenced_by_count: + description: > + Indicates the number of saved objects that reference the connector. If + `is_preconfigured` is true, this value is not calculated. This property + is returned only by the get all connectors API. + example: 2 + type: integer + Connectors_secrets_properties_bedrock: + description: Defines secrets for connectors when type is `.bedrock`. + properties: + accessKey: + description: The AWS access key for authentication. type: string - example: processor.processed - filter: - description: The filter to apply to the metric. + secret: + description: The AWS secret for authentication. type: string - example: 'processor.outcome: "success"' - SLOs_timeslice_metric_percentile_metric: - title: Timeslice Metric Percentile Metric required: - - name - - aggregation - - field - - percentile + - accessKey + - secret + title: Connector secrets properties for an Amazon Bedrock connector + type: object + Connectors_secrets_properties_cases_webhook: + title: Connector secrets properties for Webhook - Case Management connector type: object properties: - name: - description: The name of the metric. Only valid options are A-Z - type: string - example: A - pattern: ^[A-Z]$ - aggregation: + password: description: >- - The aggregation type of the metric. Only valid option is - "percentile" + The password for HTTP basic authentication. If `hasAuth` is set to + `true`, this property is required. type: string - example: percentile - enum: - - percentile - field: - description: The field of the metric. + user: + description: >- + The username for HTTP basic authentication. If `hasAuth` is set to + `true`, this property is required. type: string - example: processor.processed - percentile: - description: The percentile value. - type: number - example: 95 - filter: - description: The filter to apply to the metric. + Connectors_secrets_properties_d3security: + description: Defines secrets for connectors when type is `.d3security`. + type: object + properties: + token: + description: The D3 Security token. type: string - example: 'processor.outcome: "success"' - SLOs_timeslice_metric_doc_count_metric: - title: Timeslice Metric Doc Count Metric required: - - name - - aggregation - type: object + - token + title: Connector secrets properties for a D3 Security connector + Connectors_secrets_properties_email: + description: Defines secrets for connectors when type is `.email`. properties: - name: - description: The name of the metric. Only valid options are A-Z + clientSecret: + description: > + The Microsoft Exchange Client secret for OAuth 2.0 client + credentials authentication. It must be URL-encoded. If `service` is + `exchange_server`, this property is required. type: string - example: A - pattern: ^[A-Z]$ - aggregation: - description: The aggregation type of the metric. Only valid option is "doc_count" + password: + description: > + The password for HTTP basic authentication. If `hasAuth` is set to + `true`, this property is required. type: string - example: doc_count - enum: - - doc_count - filter: - description: The filter to apply to the metric. + user: + description: > + The username for HTTP basic authentication. If `hasAuth` is set to + `true`, this property is required. type: string - example: 'processor.outcome: "success"' - SLOs_indicator_properties_timeslice_metric: - title: Timeslice metric - required: - - type - - params - description: Defines properties for a timeslice metric indicator type + title: Connector secrets properties for an email connector type: object + Connectors_secrets_properties_gemini: + description: Defines secrets for connectors when type is `.gemini`. properties: - params: - description: An object containing the indicator parameters. - type: object - nullable: false - required: - - index - - timestampField - - metric - properties: - index: - description: The index or index pattern to use - type: string - example: my-service-* - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - type: string - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - filter: - description: the KQL query to filter the documents with. - type: string - example: 'field.environment : "production" and service.name : "my-service"' - timestampField: - description: | - The timestamp field used in the source indice. - type: string - example: timestamp - metric: - description: > - An object defining the metrics, equation, and threshold to - determine if it's a good slice or not - type: object - required: - - metrics - - equation - - comparator - - threshold - properties: - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - type: array - items: - anyOf: - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_percentile_metric - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_doc_count_metric - equation: - description: The equation to calculate the metric. - type: string - example: A - comparator: - description: >- - The comparator to use to compare the equation to the - threshold. - type: string - example: GT - enum: - - GT - - GTE - - LT - - LTE - threshold: - description: >- - The threshold used to determine if the metric is a good - slice or not. - type: number - example: 100 - type: - description: The type of indicator. + credentialsJSON: + description: >- + The service account credentials JSON file. The service account + should have Vertex AI user IAM role assigned to it. type: string - example: sli.metric.timeslice - SLOs_time_window: - title: Time window required: - - duration - - type - description: Defines properties for the SLO time window + - credentialsJSON + title: Connector secrets properties for a Google Gemini connector type: object + Connectors_secrets_properties_genai: + description: Defines secrets for connectors when type is `.gen-ai`. properties: - duration: - description: >- - the duration formatted as {duration}{unit}. Accepted values for - rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w - (weekly) or 1M (monthly) - type: string - example: 30d - type: - description: >- - Indicates weither the time window is a rolling or a calendar aligned - time window. + apiKey: + description: The OpenAI API key. type: string - example: rolling - enum: - - rolling - - calendarAligned - SLOs_budgeting_method: - title: Budgeting method - type: string - description: The budgeting method to use when computing the rollup data. - enum: - - occurrences - - timeslices - example: occurrences - SLOs_objective: - title: Objective - required: - - target - description: Defines properties for the SLO objective + title: Connector secrets properties for an OpenAI connector + type: object + Connectors_secrets_properties_jira: + description: Defines secrets for connectors when type is `.jira`. type: object properties: - target: - description: the target objective between 0 and 1 excluded - type: number - minimum: 0 - maximum: 100 - exclusiveMinimum: true - exclusiveMaximum: true - example: 0.99 - timesliceTarget: - description: >- - the target objective for each slice when using a timeslices - budgeting method - type: number - minimum: 0 - maximum: 100 - example: 0.995 - timesliceWindow: - description: >- - the duration of each slice when using a timeslices budgeting method, - as {duraton}{unit} + apiToken: + description: The Jira API authentication token for HTTP basic authentication. type: string - example: 5m - SLOs_settings: - title: Settings - description: Defines properties for SLO settings. + email: + description: The account email for HTTP Basic authentication. + type: string + required: + - apiToken + - email + title: Connector secrets properties for a Jira connector + Connectors_secrets_properties_opsgenie: + description: Defines secrets for connectors when type is `.opsgenie`. type: object properties: - syncDelay: - description: The synch delay to apply to the transform. Default 1m - type: string - default: 1m - example: 5m - frequency: - description: Configure how often the transform runs, default 1m + apiKey: + description: The Opsgenie API authentication key for HTTP Basic authentication. type: string - default: 1m - example: 5m - preventInitialBackfill: - description: Prevents the transform from backfilling data when it starts. - type: boolean - default: false - example: true - SLOs_summary_status: - title: summary status - type: string - enum: - - NO_DATA - - HEALTHY - - DEGRADING - - VIOLATED - example: HEALTHY - SLOs_error_budget: - title: Error budget - type: object required: - - initial - - consumed - - remaining - - isEstimated + - apiKey + title: Connector secrets properties for an Opsgenie connector + Connectors_secrets_properties_pagerduty: + description: Defines secrets for connectors when type is `.pagerduty`. properties: - initial: - type: number - description: The initial error budget, as 1 - objective - example: 0.02 - consumed: - type: number - description: The error budget consummed, as a percentage of the initial value. - example: 0.8 - remaining: - type: number - description: The error budget remaining, as a percentage of the initial value. - example: 0.2 - isEstimated: - type: boolean - description: >- - Only for SLO defined with occurrences budgeting method and calendar - aligned time window. - example: true - SLOs_summary: - title: Summary - type: object - description: The SLO computed data + routingKey: + description: > + A 32 character PagerDuty Integration Key for an integration on a + service. + type: string required: - - status - - sliValue - - errorBudget - properties: - status: - $ref: '#/components/schemas/SLOs_summary_status' - sliValue: - type: number - example: 0.9836 - errorBudget: - $ref: '#/components/schemas/SLOs_error_budget' - SLOs_slo_with_summary_response: - title: SLO response + - routingKey + title: Connector secrets properties for a PagerDuty connector + type: object + Connectors_secrets_properties_resilient: + description: Defines secrets for connectors when type is `.resilient`. type: object - required: - - id - - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective - - settings - - revision - - summary - - enabled - - groupBy - - instanceId - - tags - - createdAt - - updatedAt - - version properties: - id: - description: The identifier of the SLO. + apiKeyId: + description: The authentication key ID for HTTP Basic authentication. type: string - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - name: - description: The name of the SLO. + apiKeySecret: + description: The authentication key secret for HTTP Basic authentication. type: string - example: My Service SLO - description: - description: The description of the SLO. + required: + - apiKeyId + - apiKeySecret + title: Connector secrets properties for IBM Resilient connector + Connectors_secrets_properties_sentinelone: + description: Defines secrets for connectors when type is `.sentinelone`. + properties: + token: + description: The A SentinelOne API token. type: string - example: My SLO description - indicator: - discriminator: - propertyName: type - mapping: - sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' - sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' - sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' - sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' - sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' - sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - objective: - $ref: '#/components/schemas/SLOs_objective' - settings: - $ref: '#/components/schemas/SLOs_settings' - revision: - description: The SLO revision - type: number - example: 2 - summary: - $ref: '#/components/schemas/SLOs_summary' - enabled: - description: Indicate if the SLO is enabled - type: boolean - example: true - groupBy: - description: optional group by field to use to generate an SLO per distinct value + required: + - token + title: Connector secrets properties for a SentinelOne connector + type: object + Connectors_secrets_properties_servicenow: + description: >- + Defines secrets for connectors when type is `.servicenow`, + `.servicenow-sir`, or `.servicenow-itom`. + properties: + clientSecret: + description: >- + The client secret assigned to your OAuth application. This property + is required when `isOAuth` is `true`. type: string - example: some.field - instanceId: - description: the value derived from the groupBy field, if present, otherwise '*' + password: + description: >- + The password for HTTP basic authentication. This property is + required when `isOAuth` is `false`. type: string - example: host-abcde - tags: - description: List of tags - type: array - items: - type: string - createdAt: - description: The creation date + privateKey: + description: >- + The RSA private key that you created for use in ServiceNow. This + property is required when `isOAuth` is `true`. type: string - example: '2023-01-12T10:03:19.000Z' - updatedAt: - description: The last update date + privateKeyPassword: + description: >- + The password for the RSA private key. This property is required when + `isOAuth` is `true` and you set a password on your private key. type: string - example: '2023-01-12T10:03:19.000Z' - version: - description: The internal SLO version - type: number - example: 2 - SLOs_find_slo_response: - title: Find SLO response - description: | - A paginated response of SLOs matching the query. + username: + description: >- + The username for HTTP basic authentication. This property is + required when `isOAuth` is `false`. + type: string + title: >- + Connector secrets properties for ServiceNow ITOM, ServiceNow ITSM, and + ServiceNow SecOps connectors type: object - properties: - page: - type: number - example: 1 - perPage: - type: number - example: 25 - total: - type: number - example: 34 - results: - type: array - items: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - SLOs_400_response: - title: Bad request + Connectors_secrets_properties_slack_api: + description: Defines secrets for connectors when type is `.slack`. type: object + properties: + token: + description: Slack bot user OAuth token. + type: string required: - - statusCode - - error - - message + - token + title: Connector secrets properties for a Web API Slack connector + Connectors_secrets_properties_slack_webhook: + description: Defines secrets for connectors when type is `.slack`. + type: object properties: - statusCode: - type: number - example: 400 - error: + webhookUrl: + description: Slack webhook url. type: string - example: Bad Request - message: + required: + - webhookUrl + title: Connector secrets properties for a Webhook Slack connector + Connectors_secrets_properties_swimlane: + description: Defines secrets for connectors when type is `.swimlane`. + properties: + apiToken: + description: Swimlane API authentication token. type: string - example: 'Invalid value ''foo'' supplied to: [...]' - SLOs_401_response: - title: Unauthorized + title: Connector secrets properties for a Swimlane connector type: object + Connectors_secrets_properties_teams: + description: Defines secrets for connectors when type is `.teams`. + properties: + webhookUrl: + description: > + The URL of the incoming webhook. If you are using the + `xpack.actions.allowedHosts` setting, add the hostname to the + allowed hosts. + type: string required: - - statusCode - - error - - message + - webhookUrl + title: Connector secrets properties for a Microsoft Teams connector + type: object + Connectors_secrets_properties_tines: + description: Defines secrets for connectors when type is `.tines`. properties: - statusCode: - type: number - example: 401 - error: + email: + description: The email used to sign in to Tines. type: string - example: Unauthorized - message: + token: + description: The Tines API token. type: string - example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" - SLOs_403_response: - title: Unauthorized + required: + - email + - token + title: Connector secrets properties for a Tines connector type: object + Connectors_secrets_properties_torq: + description: Defines secrets for connectors when type is `.torq`. + properties: + token: + description: The secret of the webhook authentication header. + type: string required: - - statusCode - - error - - message + - token + title: Connector secrets properties for a Torq connector + type: object + Connectors_secrets_properties_webhook: + description: Defines secrets for connectors when type is `.webhook`. properties: - statusCode: - type: number - example: 403 - error: + crt: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT + file. type: string - example: Unauthorized - message: + key: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-crt-key`, it is a base64 encoded version of the KEY file. type: string - example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" - SLOs_404_response: - title: Not found + password: + description: > + The password for HTTP basic authentication or the passphrase for the + SSL certificate files. If `hasAuth` is set to `true` and `authType` + is `webhook-authentication-basic`, this property is required. + type: string + pfx: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. + type: string + user: + description: > + The username for HTTP basic authentication. If `hasAuth` is set to + `true` and `authType` is `webhook-authentication-basic`, this + property is required. + type: string + title: Connector secrets properties for a Webhook connector type: object - required: - - statusCode - - error - - message + Connectors_secrets_properties_xmatters: + description: Defines secrets for connectors when type is `.xmatters`. properties: - statusCode: - type: number - example: 404 - error: + password: + description: > + A user name for HTTP basic authentication. It is applicable only + when `usesBasic` is `true`. type: string - example: Not Found - message: + secretsUrl: + description: > + The request URL for the Elastic Alerts trigger in xMatters with the + API key included in the URL. It is applicable only when `usesBasic` + is `false`. type: string - example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found - SLOs_create_slo_request: - title: Create SLO request - description: > - The create SLO API request body varies depending on the type of - indicator, time window and budgeting method. + user: + description: > + A password for HTTP basic authentication. It is applicable only when + `usesBasic` is `true`. + type: string + title: Connector secrets properties for an xMatters connector + type: object + Connectors_update_connector_request: + description: The properties vary depending on the connector type. + oneOf: + - $ref: '#/components/schemas/Connectors_update_connector_request_bedrock' + - $ref: '#/components/schemas/Connectors_update_connector_request_gemini' + - $ref: >- + #/components/schemas/Connectors_update_connector_request_cases_webhook + - $ref: '#/components/schemas/Connectors_update_connector_request_d3security' + - $ref: '#/components/schemas/Connectors_update_connector_request_email' + - $ref: '#/components/schemas/Connectors_create_connector_request_genai' + - $ref: '#/components/schemas/Connectors_update_connector_request_index' + - $ref: '#/components/schemas/Connectors_update_connector_request_jira' + - $ref: '#/components/schemas/Connectors_update_connector_request_opsgenie' + - $ref: '#/components/schemas/Connectors_update_connector_request_pagerduty' + - $ref: '#/components/schemas/Connectors_update_connector_request_resilient' + - $ref: '#/components/schemas/Connectors_update_connector_request_sentinelone' + - $ref: '#/components/schemas/Connectors_update_connector_request_serverlog' + - $ref: '#/components/schemas/Connectors_update_connector_request_servicenow' + - $ref: >- + #/components/schemas/Connectors_update_connector_request_servicenow_itom + - $ref: '#/components/schemas/Connectors_update_connector_request_slack_api' + - $ref: >- + #/components/schemas/Connectors_update_connector_request_slack_webhook + - $ref: '#/components/schemas/Connectors_update_connector_request_swimlane' + - $ref: '#/components/schemas/Connectors_update_connector_request_teams' + - $ref: '#/components/schemas/Connectors_update_connector_request_tines' + - $ref: '#/components/schemas/Connectors_update_connector_request_torq' + - $ref: '#/components/schemas/Connectors_update_connector_request_webhook' + - $ref: '#/components/schemas/Connectors_update_connector_request_xmatters' + title: Update connector request body properties + Connectors_update_connector_request_bedrock: + title: Update Amazon Bedrock connector request type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_bedrock' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_bedrock' required: + - config - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective + Connectors_update_connector_request_cases_webhook: + title: Update Webhook - Case Managment connector request + type: object properties: - id: - description: >- - A optional and unique identifier for the SLO. Must be between 8 and - 36 chars + config: + $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' + name: + description: The display name for the connector. + example: my-connector type: string - example: my-super-slo-id + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_cases_webhook' + required: + - config + - name + Connectors_update_connector_request_d3security: + title: Update D3 Security connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_d3security' name: - description: A name for the SLO. + description: The display name for the connector. type: string - description: - description: A description for the SLO. + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_d3security' + required: + - config + - name + - secrets + Connectors_update_connector_request_email: + title: Update email connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_email' + name: + description: The display name for the connector. type: string - indicator: - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - objective: - $ref: '#/components/schemas/SLOs_objective' - settings: - $ref: '#/components/schemas/SLOs_settings' - groupBy: - description: optional group by field to use to generate an SLO per distinct value + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_email' + required: + - config + - name + Connectors_update_connector_request_gemini: + title: Update Google Gemini connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_gemini' + name: + description: The display name for the connector. type: string - example: some.field - tags: - description: List of tags - type: array - items: - type: string - SLOs_create_slo_response: - title: Create SLO response + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_gemini' + required: + - config + - name + Connectors_update_connector_request_index: + title: Update index connector request type: object - required: - - id properties: - id: + config: + $ref: '#/components/schemas/Connectors_config_properties_index' + name: + description: The display name for the connector. type: string - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - SLOs_409_response: - title: Conflict - type: object required: - - statusCode - - error - - message + - config + - name + Connectors_update_connector_request_jira: + title: Update Jira connector request + type: object properties: - statusCode: - type: number - example: 409 - error: - type: string - example: Conflict - message: + config: + $ref: '#/components/schemas/Connectors_config_properties_jira' + name: + description: The display name for the connector. type: string - example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists - SLOs_update_slo_request: - title: Update SLO request - description: > - The update SLO API request body varies depending on the type of - indicator, time window and budgeting method. Partial update is handled. + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_jira' + required: + - config + - name + - secrets + Connectors_update_connector_request_opsgenie: + title: Update Opsgenie connector request type: object properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_opsgenie' name: - description: A name for the SLO. - type: string - description: - description: A description for the SLO. + description: The display name for the connector. type: string - indicator: - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - objective: - $ref: '#/components/schemas/SLOs_objective' - settings: - $ref: '#/components/schemas/SLOs_settings' - tags: - description: List of tags - type: array - items: - type: string - SLOs_slo_definition_response: - title: SLO definition response - type: object + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_opsgenie' required: - - id + - config - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective - - settings - - revision - - enabled - - groupBy - - tags - - createdAt - - updatedAt - - version + - secrets + Connectors_update_connector_request_pagerduty: + title: Update PagerDuty connector request + type: object properties: - id: - description: The identifier of the SLO. - type: string - example: 8853df00-ae2e-11ed-90af-09bb6422b258 + config: + $ref: '#/components/schemas/Connectors_config_properties_pagerduty' name: - description: The name of the SLO. - type: string - example: My Service SLO - description: - description: The description of the SLO. - type: string - example: My SLO description - indicator: - discriminator: - propertyName: type - mapping: - sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' - sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' - sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' - sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' - sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' - sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - objective: - $ref: '#/components/schemas/SLOs_objective' - settings: - $ref: '#/components/schemas/SLOs_settings' - revision: - description: The SLO revision - type: number - example: 2 - enabled: - description: Indicate if the SLO is enabled - type: boolean - example: true - groupBy: - description: optional group by field to use to generate an SLO per distinct value - type: string - example: some.field - tags: - description: List of tags - type: array - items: - type: string - createdAt: - description: The creation date + description: The display name for the connector. type: string - example: '2023-01-12T10:03:19.000Z' - updatedAt: - description: The last update date + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_pagerduty' + required: + - config + - name + - secrets + Connectors_update_connector_request_resilient: + title: Update IBM Resilient connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_resilient' + name: + description: The display name for the connector. type: string - example: '2023-01-12T10:03:19.000Z' - version: - description: The internal SLO version - type: number - example: 2 - SLOs_delete_slo_instances_request: - title: Delete SLO instances request - description: > - The delete SLO instances request takes a list of SLO id and instance id, - then delete the rollup and summary data. This API can be used to remove - the staled data of an instance SLO that no longer get updated. + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_resilient' + required: + - config + - name + - secrets + Connectors_update_connector_request_sentinelone: + title: Update SentinelOne connector request type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_sentinelone' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_sentinelone' required: - - list + - config + - name + - secrets + Connectors_update_connector_request_serverlog: + title: Update server log connector request + type: object properties: - list: - description: An array of slo id and instance id - type: array - items: - type: object - required: - - sloId - - instanceId - properties: - sloId: - description: The SLO unique identifier - type: string - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - instanceId: - description: The SLO instance identifier - type: string - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - Kibana_HTTP_APIs_core_status_redactedResponse: - additionalProperties: false - description: A minimal representation of Kibana's operational status. + name: + description: The display name for the connector. + type: string + required: + - name + Connectors_update_connector_request_servicenow: + title: Update ServiceNow ITSM connector or ServiceNow SecOps request + type: object properties: - status: - additionalProperties: false - properties: - overall: - additionalProperties: false - properties: - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - required: - - level - type: object - required: - - overall - type: object + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' required: - - status + - config + - name + - secrets + Connectors_update_connector_request_servicenow_itom: + title: Create ServiceNow ITOM connector request type: object - Kibana_HTTP_APIs_core_status_response: - additionalProperties: false - description: >- - Kibana's operational status as well as a detailed breakdown of plugin - statuses indication of various loads (like event loop utilization and - network traffic) at time of request. properties: - metrics: - additionalProperties: false - description: Metric groups collected by Kibana. - properties: - collection_interval_in_millis: - description: The interval at which metrics should be collected. - type: number - elasticsearch_client: - additionalProperties: false - description: Current network metrics of Kibana's Elasticsearch client. - properties: - totalActiveSockets: - description: Count of network sockets currently in use. - type: number - totalIdleSockets: - description: Count of network sockets currently idle. - type: number - totalQueuedRequests: - description: Count of requests not yet assigned to sockets. - type: number - required: - - totalActiveSockets - - totalIdleSockets - - totalQueuedRequests - type: object - last_updated: - description: The time metrics were collected. - type: string - required: - - elasticsearch_client - - last_updated - - collection_interval_in_millis - type: object + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' name: - description: Kibana instance name. - type: string - status: - additionalProperties: false - properties: - core: - additionalProperties: false - description: Statuses of core Kibana services. - properties: - elasticsearch: - additionalProperties: false - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - type: object - savedObjects: - additionalProperties: false - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - type: object - required: - - elasticsearch - - savedObjects - type: object - overall: - additionalProperties: false - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - type: object - plugins: - additionalProperties: - additionalProperties: false - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - type: object - description: A dynamic mapping of plugin ID to plugin status. - type: object - required: - - overall - - core - - plugins - type: object - uuid: - description: >- - Unique, generated Kibana instance UUID. This UUID should persist - even if the Kibana process restarts. + description: The display name for the connector. type: string - version: - additionalProperties: false - properties: - build_date: - description: The date and time of this build. - type: string - build_flavor: - description: >- - The build flavour determines configuration and behavior of - Kibana. On premise users will almost always run the - "traditional" flavour, while other flavours are reserved for - Elastic-specific use cases. - enum: - - serverless - - traditional - type: string - build_hash: - description: >- - A unique hash value representing the git commit of this Kibana - build. - type: string - build_number: - description: >- - A monotonically increasing number, each subsequent build will - have a higher number. - type: number - build_snapshot: - description: Whether this build is a snapshot build. - type: boolean - number: - description: A semantic version number. - type: string - required: - - number - - build_hash - - build_number - - build_snapshot - - build_flavor - - build_date - type: object + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' + required: + - config + - name + - secrets + Connectors_update_connector_request_slack_api: + title: Update Slack connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_slack_api' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_slack_api' required: - name - - uuid - - version - - status - - metrics + - secrets + Connectors_update_connector_request_slack_webhook: + title: Update Slack connector request type: object - examples: - Connectors_create_email_connector_request: - summary: Create an email connector. - value: - name: email-connector-1 - connector_type_id: .email - config: - from: tester@example.com - hasAuth: true - host: https://example.com - port: 1025 - secure: false - service: other + properties: + name: + description: The display name for the connector. + type: string secrets: - user: username - password: password - Connectors_create_index_connector_request: - summary: Create an index connector. - value: - name: my-connector - connector_type_id: .index - config: - index: test-index - Connectors_create_webhook_connector_request: - summary: Create a webhook connector with SSL authentication. - value: - name: my-webhook-connector - connector_type_id: .webhook + $ref: '#/components/schemas/Connectors_secrets_properties_slack_webhook' + required: + - name + - secrets + Connectors_update_connector_request_swimlane: + title: Update Swimlane connector request + type: object + properties: config: - method: post - url: https://example.com - authType: webhook-authentication-ssl - certType: ssl-crt-key + $ref: '#/components/schemas/Connectors_config_properties_swimlane' + name: + description: The display name for the connector. + example: my-connector + type: string secrets: - crt: QmFnIEF0dH... - key: LS0tLS1CRUdJ... - password: my-passphrase - Connectors_create_xmatters_connector_request: - summary: Create an xMatters connector with URL authentication. - value: - name: my-xmatters-connector - connector_type_id: .xmatters - config: - usesBasic: false + $ref: '#/components/schemas/Connectors_secrets_properties_swimlane' + required: + - config + - name + - secrets + Connectors_update_connector_request_teams: + title: Update Microsoft Teams connector request + type: object + properties: + name: + description: The display name for the connector. + type: string secrets: - secretsUrl: https://example.com?apiKey=xxxxx - Connectors_create_email_connector_response: - summary: A new email connector. - value: - id: 90a82c60-478f-11ee-a343-f98a117c727f - connector_type_id: .email - name: email-connector-1 - config: - from: tester@example.com - service: other - host: https://example.com - port: 1025 - secure: false - hasAuth: true - tenantId: null - clientId: null - oauthTokenUrl: null - is_preconfigured: false - is_deprecated: false - is_missing_secrets: false - is_system_action: false - Connectors_create_index_connector_response: - summary: A new index connector. - value: - id: c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad - connector_type_id: .index - name: my-connector - config: - index: test-index - refresh: false - executionTimeField: null - is_preconfigured: false - is_deprecated: false - is_missing_secrets: false - is_system_action: false - Connectors_create_webhook_connector_response: - summary: A new webhook connector. - value: - id: 900eb010-3b9d-11ee-a642-8ffbb94e38bd - name: my-webhook-connector - config: - method: post - url: https://example.com - authType: webhook-authentication-ssl - certType: ssl-crt-key - verificationMode: full - headers: null - hasAuth: true - connector_type_id: .webhook - is_preconfigured: false - is_deprecated: false - is_missing_secrets: false - is_system_action: false - Connectors_create_xmatters_connector_response: - summary: A new xMatters connector. - value: - id: 4d2d8da0-4d1f-11ee-9367-577408be4681 - name: my-xmatters-connector - config: - usesBasic: false - configUrl: null - connector_type_id: .xmatters - is_preconfigured: false - is_deprecated: false - is_missing_secrets: false - is_system_action: false - Connectors_get_connector_response: - summary: Get connector details. - value: - id: df770e30-8b8b-11ed-a780-3b746c987a81 - name: my_server_log_connector - config: {} - connector_type_id: .server-log - is_preconfigured: false - is_deprecated: false - is_missing_secrets: false - is_system_action: false - Connectors_update_index_connector_request: - summary: Update an index connector. - value: - name: updated-connector + $ref: '#/components/schemas/Connectors_secrets_properties_teams' + required: + - name + - secrets + Connectors_update_connector_request_tines: + title: Update Tines connector request + type: object + properties: config: - index: updated-index - Connectors_get_connectors_response: - summary: A list of connectors - value: - - id: preconfigured-email-connector - name: my-preconfigured-email-notification - connector_type_id: .email - is_preconfigured: true - is_deprecated: false - referenced_by_count: 0 - is_system_action: false - - id: e07d0c80-8b8b-11ed-a780-3b746c987a81 - name: my-index-connector - config: - index: test-index - refresh: false - executionTimeField: null - connector_type_id: .index - is_preconfigured: false - is_deprecated: false - referenced_by_count: 2 - is_missing_secrets: false - is_system_action: false - Connectors_get_connector_types_generativeai_response: - summary: A list of connector types for the `generativeAI` feature. - value: - - id: .gen-ai - name: OpenAI - enabled: true - enabled_in_config: true - enabled_in_license: true - minimum_license_required: enterprise - supported_feature_ids: - - generativeAIForSecurity - - generativeAIForObservability - - generativeAIForSearchPlayground - is_system_action_type: false - - id: .bedrock - name: AWS Bedrock - enabled: true - enabled_in_config: true - enabled_in_license: true - minimum_license_required: enterprise - supported_feature_ids: - - generativeAIForSecurity - - generativeAIForObservability - - generativeAIForSearchPlayground - is_system_action_type: false - - id: .gemini - name: Google Gemini - enabled: true - enabled_in_config: true - enabled_in_license: true - minimum_license_required: enterprise - supported_feature_ids: - - generativeAIForSecurity - is_system_action_type: false - Data_views_get_data_views_response: - summary: The get all data views API returns a list of data views. - value: - data_view: - - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - namespaces: - - default - title: kibana_sample_data_ecommerce - typeMeta: {} - name: Kibana Sample Data eCommerce - - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - namespaces: - - default - title: kibana_sample_data_flights - name: Kibana Sample Data Flights - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - namespaces: - - default - title: kibana_sample_data_logs - name: Kibana Sample Data Logs - Data_views_create_data_view_request: - summary: Create a data view with runtime fields. - value: - data_view: - title: logstash-* - name: My Logstash data view - runtimeFieldMap: - runtime_shape_name: - type: keyword - script: - source: emit(doc['shape_name'].value) - Data_views_get_data_view_response: - summary: >- - The get data view API returns a JSON object that contains information - about the data view. - value: + $ref: '#/components/schemas/Connectors_config_properties_tines' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_tines' + required: + - config + - name + - secrets + Connectors_update_connector_request_torq: + title: Update Torq connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_torq' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_torq' + required: + - config + - name + - secrets + Connectors_update_connector_request_webhook: + title: Update Webhook connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_webhook' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_webhook' + required: + - config + - name + - secrets + Connectors_update_connector_request_xmatters: + title: Update xMatters connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_xmatters' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_xmatters' + required: + - config + - name + - secrets + Data_views_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request + type: object + properties: data_view: - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - version: WzUsMV0= - title: kibana_sample_data_ecommerce - timeFieldName: order_date - sourceFilters: [] - fields: - _id: - count: 0 - name: _id - type: string - esTypes: - - _id - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - _index: - count: 0 - name: _index - type: string - esTypes: - - _index - scripted: false - searchable: true - aggregatable: true - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - _score: - count: 0 - name: _score - type: number - scripted: false - searchable: false - aggregatable: false - readFromDocValues: false - format: - id: number - shortDotsEnable: false - isMapped: true - _source: - count: 0 - name: _source - type: _source - esTypes: - - _source - scripted: false - searchable: false - aggregatable: false - readFromDocValues: false - format: - id: _source - shortDotsEnable: false - isMapped: true - category: - count: 0 - name: category + description: The data view object. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - category.keyword: - count: 0 - name: category.keyword + name: + description: The data view name. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: category - format: - id: string - shortDotsEnable: false - isMapped: true - currency: - count: 0 - name: currency + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - customer_birth_date: - count: 0 - name: customer_birth_date - type: date - esTypes: - - date - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: date - shortDotsEnable: false - isMapped: true - customer_first_name: - count: 0 - name: customer_first_name + required: + - title + override: + default: false + description: >- + Override an existing data view if a data view with the provided + title already exists. + type: boolean + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - customer_first_name.keyword: - count: 0 - name: customer_first_name.keyword + name: + description: The data view name. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: customer_first_name - format: - id: string - shortDotsEnable: false - isMapped: true - customer_full_name: - count: 0 - name: customer_full_name + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' + version: + example: WzQ2LDJd type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - customer_full_name.keyword: - count: 0 - name: customer_full_name.keyword + Data_views_fieldattrs: + description: A map of field attributes by field name. + type: object + properties: + count: + description: Popularity count for the field. + type: integer + customDescription: + description: Custom description for the field. + maxLength: 300 + type: string + customLabel: + description: Custom label for the field. + type: string + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: + type: object + properties: + source: + description: Script for the runtime field. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: customer_full_name - format: - id: string - shortDotsEnable: false - isMapped: true - customer_gender: - count: 0 - name: customer_gender + type: + description: Mapping type of the runtime field. + type: string + required: + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request + type: object + properties: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. + type: string + fromId: + description: The saved object reference to change. + type: string + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. + type: string + toId: + description: New saved object reference value to replace the old value. + type: string + required: + - fromId + - toId + Data_views_timefieldname: + description: 'The timestamp field name, which you use for time-based data views.' + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: 'When set to `rollup`, identifies the rollup data views.' + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + required: + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - customer_id: - count: 0 - name: customer_id + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + type: object + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: >- + Kibana's operational status as well as a detailed breakdown of plugin + statuses indication of various loads (like event loop utilization and + network traffic) at time of request. + type: object + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - customer_last_name: - count: 0 - name: customer_last_name + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. + type: object + properties: + elasticsearch: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + required: + - elasticsearch + - savedObjects + overall: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: >- + Unique, generated Kibana instance UUID. This UUID should persist + even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - customer_last_name.keyword: - count: 0 - name: customer_last_name.keyword + build_flavor: + description: >- + The build flavour determines configuration and behavior of + Kibana. On premise users will almost always run the + "traditional" flavour, while other flavours are reserved for + Elastic-specific use cases. + enum: + - serverless + - traditional type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: customer_last_name - format: - id: string - shortDotsEnable: false - isMapped: true - customer_phone: - count: 0 - name: customer_phone + build_hash: + description: >- + A unique hash value representing the git commit of this Kibana + build. + type: string + build_number: + description: >- + A monotonically increasing number, each subsequent build will + have a higher number. + type: number + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. + type: string + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + Machine_learning_APIs_mlSync200Response: + properties: + datafeedsAdded: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job is missing a datafeed + identifier, it is added when you run the sync machine learning saved + objects API. + type: object + datafeedsRemoved: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job references a datafeed + that no longer exists, it is deleted when you run the sync machine + learning saved objects API. + type: object + savedObjectsCreated: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated + savedObjectsDeleted: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted + title: Successful sync API response + type: object + Machine_learning_APIs_mlSync4xxResponse: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful sync API response + type: object + Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + description: >- + The sync machine learning saved objects API response contains this + object when there are anomaly detection jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for anomaly detection jobs + type: object + Machine_learning_APIs_mlSyncResponseDatafeeds: + description: >- + The sync machine learning saved objects API response contains this + object when there are datafeeds affected by the synchronization. There + is an object for each relevant datafeed, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for datafeeds + type: object + Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + description: >- + The sync machine learning saved objects API response contains this + object when there are data frame analytics jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for data frame analytics jobs + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + description: >- + If saved objects are missing for machine learning jobs or trained + models, they are created when you run the sync machine learning saved + objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If saved objects are missing for anomaly detection jobs, they are + created. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If saved objects are missing for data frame analytics jobs, they are + created. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: 'If saved objects are missing for trained models, they are created.' + type: object + title: Sync API response for created saved objects + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + description: >- + If saved objects exist for machine learning jobs or trained models that + no longer exist, they are deleted when you run the sync machine learning + saved objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If there are saved objects exist for nonexistent anomaly detection + jobs, they are deleted. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If there are saved objects exist for nonexistent data frame + analytics jobs, they are deleted. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: >- + If there are saved objects exist for nonexistent trained models, + they are deleted. + type: object + title: Sync API response for deleted saved objects + type: object + Machine_learning_APIs_mlSyncResponseSuccess: + description: The success or failure of the synchronization. + type: boolean + Machine_learning_APIs_mlSyncResponseTrainedModels: + description: >- + The sync machine learning saved objects API response contains this + object when there are trained models affected by the synchronization. + There is an object for each relevant trained model, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for trained models + type: object + Security_AI_Assistant_API_AnonymizationFieldCreateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + field: + type: string + required: + - field + Security_AI_Assistant_API_AnonymizationFieldDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_AnonymizationFieldResponse: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + createdAt: + type: string + createdBy: + type: string + field: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + namespace: + description: Kibana space + type: string + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + required: + - id + - field + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: + enum: + - ANONYMIZATION_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: + type: object + properties: + anonymization_fields_count: + type: integer + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult + type: array + updated: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_AnonymizationFieldUpdateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + id: + type: string + required: + - id + Security_AI_Assistant_API_ApiConfig: + type: object + properties: + actionTypeId: + description: action type id + type: string + connectorId: + description: connector id + type: string + defaultSystemPromptId: + description: defaultSystemPromptId + type: string + model: + description: model + type: string + provider: + $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' + description: Provider + required: + - connectorId + - actionTypeId + Security_AI_Assistant_API_BulkCrudActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_AI_Assistant_API_ChatCompleteProps: + type: object + properties: + connectorId: + type: string + conversationId: + type: string + isStream: + type: boolean + langSmithApiKey: + type: string + langSmithProject: + type: string + messages: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' + type: array + model: + type: string + persist: + type: boolean + promptId: + type: string + responseLanguage: + type: string + required: + - messages + - persist + - connectorId + Security_AI_Assistant_API_ChatMessage: + description: AI assistant message. + type: object + properties: + content: + description: Message content. + type: string + data: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' + description: ECS object to attach to the context of the message. + fields_to_anonymize: + items: + type: string + type: array + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' + description: Message role. + required: + - role + Security_AI_Assistant_API_ChatMessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_ConversationCategory: + description: The conversation category. + enum: + - assistant + - insights + type: string + Security_AI_Assistant_API_ConversationConfidence: + description: The conversation confidence. + enum: + - low + - medium + - high + type: string + Security_AI_Assistant_API_ConversationCreateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + description: The conversation id. + type: string + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + title: + description: The conversation title. + type: string + required: + - title + Security_AI_Assistant_API_ConversationResponse: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + createdAt: + description: The last time conversation was updated. + type: string + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + namespace: + description: Kibana space + type: string + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + title: + description: The conversation title. + type: string + updatedAt: + description: The last time conversation was updated. + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - title + - createdAt + - users + - namespace + - category + Security_AI_Assistant_API_ConversationSummary: + type: object + properties: + confidence: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationConfidence + description: >- + How confident you are about this being a correct and useful + learning. + content: + description: Summary text of the conversation over time. + type: string + public: + description: Define if summary is marked as publicly available. + type: boolean + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp summary was updated. + Security_AI_Assistant_API_ConversationUpdateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + title: + description: The conversation title. + type: string + required: + - id + Security_AI_Assistant_API_FindAnonymizationFieldsSortField: + enum: + - created_at + - anonymized + - allowed + - field + - updated_at + type: string + Security_AI_Assistant_API_FindConversationsSortField: + enum: + - created_at + - is_default + - title + - updated_at + type: string + Security_AI_Assistant_API_FindPromptsSortField: + enum: + - created_at + - is_default + - name + - updated_at + type: string + Security_AI_Assistant_API_Message: + description: AI assistant conversation message. + type: object + properties: + content: + description: Message content. + type: string + isError: + description: Is error message. + type: boolean + reader: + $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' + description: Message content. + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' + description: Message role. + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp message was sent or received. + traceData: + $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' + description: trace Data + required: + - timestamp + - content + - role + Security_AI_Assistant_API_MessageData: + additionalProperties: true + type: object + Security_AI_Assistant_API_MessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_AI_Assistant_API_NormalizedAnonymizationFieldError: + type: object + properties: + anonymization_fields: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError + type: array + err_code: + type: string + message: + type: string + status_code: + type: integer + required: + - message + - status_code + - anonymization_fields + Security_AI_Assistant_API_NormalizedPromptError: + type: object + properties: + err_code: + type: string + message: + type: string + prompts: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - prompts + Security_AI_Assistant_API_PromptCreateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + required: + - name + - content + - promptType + Security_AI_Assistant_API_PromptDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_PromptResponse: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + createdAt: + type: string + createdBy: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + namespace: + description: Kibana space + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - name + - promptType + - content + Security_AI_Assistant_API_PromptsBulkActionSkipReason: + enum: + - PROMPT_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_PromptsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_PromptsBulkCrudActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + prompts_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_PromptsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_PromptType: + description: Prompt type + enum: + - system + - quick + type: string + Security_AI_Assistant_API_PromptUpdateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + id: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + required: + - id + Security_AI_Assistant_API_Provider: + description: Provider + enum: + - OpenAI + - Azure OpenAI + type: string + Security_AI_Assistant_API_Reader: + additionalProperties: true + type: object + Security_AI_Assistant_API_Replacements: + additionalProperties: + type: string + description: Replacements object used to anonymize/deanomymize messsages + type: object + Security_AI_Assistant_API_SortOrder: + enum: + - asc + - desc + type: string + Security_AI_Assistant_API_TraceData: + description: trace Data + type: object + properties: + traceId: + description: 'Could be any string, not necessarily a UUID' + type: string + transactionId: + description: 'Could be any string, not necessarily a UUID' + type: string + Security_AI_Assistant_API_User: + description: 'Could be any string, not necessarily a UUID' + type: object + properties: + id: + description: User id + type: string + name: + description: User name + type: string + Security_Solution_Detections_API_AlertAssignees: + type: object + properties: + add: + description: A list of users ids to assign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + remove: + description: A list of users ids to unassign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - add + - remove + Security_Solution_Detections_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + minItems: 1 + type: array + Security_Solution_Detections_API_AlertsIndex: + deprecated: true + description: (deprecated) Has no effect. + type: string + Security_Solution_Detections_API_AlertsIndexNamespace: + description: Has no effect. + type: string + Security_Solution_Detections_API_AlertsSort: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + - items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + type: array + Security_Solution_Detections_API_AlertsSortCombinations: + anyOf: + - type: string + - additionalProperties: true + type: object + Security_Solution_Detections_API_AlertStatus: + enum: + - open + - closed + - acknowledged + - in-progress + type: string + Security_Solution_Detections_API_AlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + group_by: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionGroupBy + missing_fields_strategy: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy + required: + - group_by + Security_Solution_Detections_API_AlertSuppressionDuration: + type: object + properties: + unit: + enum: + - s + - m + - h + type: string + value: + minimum: 1 + type: integer + required: + - value + - unit + Security_Solution_Detections_API_AlertSuppressionGroupBy: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy: + description: >- + Describes how alerts will be generated for documents with missing + suppress by fields: + + doNotSuppress - per each document a separate alert will be created + + suppress - only alert will be created per suppress by bucket + enum: + - doNotSuppress + - suppress + type: string + Security_Solution_Detections_API_AlertTag: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_AlertTags: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTag' + type: array + Security_Solution_Detections_API_AnomalyThreshold: + description: Anomaly threshold + minimum: 0 + type: integer + Security_Solution_Detections_API_BuildingBlockType: + description: >- + Determines if the rule acts as a building block. By default, + building-block alerts are not displayed in the UI. These rules are used + as a foundation for other rules that do generate alerts. Its value must + be default. + type: string + Security_Solution_Detections_API_BulkActionEditPayload: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTags + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTimeline + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadRuleActions + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadSchedule + Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns: + type: object + properties: + overwrite_data_views: + type: boolean + type: + enum: + - add_index_patterns + - delete_index_patterns + - set_index_patterns + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields: + type: object + properties: + type: + enum: + - add_investigation_fields + - delete_investigation_fields + - set_investigation_fields + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadRuleActions: + type: object + properties: + type: + enum: + - add_rule_actions + - set_rule_actions + type: string + value: + type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleAction + type: array + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThrottleForBulkActions + required: + - actions + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadSchedule: + type: object + properties: + type: + enum: + - set_schedule + type: string + value: + type: object + properties: + interval: + description: >- + Interval in which the rule runs. For example, `"1h"` means the + rule runs every hour. + example: 1h + pattern: '^[1-9]\d*[smh]$' type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - day_of_week: - count: 0 - name: day_of_week + lookback: + description: Lookback time for the rule + example: 1h + pattern: '^[1-9]\d*[smh]$' type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - day_of_week_i: - count: 0 - name: day_of_week_i - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - email: - count: 0 - name: email + required: + - interval + - lookback + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTags: + type: object + properties: + type: + enum: + - add_tags + - delete_tags + - set_tags + type: string + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleTagArray' + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTimeline: + type: object + properties: + type: + enum: + - set_timeline + type: string + value: + type: object + properties: + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + required: + - timeline_id + - timeline_title + required: + - type + - value + Security_Solution_Detections_API_BulkActionsDryRunErrCode: + enum: + - IMMUTABLE + - MACHINE_LEARNING_AUTH + - MACHINE_LEARNING_INDEX_PATTERN + - ESQL_INDEX_PATTERN + - MANUAL_RULE_RUN_FEATURE + - MANUAL_RULE_RUN_DISABLED_RULE + type: string + Security_Solution_Detections_API_BulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditSkipReason + required: + - id + - skip_reason + Security_Solution_Detections_API_BulkDeleteRules: + type: object + properties: + action: + enum: + - delete + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDisableRules: + type: object + properties: + action: + enum: + - disable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDuplicateRules: + type: object + properties: + action: + enum: + - duplicate + type: string + duplicate: + type: object + properties: + include_exceptions: + description: Whether to copy exceptions from the original rule + type: boolean + include_expired_exceptions: + description: Whether to copy expired exceptions from the original rule + type: boolean + required: + - include_exceptions + - include_expired_exceptions + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkEditActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleError + type: array + results: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResults + summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionSummary + required: + - results + - summary + message: + type: string + rules_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_Solution_Detections_API_BulkEditActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + deleted: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_Solution_Detections_API_BulkEditActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_Solution_Detections_API_BulkEditRules: + type: object + properties: + action: + enum: + - edit + type: string + edit: + description: Array of objects containing the edit operations + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayload + minItems: 1 + type: array + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + - edit + Security_Solution_Detections_API_BulkEditSkipReason: + enum: + - RULE_NOT_MODIFIED + type: string + Security_Solution_Detections_API_BulkEnableRules: + type: object + properties: + action: + enum: + - enable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkExportActionResponse: + type: string + Security_Solution_Detections_API_BulkExportRules: + type: object + properties: + action: + enum: + - export + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkManualRuleRun: + type: object + properties: + action: + enum: + - run + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + run: + type: object + properties: + end_date: + description: End date of the manual rule run type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - event.dataset: - count: 0 - name: event.dataset + start_date: + description: Start date of the manual rule run type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - geoip.city_name: - count: 0 - name: geoip.city_name + required: + - start_date + required: + - action + - run + Security_Solution_Detections_API_ConcurrentSearches: + minimum: 1 + type: integer + Security_Solution_Detections_API_DataViewId: + type: string + Security_Solution_Detections_API_DefaultParams: + type: object + properties: + command: + enum: + - isolate + type: string + comment: + type: string + required: + - command + Security_Solution_Detections_API_EcsMapping: + additionalProperties: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + type: object + Security_Solution_Detections_API_EndpointResponseAction: + type: object + properties: + action_type_id: + enum: + - .endpoint + type: string + params: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_DefaultParams + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ProcessesParams + required: + - action_type_id + - params + Security_Solution_Detections_API_EqlOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + event_category_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EventCategoryOverride + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + tiebreaker_field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TiebreakerField + timestamp_field: + $ref: '#/components/schemas/Security_Solution_Detections_API_TimestampField' + Security_Solution_Detections_API_EqlQueryLanguage: + enum: + - eql + type: string + Security_Solution_Detections_API_EqlRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + required: + - type + - query + - language + Security_Solution_Detections_API_EqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleResponseFields + Security_Solution_Detections_API_EqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_EqlRulePatchFields: + allOf: + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - geoip.continent_name: - count: 0 - name: geoip.continent_name + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchFields + Security_Solution_Detections_API_EqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_ErrorSchema: + additionalProperties: false + type: object + properties: + error: + type: object + properties: + message: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - geoip.country_iso_code: - count: 0 - name: geoip.country_iso_code + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + id: + type: string + item_id: + minLength: 1 + type: string + list_id: + minLength: 1 + type: string + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - error + Security_Solution_Detections_API_EsqlQueryLanguage: + enum: + - esql + type: string + Security_Solution_Detections_API_EsqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleResponseFields + Security_Solution_Detections_API_EsqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EsqlRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + Security_Solution_Detections_API_EsqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + type: + description: Rule type + enum: + - esql type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - geoip.location: - count: 0 - name: geoip.location - type: geo_point - esTypes: - - geo_point - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: geo_point - params: - transform: wkt - shortDotsEnable: false - isMapped: true - geoip.region_name: - count: 0 - name: geoip.region_name + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + Security_Solution_Detections_API_EsqlRuleRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + type: + description: Rule type + enum: + - esql + type: string + required: + - type + - language + - query + Security_Solution_Detections_API_EsqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EventCategoryOverride: + type: string + Security_Solution_Detections_API_ExceptionListType: + description: The exception type + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Detections_API_ExternalRuleSource: + description: >- + Type of rule source for externally sourced rules, i.e. rules that have + an external source, such as the Elastic Prebuilt rules repo. + type: object + properties: + is_customized: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsExternalRuleCustomized + type: + enum: + - external + type: string + required: + - type + - is_customized + Security_Solution_Detections_API_FindRulesSortField: + enum: + - created_at + - createdAt + - enabled + - execution_summary.last_execution.date + - execution_summary.last_execution.metrics.execution_gap_duration_s + - execution_summary.last_execution.metrics.total_indexing_duration_ms + - execution_summary.last_execution.metrics.total_search_duration_ms + - execution_summary.last_execution.status + - name + - risk_score + - riskScore + - severity + - updated_at + - updatedAt + type: string + Security_Solution_Detections_API_HistoryWindowStart: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_IndexPatternArray: + items: + type: string + type: array + Security_Solution_Detections_API_InternalRuleSource: + description: >- + Type of rule source for internally sourced rules, i.e. created within + the Kibana apps. + type: object + properties: + type: + enum: + - internal + type: string + required: + - type + Security_Solution_Detections_API_InvestigationFields: + description: > + Schema for fields relating to investigation fields. These are user + defined fields we use to highlight + + in various features in the UI such as alert details flyout and + exceptions auto-population from alert. + + Added in PR #163235 + + Right now we only have a single field but anticipate adding more related + fields to store various + + configuration states such as `override` - where a user might say if they + want only these fields to + + display, or if they want these fields + the fields we select. When + expanding this field, it may look + + something like: + + ```typescript + + const investigationFields = z.object({ + field_names: NonEmptyArray(NonEmptyString), + override: z.boolean().optional(), + }); + + ``` + type: object + properties: + field_names: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - field_names + Security_Solution_Detections_API_InvestigationGuide: + description: Notes to help investigate alerts produced by the rule. + type: string + Security_Solution_Detections_API_IsExternalRuleCustomized: + description: >- + Determines whether an external/prebuilt rule has been customized by the + user (i.e. any of its fields have been modified and diverged from the + base value). + type: boolean + Security_Solution_Detections_API_IsRuleEnabled: + description: Determines whether the rule is enabled. + type: boolean + Security_Solution_Detections_API_IsRuleImmutable: + deprecated: true + description: >- + This field determines whether the rule is a prebuilt Elastic rule. It + will be replaced with the `rule_source` field. + type: boolean + Security_Solution_Detections_API_ItemsPerSearch: + minimum: 1 + type: integer + Security_Solution_Detections_API_KqlQueryLanguage: + enum: + - kuery + - lucene + type: string + Security_Solution_Detections_API_MachineLearningJobId: + description: Machine learning job ID + oneOf: + - type: string + - items: + type: string + minItems: 1 + type: array + Security_Solution_Detections_API_MachineLearningRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleResponseFields + Security_Solution_Detections_API_MachineLearningRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MachineLearningRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + Security_Solution_Detections_API_MachineLearningRulePatchFields: + allOf: + - type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - manufacturer: - count: 0 - name: manufacturer + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchFields + Security_Solution_Detections_API_MachineLearningRuleRequiredFields: + type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + required: + - type + - machine_learning_job_id + - anomaly_threshold + Security_Solution_Detections_API_MachineLearningRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MaxSignals: + minimum: 1 + type: integer + Security_Solution_Detections_API_NewTermsFields: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_NewTermsRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleResponseFields + Security_Solution_Detections_API_NewTermsRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NewTermsRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_NewTermsRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + Security_Solution_Detections_API_NewTermsRulePatchFields: + allOf: + - type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsFields + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - manufacturer.keyword: - count: 0 - name: manufacturer.keyword + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchFields + Security_Solution_Detections_API_NewTermsRuleRequiredFields: + type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + required: + - type + - query + - new_terms_fields + - history_window_start + Security_Solution_Detections_API_NewTermsRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_NewTermsRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Detections_API_NormalizedRuleAction: + additionalProperties: false + type: object + properties: + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + required: + - id + - params + Security_Solution_Detections_API_NormalizedRuleError: + type: object + properties: + err_code: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionsDryRunErrCode + message: + type: string + rules: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - rules + Security_Solution_Detections_API_OsqueryParams: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + pack_id: + type: string + queries: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryQuery' + type: array + query: + type: string + saved_query_id: + type: string + timeout: + type: number + Security_Solution_Detections_API_OsqueryQuery: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + id: + description: Query ID + type: string + platform: + type: string + query: + description: Query to run + type: string + removed: + type: boolean + snapshot: + type: boolean + version: + description: Query version + type: string + required: + - id + - query + Security_Solution_Detections_API_OsqueryResponseAction: + type: object + properties: + action_type_id: + enum: + - .osquery + type: string + params: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryParams' + required: + - action_type_id + - params + Security_Solution_Detections_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Detections_API_ProcessesParams: + type: object + properties: + command: + enum: + - kill-process + - suspend-process + type: string + comment: + type: string + config: + type: object + properties: + field: + description: Field to use instead of process.pid type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: manufacturer - format: - id: string - shortDotsEnable: false - isMapped: true - order_date: - count: 0 - name: order_date - type: date - esTypes: - - date - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: date - shortDotsEnable: false - isMapped: true - order_id: - count: 0 - name: order_id + overwrite: + default: true + description: Whether to overwrite field with process.pid + type: boolean + required: + - field + required: + - command + - config + Security_Solution_Detections_API_QueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleResponseFields + Security_Solution_Detections_API_QueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_QueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + Security_Solution_Detections_API_QueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_QueryRulePatchFields: + allOf: + - type: object + properties: + type: + description: Rule type + enum: + - query type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - products._id: - count: 0 - name: products._id + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchFields + Security_Solution_Detections_API_QueryRuleRequiredFields: + type: object + properties: + type: + description: Rule type + enum: + - query + type: string + required: + - type + Security_Solution_Detections_API_QueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + required: + - query + - language + Security_Solution_Detections_API_QueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_RelatedIntegration: + description: > + Related integration is a potential dependency of a rule. It's assumed + that if the user installs + + one of the related integrations of a rule, the rule might start to work + properly because it will + + have source events (generated by this integration) potentially matching + the rule's query. + + + NOTE: Proper work is not guaranteed, because a related integration, if + installed, can be + + configured differently or generate data that is not necessarily relevant + for this rule. + + + Related integration is a combination of a Fleet package and (optionally) + one of the + + package's "integrations" that this package contains. It is represented + by 3 properties: + + + - `package`: name of the package (required, unique id) + + - `version`: version of the package (required, semver-compatible) + + - `integration`: name of the integration of this package (optional, id + within the package) + + + There are Fleet packages like `windows` that contain only one + integration; in this case, + + `integration` should be unspecified. There are also packages like `aws` + and `azure` that contain + + several integrations; in this case, `integration` should be specified. + + + @example + + const x: RelatedIntegration = { + package: 'windows', + version: '1.5.x', + }; + + + @example + + const x: RelatedIntegration = { + package: 'azure', + version: '~1.1.6', + integration: 'activitylogs', + }; + type: object + properties: + integration: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + package: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + version: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - package + - version + Security_Solution_Detections_API_RelatedIntegrationArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegration + type: array + Security_Solution_Detections_API_RequiredField: + description: > + Describes an Elasticsearch field that is needed for the rule to + function. + + + Almost all types of Security rules check source event documents for a + match to some kind of + + query or filter. If a document has certain field with certain values, + then it's a match and + + the rule will generate an alert. + + + Required field is an event field that must be present in the source + indices of a given rule. + + + @example + + const standardEcsField: RequiredField = { + name: 'event.action', + type: 'keyword', + ecs: true, + }; + + + @example + + const nonEcsField: RequiredField = { + name: 'winlog.event_data.AttributeLDAPDisplayName', + type: 'keyword', + ecs: false, + }; + type: object + properties: + ecs: + description: Whether the field is an ECS field + type: boolean + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of the Elasticsearch field + required: + - name + - type + - ecs + Security_Solution_Detections_API_RequiredFieldArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RequiredField' + type: array + Security_Solution_Detections_API_RequiredFieldInput: + description: >- + Input parameters to create a RequiredField. Does not include the `ecs` + field, because `ecs` is calculated on the backend based on the field + name and type. + type: object + properties: + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of an Elasticsearch field + required: + - name + - type + Security_Solution_Detections_API_ResponseAction: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_OsqueryResponseAction + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EndpointResponseAction + Security_Solution_Detections_API_ResponseFields: + type: object + properties: + created_at: + format: date-time + type: string + created_by: + type: string + execution_summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionSummary + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + immutable: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleImmutable + required_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldArray + revision: + minimum: 0 + type: integer + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_source: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleSource' + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - rule_id + - immutable + - updated_at + - updated_by + - created_at + - created_by + - revision + - related_integrations + - required_fields + Security_Solution_Detections_API_RiskScore: + description: Risk score (0 to 100) + maximum: 100 + minimum: 0 + type: integer + Security_Solution_Detections_API_RiskScoreMapping: + description: >- + Overrides generated alerts' risk_score with a value from the source + event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + value: + type: string + required: + - field + - operator + - value + type: array + Security_Solution_Detections_API_RuleAction: + type: object + properties: + action_type_id: + description: The action type used for sending notifications. + type: string + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + uuid: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - action_type_id + - id + - params + Security_Solution_Detections_API_RuleActionAlertsFilter: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleActionFrequency: + description: >- + The action frequency defines when the action runs (for example, only on + rule execution or at specific time intervals). + type: object + properties: + notifyWhen: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionNotifyWhen + summary: + description: >- + Action summary indicates whether we will send a summary notification + about all the generate alerts or notification per individual alert + type: boolean + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + nullable: true + required: + - summary + - notifyWhen + - throttle + Security_Solution_Detections_API_RuleActionGroup: + description: >- + Optionally groups actions by use cases. Use `default` for alert + notifications. + type: string + Security_Solution_Detections_API_RuleActionId: + description: The connector ID. + type: string + Security_Solution_Detections_API_RuleActionNotifyWhen: + description: >- + The condition for throttling the notification: `onActionGroupChange`, + `onActiveAlert`, or `onThrottleInterval` + enum: + - onActiveAlert + - onThrottleInterval + - onActionGroupChange + type: string + Security_Solution_Detections_API_RuleActionParams: + additionalProperties: true + description: >- + Object containing the allowed connector fields, which varies according + to the connector type. + type: object + Security_Solution_Detections_API_RuleActionThrottle: + description: Defines how often rule actions are taken. + oneOf: + - enum: + - no_actions + - rule + type: string + - description: 'Time interval in seconds, minutes, hours, or days.' + example: 1h + pattern: '^[1-9]\d*[smhd]$' + type: string + Security_Solution_Detections_API_RuleAuthorArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleCreateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleDescription: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_Solution_Detections_API_RuleExceptionList: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: ID of the exception container + list_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: List ID of the exception container + namespace_type: + description: Determines the exceptions validity in rule's Kibana space + enum: + - agnostic + - single + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExceptionListType + required: + - id + - list_id + - type + - namespace_type + Security_Solution_Detections_API_RuleExecutionMetrics: + type: object + properties: + execution_gap_duration_s: + description: Duration in seconds of execution gap + minimum: 0 + type: integer + total_enrichment_duration_ms: + description: >- + Total time spent enriching documents during current rule execution + cycle + minimum: 0 + type: integer + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during current rule execution + cycle + minimum: 0 + type: integer + total_search_duration_ms: + description: >- + Total time spent performing ES searches as measured by Kibana; + includes network latency and time spent serializing/deserializing + request/response + minimum: 0 + type: integer + Security_Solution_Detections_API_RuleExecutionStatus: + description: >- + Custom execution status of Security rules that is different from the + status used in the Alerting Framework. We merge our custom status with + the Framework's status to determine the resulting status of a rule. + + - going to run - @deprecated Replaced by the 'running' status but left + for backwards compatibility with rule execution events already written + to Event Log in the prior versions of Kibana. Don't use when writing + rule status changes. + + - running - Rule execution started but not reached any intermediate or + final status. + + - partial failure - Rule can partially fail for various reasons either + in the middle of an execution (in this case we update its status right + away) or in the end of it. So currently this status can be both + intermediate and final at the same time. A typical reason for a partial + failure: not all the indices that the rule searches over actually exist. + + - failed - Rule failed to execute due to unhandled exception or a reason + defined in the business logic of its executor function. + + - succeeded - Rule executed successfully without any issues. Note: this + status is just an indication of a rule's "health". The rule might or + might not generate any alerts despite of it. + enum: + - going to run + - running + - partial failure + - failed + - succeeded + type: string + Security_Solution_Detections_API_RuleExecutionStatusOrder: + type: integer + Security_Solution_Detections_API_RuleExecutionSummary: + type: object + properties: + last_execution: + type: object + properties: + date: + description: Date of the last execution + format: date-time type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - products._id.keyword: - count: 0 - name: products._id.keyword + message: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: products._id - format: - id: string - shortDotsEnable: false - isMapped: true - products.base_price: - count: 0 - name: products.base_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.base_unit_price: - count: 0 - name: products.base_unit_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.category: - count: 0 - name: products.category + metrics: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionMetrics + status: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatus + description: Status of the last execution + status_order: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatusOrder + required: + - date + - status + - status_order + - message + - metrics + required: + - last_execution + Security_Solution_Detections_API_RuleFalsePositiveArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleFilterArray: + items: {} + type: array + Security_Solution_Detections_API_RuleInterval: + description: >- + Frequency of rule execution, using a date math range. For example, "1h" + means the rule runs every hour. Defaults to 5m (5 minutes). + type: string + Security_Solution_Detections_API_RuleIntervalFrom: + description: >- + Time from which data is analyzed each time the rule runs, using a date + math range. For example, now-4200s means the rule analyzes data from 70 + minutes before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + Security_Solution_Detections_API_RuleIntervalTo: + type: string + Security_Solution_Detections_API_RuleLicense: + description: The rule's license. + type: string + Security_Solution_Detections_API_RuleMetadata: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleName: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleNameOverride: + description: Sets the source field for the alert's signal.rule.name value + type: string + Security_Solution_Detections_API_RuleObjectId: + $ref: '#/components/schemas/Security_Solution_Detections_API_UUID' + Security_Solution_Detections_API_RulePatchProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRulePatchProps + Security_Solution_Detections_API_RulePreviewLogs: + type: object + properties: + duration: + description: Execution duration in milliseconds + type: integer + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + startedAt: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - errors + - warnings + - duration + Security_Solution_Detections_API_RulePreviewParams: + type: object + properties: + invocationCount: + type: integer + timeframeEnd: + format: date-time + type: string + required: + - invocationCount + - timeframeEnd + Security_Solution_Detections_API_RuleQuery: + type: string + Security_Solution_Detections_API_RuleReferenceArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleResponse: + anyOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_EqlRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_QueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdRule' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRule + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRule + - $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_EsqlRule' + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleSignatureId: + description: 'Could be any string, not necessarily a UUID' + type: string + Security_Solution_Detections_API_RuleSource: + description: >- + Discriminated union that determines whether the rule is internally + sourced (created within the Kibana app) or has an external source, such + as the Elastic Prebuilt rules repo. + discriminator: + propertyName: type + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExternalRuleSource + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_InternalRuleSource + Security_Solution_Detections_API_RuleTagArray: + description: >- + String array containing words and phrases to help categorize, filter, + and search rules. Defaults to an empty array. + items: + type: string + type: array + Security_Solution_Detections_API_RuleUpdateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleUpdateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleVersion: + description: The rule's version number. + minimum: 1 + type: integer + Security_Solution_Detections_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Solution_Detections_API_SavedObjectResolveAliasTargetId: + type: string + Security_Solution_Detections_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Solution_Detections_API_SavedQueryId: + type: string + Security_Solution_Detections_API_SavedQueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleResponseFields + Security_Solution_Detections_API_SavedQueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SavedQueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_SavedQueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_SavedQueryRulePatchFields: + allOf: + - type: object + properties: + saved_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryId + type: + description: Rule type + enum: + - saved_query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchFields + Security_Solution_Detections_API_SavedQueryRuleRequiredFields: + type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + required: + - type + - saved_id + Security_Solution_Detections_API_SavedQueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_SavedQueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SetAlertsStatusByIds: + type: object + properties: + signal_ids: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - signal_ids + - status + Security_Solution_Detections_API_SetAlertsStatusByQuery: + type: object + properties: + conflicts: + default: abort + enum: + - abort + - proceed + type: string + query: + additionalProperties: true + type: object + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - query + - status + Security_Solution_Detections_API_SetAlertTags: + type: object + properties: + tags_to_add: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + tags_to_remove: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + required: + - tags_to_add + - tags_to_remove + Security_Solution_Detections_API_SetupGuide: + type: string + Security_Solution_Detections_API_Severity: + description: Severity of the rule + enum: + - low + - medium + - high + - critical + type: string + Security_Solution_Detections_API_SeverityMapping: + description: Overrides generated alerts' severity with values from the source event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + value: + type: string + required: + - field + - operator + - severity + - value + type: array + Security_Solution_Detections_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Detections_API_SortOrder: + enum: + - asc + - desc + type: string + Security_Solution_Detections_API_Threat: + type: object + properties: + framework: + description: Relevant attack framework + type: string + tactic: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatTactic' + technique: + description: Array containing information on the attack techniques (optional) + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatTechnique + type: array + required: + - framework + - tactic + Security_Solution_Detections_API_ThreatArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threat' + type: array + Security_Solution_Detections_API_ThreatFilters: + items: + description: >- + Query and filter context array used to filter documents from the + Elasticsearch index containing the threat values + type: array + Security_Solution_Detections_API_ThreatIndex: + items: + type: string + type: array + Security_Solution_Detections_API_ThreatIndicatorPath: + description: >- + Defines the path to the threat indicator in the indicator documents + (optional) + type: string + Security_Solution_Detections_API_ThreatMapping: + items: + type: object + properties: + entries: + items: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: + enum: + - mapping + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - field + - type + - value + type: array + required: + - entries + minItems: 1 + type: array + Security_Solution_Detections_API_ThreatMatchRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleResponseFields + Security_Solution_Detections_API_ThreatMatchRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + concurrent_searches: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ConcurrentSearches + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + items_per_search: + $ref: '#/components/schemas/Security_Solution_Detections_API_ItemsPerSearch' + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + threat_filters: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatFilters' + threat_indicator_path: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndicatorPath + threat_language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndex + threat_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMapping + threat_query: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatQuery + type: + description: Rule type + enum: + - threat_match type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - products.category.keyword: - count: 0 - name: products.category.keyword + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchFields + Security_Solution_Detections_API_ThreatMatchRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match + type: string + required: + - type + - query + - threat_query + - threat_mapping + - threat_index + Security_Solution_Detections_API_ThreatMatchRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThreatMatchRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatQuery: + description: Query to run + type: string + Security_Solution_Detections_API_ThreatSubtechnique: + type: object + properties: + id: + description: Subtechnique ID + type: string + name: + description: Subtechnique name + type: string + reference: + description: Subtechnique reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTactic: + type: object + properties: + id: + description: Tactic ID + type: string + name: + description: Tactic name + type: string + reference: + description: Tactic reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTechnique: + type: object + properties: + id: + description: Technique ID + type: string + name: + description: Technique name + type: string + reference: + description: Technique reference + type: string + subtechnique: + description: Array containing more specific information on the attack technique + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatSubtechnique + type: array + required: + - id + - name + - reference + Security_Solution_Detections_API_Threshold: + type: object + properties: + cardinality: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdCardinality + field: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdField' + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdValue' + required: + - field + - value + Security_Solution_Detections_API_ThresholdAlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + required: + - duration + Security_Solution_Detections_API_ThresholdCardinality: + items: + type: object + properties: + field: + type: string + value: + minimum: 0 + type: integer + required: + - field + - value + type: array + Security_Solution_Detections_API_ThresholdField: + description: Field to aggregate on + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Detections_API_ThresholdRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleResponseFields + Security_Solution_Detections_API_ThresholdRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThresholdRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdAlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_ThresholdRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: products.category - format: - id: string - shortDotsEnable: false - isMapped: true - products.created_on: - count: 0 - name: products.created_on - type: date - esTypes: - - date - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: date - shortDotsEnable: false - isMapped: true - products.discount_amount: - count: 0 - name: products.discount_amount - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.discount_percentage: - count: 0 - name: products.discount_percentage - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.manufacturer: - count: 1 - name: products.manufacturer + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchFields + Security_Solution_Detections_API_ThresholdRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + required: + - type + - query + - threshold + Security_Solution_Detections_API_ThresholdRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThresholdRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdValue: + description: Threshold value + minimum: 1 + type: integer + Security_Solution_Detections_API_ThrottleForBulkActions: + description: >- + The condition for throttling the notification: 'rule', 'no_actions', or + time duration + enum: + - rule + - 1h + - 1d + - 7d + type: string + Security_Solution_Detections_API_TiebreakerField: + description: Sets a secondary field for sorting events + type: string + Security_Solution_Detections_API_TimelineTemplateId: + description: Timeline template ID + type: string + Security_Solution_Detections_API_TimelineTemplateTitle: + description: Timeline template title + type: string + Security_Solution_Detections_API_TimestampField: + description: Contains the event timestamp used for sorting a sequence of events + type: string + Security_Solution_Detections_API_TimestampOverride: + description: Sets the time field used to query indices + type: string + Security_Solution_Detections_API_TimestampOverrideFallbackDisabled: + description: Disables the fallback to the event's @timestamp field + type: boolean + Security_Solution_Detections_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Detections_API_WarningSchema: + type: object + properties: + actionPath: + type: string + buttonLabel: + type: string + message: + type: string + type: + type: string + required: + - type + - message + - actionPath + Security_Solution_Endpoint_Exceptions_API_EndpointList: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionList + - additionalProperties: false + type: object + Security_Solution_Endpoint_Exceptions_API_EndpointListItem: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItem + Security_Solution_Endpoint_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + description: 'Human readable string identifier, e.g. `trusted-linux-processes`' + Security_Solution_Endpoint_Exceptions_API_ExceptionListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + created_at: + format: date-time + type: string + created_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + updated_at: + format: date-time + type: string + updated_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - id + - comment + - created_at + - created_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + list: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListId + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListType + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Endpoint_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Endpoint_Management_API_ActionLogRequestQuery: + type: object + properties: + end_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + page_size: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PageSize + start_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + canEncrypt: + type: boolean + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + agent_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + pending_actions: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionsSchema + required: + - agent_id + - pending_actions + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_AgentId: + description: Agent ID + type: string + Security_Solution_Endpoint_Management_API_AgentIds: + minLength: 1 + oneOf: + - items: + minLength: 1 + type: string + maxItems: 50 + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_AgentTypes: + enum: + - endpoint + - sentinel_one + - crowdstrike + type: string + Security_Solution_Endpoint_Management_API_AlertIds: + description: A list of alerts ids. + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NonEmptyString + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_CaseIds: + description: Case IDs to be updated (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_Command: + description: The command to be executed (cannot be an empty string) + enum: + - isolate + - unisolate + - kill-process + - suspend-process + - running-processes + - get-file + - execute + - upload + - scan + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_Commands: + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Command' + type: array + Security_Solution_Endpoint_Management_API_Comment: + description: Optional comment + type: string + Security_Solution_Endpoint_Management_API_EndDate: + description: End date + type: string + Security_Solution_Endpoint_Management_API_EndpointIds: + description: List of endpoint IDs (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + command: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Command + timeout: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Timeout + required: + - command + required: + - parameters + Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery: + type: object + properties: + agentIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + agentTypes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + commands: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Commands + endDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + startDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + types: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Types' + userIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UserIds + withOutputs: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_WithOutputs + Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - type: object + properties: + pid: + minimum: 1 + type: integer + - type: object + properties: + entity_id: + minLength: 1 + type: string + required: + - parameters + Security_Solution_Endpoint_Management_API_ListRequestQuery: + type: object + properties: + hostStatuses: + items: + enum: + - healthy + - offline + - updating + - inactive + - unenrolled + type: string + type: array + kuery: + nullable: true + type: string + page: + default: 0 + description: Page number + minimum: 0 + type: integer + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + sortDirection: + enum: + - asc + - desc + nullable: true + type: string + sortField: + enum: + - enrolled_at + - metadata.host.hostname + - host_status + - metadata.Endpoint.policy.applied.name + - metadata.Endpoint.policy.applied.status + - metadata.host.os.name + - metadata.host.ip + - metadata.agent.version + - last_checkin + type: string + required: + - hostStatuses + Security_Solution_Endpoint_Management_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Management_API_NoParametersRequestSchema: + type: object + properties: + body: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: + - body + Security_Solution_Endpoint_Management_API_Page: + default: 1 + description: Page number + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_PageSize: + default: 10 + description: Number of items per page + maximum: 100 + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Parameters: + description: Optional parameters object + type: object + Security_Solution_Endpoint_Management_API_PendingActionDataType: + type: integer + Security_Solution_Endpoint_Management_API_PendingActionsSchema: + oneOf: + - type: object + properties: + execute: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + get-file: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + isolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + kill-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + running-processes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + scan: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + suspend-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + unisolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + upload: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + - additionalProperties: true + type: object + Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse: + type: object + properties: + note: + type: string + Security_Solution_Endpoint_Management_API_ScanRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_StartDate: + description: Start date + type: string + Security_Solution_Endpoint_Management_API_SuccessResponse: + type: object + properties: {} + Security_Solution_Endpoint_Management_API_Timeout: + description: The maximum timeout value in milliseconds (optional) + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Type: + description: Type of response action + enum: + - automated + - manual + type: string + Security_Solution_Endpoint_Management_API_Types: + description: List of types of response actions + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Type' + maxLength: 2 + minLength: 1 + type: array + Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_UploadRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + file: + format: binary type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - products.manufacturer.keyword: - count: 0 - name: products.manufacturer.keyword + parameters: + type: object + properties: + overwrite: + default: false + type: boolean + required: + - parameters + - file + Security_Solution_Endpoint_Management_API_UserIds: + description: User IDs + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_WithOutputs: + description: Shows detailed outputs for an action response + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: + type: object + properties: + index: + type: integer + message: + type: string + required: + - message + - index + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats: + type: object + properties: + failed: + type: integer + successful: + type: integer + total: + type: integer + required: + - successful + - failed + - total + Security_Solution_Entity_Analytics_API_AssetCriticalityLevel: + description: The criticality level of the asset. + enum: + - low_impact + - medium_impact + - high_impact + - extreme_impact + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + '@timestamp': + description: The time the record was created or updated. + example: '2017-07-21T17:32:28Z' + format: date-time + type: string + required: + - '@timestamp' + Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts: + type: object + properties: + id_field: + $ref: '#/components/schemas/Security_Solution_Entity_Analytics_API_IdField' + description: The field representing the ID. + example: host.name + id_value: + description: The ID value of the asset. + type: string + required: + - id_value + - id_field + Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts + - type: object + properties: + criticality_level: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality_level + Security_Solution_Entity_Analytics_API_IdField: + enum: + - host.name + - user.name + type: string + Security_Solution_Exceptions_API_CreateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + Security_Solution_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + description: 'Human readable string identifier, e.g. `trusted-linux-processes`' + Security_Solution_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + created_at: + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + updated_at: + format: date-time + type: string + updated_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Solution_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + list: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: array + Security_Solution_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListsImportBulkError: + type: object + properties: + error: + type: object + properties: + message: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: products.manufacturer - format: - id: string - shortDotsEnable: false - isMapped: true - products.min_price: - count: 0 - name: products.min_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.price: - count: 1 - name: products.price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.product_id: - count: 0 - name: products.product_id - type: number - esTypes: - - long - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.product_name: - count: 1 - name: products.product_name + status_code: + type: integer + required: + - status_code + - message + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + required: + - error + Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkError + type: array + Security_Solution_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Exceptions_API_FindExceptionListItemsFilter: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_FindExceptionListsFilter: + type: string + Security_Solution_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Exceptions_API_RuleId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_UUID' + Security_Solution_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Exceptions_API_UpdateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Lists_API_FindListItemsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListItemsFilter: + type: string + Security_Solution_Lists_API_FindListsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListsFilter: + type: string + Security_Solution_Lists_API_List: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + immutable: + type: boolean + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + minimum: 1 + type: integer + required: + - id + - type + - name + - description + - immutable + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListDescription: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItem: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemMetadata' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + value: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemValue' + required: + - id + - type + - list_id + - value + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListItemId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItemMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListItemPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListItemValue: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListName: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Lists_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Lists_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Lists_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Osquery_API_ArrayQueries: + items: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueriesItem' + type: array + Security_Solution_Osquery_API_ArrayQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_CreateLiveQueryRequestBody: + type: object + properties: + agent_all: + type: boolean + agent_ids: + items: + type: string + type: array + agent_platforms: + items: + type: string + type: array + agent_policy_ids: + items: + type: string + type: array + alert_ids: + items: + type: string + type: array + case_ids: + items: + type: string + type: array + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + event_ids: + items: + type: string + type: array + metadata: + nullable: true + type: object + pack_id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackIdOrUndefined' + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueries' + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + Security_Solution_Osquery_API_CreatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + name: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackName' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_CreateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_DefaultSuccessResponse: + type: object + properties: {} + Security_Solution_Osquery_API_Description: + type: string + Security_Solution_Osquery_API_DescriptionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Description' + nullable: true + Security_Solution_Osquery_API_ECSMapping: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMappingItem' + type: object + Security_Solution_Osquery_API_ECSMappingItem: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Osquery_API_ECSMappingOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMapping' + nullable: true + Security_Solution_Osquery_API_Enabled: + type: boolean + Security_Solution_Osquery_API_EnabledOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Enabled' + nullable: true + Security_Solution_Osquery_API_FindLiveQueryRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindPacksRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindSavedQueryRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_Id: + type: string + Security_Solution_Osquery_API_Interval: + type: string + Security_Solution_Osquery_API_IntervalOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + nullable: true + Security_Solution_Osquery_API_KueryOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_ObjectQueries: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueriesItem' + type: object + Security_Solution_Osquery_API_ObjectQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_PackId: + type: string + Security_Solution_Osquery_API_PackIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + nullable: true + Security_Solution_Osquery_API_PackName: + type: string + Security_Solution_Osquery_API_PageOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_PageSizeOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_Platform: + type: string + Security_Solution_Osquery_API_PlatformOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Platform' + nullable: true + Security_Solution_Osquery_API_PolicyIds: + items: + type: string + type: array + Security_Solution_Osquery_API_PolicyIdsOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PolicyIds' + nullable: true + Security_Solution_Osquery_API_Query: + type: string + Security_Solution_Osquery_API_QueryOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + nullable: true + Security_Solution_Osquery_API_Removed: + type: boolean + Security_Solution_Osquery_API_RemovedOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Removed' + nullable: true + Security_Solution_Osquery_API_SavedQueryId: + type: string + Security_Solution_Osquery_API_SavedQueryIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + nullable: true + Security_Solution_Osquery_API_Shards: + additionalProperties: + type: number + type: object + Security_Solution_Osquery_API_Snapshot: + type: boolean + Security_Solution_Osquery_API_SnapshotOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Snapshot' + nullable: true + Security_Solution_Osquery_API_SortOrderOrUndefined: + oneOf: + - nullable: true + type: string + - enum: + - asc + - desc + Security_Solution_Osquery_API_SortOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_UpdatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_UpdateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_IntervalOrUndefined + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_Version: + type: string + Security_Solution_Osquery_API_VersionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Version' + nullable: true + Security_Solution_Timeline_API_BareNote: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + nullable: true + type: string + note: + nullable: true + type: string + timelineId: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + required: + - timelineId + Security_Solution_Timeline_API_ColumnHeaderResult: + type: object + properties: + aggregatable: + type: boolean + category: + type: string + columnHeaderType: + type: string + description: + type: string + example: + oneOf: + - type: string + - type: number + id: + type: string + indexes: + items: + type: string + type: array + name: + type: string + placeholder: + type: string + searchable: + type: boolean + type: + type: string + Security_Solution_Timeline_API_DataProviderQueryMatch: + type: object + properties: + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + Security_Solution_Timeline_API_DataProviderResult: + type: object + properties: + and: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderQueryMatch + nullable: true + type: array + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DataProviderType' + nullable: true + Security_Solution_Timeline_API_DataProviderType: + description: >- + The type of data provider to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Security_Solution_Timeline_API_DocumentIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Solution_Timeline_API_FavoriteTimelineResponse: + type: object + properties: + code: + nullable: true + type: number + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + type: array + message: + nullable: true + type: string + savedObjectId: + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_FavoriteTimelineResult: + type: object + properties: + favoriteDate: + nullable: true + type: number + fullName: + nullable: true + type: string + userName: + nullable: true + type: string + Security_Solution_Timeline_API_FilterTimelineResult: + type: object + properties: + exists: + type: boolean + match_all: + type: string + meta: + type: object + properties: + alias: type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - products.product_name.keyword: - count: 0 - name: products.product_name.keyword + controlledBy: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: products.product_name - format: - id: string - shortDotsEnable: false - isMapped: true - products.quantity: - count: 0 - name: products.quantity - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.sku: - count: 0 - name: products.sku + disabled: + type: boolean + field: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - products.tax_amount: - count: 0 - name: products.tax_amount - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.taxful_price: - count: 0 - name: products.taxful_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.taxless_price: - count: 0 - name: products.taxless_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.unit_discount_amount: - count: 0 - name: products.unit_discount_amount - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - sku: - count: 0 - name: sku + formattedValue: + type: string + index: + type: string + key: + type: string + negate: + type: boolean + params: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - taxful_total_price: - count: 0 - name: taxful_total_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.[00] - shortDotsEnable: false - isMapped: true - taxless_total_price: - count: 0 - name: taxless_total_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - total_quantity: - count: 1 - name: total_quantity - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - total_unique_products: - count: 0 - name: total_unique_products - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true type: - count: 0 - name: type type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - user: - count: 0 - name: user + value: + type: string + missing: + type: string + query: + type: string + range: + type: string + script: + type: string + Security_Solution_Timeline_API_ImportTimelineResult: + type: object + properties: + errors: + items: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: number + id: + type: string + type: array + success: + type: boolean + success_count: + type: number + timelines_installed: + type: number + timelines_updated: + type: number + Security_Solution_Timeline_API_ImportTimelines: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + globalNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + savedObjectId: + nullable: true + type: string + version: + nullable: true + type: string + Security_Solution_Timeline_API_Note: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + - type: object + properties: + noteId: + type: string + version: + type: string + Security_Solution_Timeline_API_PinnedEvent: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + type: string + pinnedEventId: + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + version: + type: string + required: + - eventId + - pinnedEventId + - timelineId + - version + Security_Solution_Timeline_API_QueryMatchResult: + type: object + properties: + displayField: + nullable: true + type: string + displayValue: + nullable: true + type: string + field: + nullable: true + type: string + operator: + nullable: true + type: string + value: + nullable: true + type: string + Security_Solution_Timeline_API_Readable: + type: object + properties: + _data: + additionalProperties: true + type: object + _encoding: + type: string + _events: + additionalProperties: true + type: object + _eventsCount: + type: number + _maxListeners: + additionalProperties: true + type: object + _position: + type: number + _read: + additionalProperties: true + type: object + _readableState: + additionalProperties: true + type: object + readable: + type: boolean + Security_Solution_Timeline_API_RowRendererId: + enum: + - alert + - alerts + - auditd + - auditd_file + - library + - netflow + - plain + - registry + - suricata + - system + - system_dns + - system_endgame_process + - system_file + - system_fim + - system_security_event + - system_socket + - threat_match + - zeek + type: string + Security_Solution_Timeline_API_SavedTimeline: + type: object + properties: + columns: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ColumnHeaderResult + nullable: true + type: array + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + dataProviders: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderResult + nullable: true + type: array + dataViewId: + nullable: true + type: string + dateRange: + nullable: true + type: object + properties: + end: + oneOf: + - type: string + - type: number + start: + oneOf: + - type: string + - type: number + description: + nullable: true + type: string + eqlOptions: + nullable: true + type: object + properties: + eventCategoryField: + nullable: true + type: string + query: + nullable: true type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - typeMeta: {} - fieldFormats: - taxful_total_price: - id: number - params: - pattern: $0,0.[00] - products.price: - id: number - params: - pattern: $0,0.00 - taxless_total_price: - id: number - params: - pattern: $0,0.00 - products.taxless_price: - id: number - params: - pattern: $0,0.00 - products.taxful_price: - id: number - params: - pattern: $0,0.00 - products.min_price: - id: number - params: - pattern: $0,0.00 - products.base_unit_price: - id: number - params: - pattern: $0,0.00 - products.base_price: - id: number - params: - pattern: $0,0.00 - runtimeFieldMap: {} - fieldAttrs: - products.manufacturer: - count: 1 - products.price: - count: 1 - products.product_name: - count: 1 - total_quantity: - count: 1 - allowNoIndex: false - name: Kibana Sample Data eCommerce - namespaces: - - default - Data_views_update_data_view_request: - summary: Update some properties for a data view. - value: - data_view: - title: kibana_sample_data_ecommerce - timeFieldName: order_date - allowNoIndex: false - name: Kibana Sample Data eCommerce - refresh_fields: true - Data_views_update_field_metadata_request: - summary: Update metadata for multiple fields. - value: - fields: - field1: - count: 123 - customLabel: Field 1 label - field2: - customLabel: Field 2 label - customDescription: Field 2 description - Data_views_create_runtime_field_request: - summary: Create a runtime field. - value: - name: runtimeFoo - runtimeField: - type: long - script: - source: emit(doc["foo"].value) - Data_views_get_runtime_field_response: - summary: >- - The get runtime field API returns a JSON object that contains - information about the runtime field (`hour_of_day`) and the data view - (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). - value: - fields: - - count: 0 - name: hour_of_day - type: number - esTypes: - - long - scripted: false - searchable: true - aggregatable: true - readFromDocValues: false - shortDotsEnable: false - runtimeField: - type: long - script: - source: emit(doc['timestamp'].value.getHour()); - data_view: - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - version: WzM2LDJd - title: kibana_sample_data_flights - timeFieldName: timestamp - sourceFilters: [] - fields: - hour_of_day: - count: 0 - name: hour_of_day - type: number - esTypes: - - long - scripted: false - searchable: true - aggregatable: true - readFromDocValues: false - format: - id: number - params: - pattern: '00' - shortDotsEnable: false - runtimeField: - type: long - script: - source: emit(doc['timestamp'].value.getHour()); - AvgTicketPrice: - count: 0 - name: AvgTicketPrice - type: number - esTypes: - - float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.[00] - shortDotsEnable: false - isMapped: true - Cancelled: - count: 0 - name: Cancelled - type: boolean - esTypes: - - boolean - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: boolean - shortDotsEnable: false - isMapped: true - Carrier: - count: 0 - name: Carrier + size: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + tiebreakerField: + nullable: true + type: string + timestampField: + nullable: true + type: string + eventType: + nullable: true + type: string + excludedRowRendererIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_RowRendererId' + nullable: true + type: array + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + nullable: true + type: array + filters: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FilterTimelineResult + nullable: true + type: array + indexNames: + items: + type: string + nullable: true + type: array + kqlMode: + nullable: true + type: string + kqlQuery: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SerializedFilterQueryResult + nullable: true + savedQueryId: + nullable: true + type: string + savedSearchId: + nullable: true + type: string + sort: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Sort' + nullable: true + status: + enum: + - active + - draft + - immutable + nullable: true + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + title: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + Security_Solution_Timeline_API_SerializedFilterQueryResult: + type: object + properties: + filterQuery: + nullable: true + type: object + properties: + kuery: + nullable: true + type: object + properties: + expression: + nullable: true + type: string + kind: + nullable: true + type: string + serializedQuery: + nullable: true + type: string + Security_Solution_Timeline_API_Sort: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + - items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + type: array + Security_Solution_Timeline_API_SortFieldTimeline: + description: The field to sort the timelines by. + enum: + - title + - description + - updated + - created + type: string + Security_Solution_Timeline_API_SortObject: + type: object + properties: + columnId: + nullable: true + type: string + columnType: + nullable: true + type: string + sortDirection: + nullable: true + type: string + Security_Solution_Timeline_API_TimelineResponse: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + noteIds: + items: + type: string + type: array + notes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + pinnedEventIds: + items: + type: string + type: array + pinnedEventsSaveObject: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + type: array + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_TimelineStatus: + description: >- + The status of the timeline. Valid values are `active`, `draft`, and + `immutable`. + enum: + - active + - draft + - immutable + type: string + Security_Solution_Timeline_API_TimelineType: + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Serverless_saved_objects_400_response: + title: Bad request + type: object + properties: + error: + enum: + - Bad Request + type: string + message: + type: string + statusCode: + enum: + - 400 + type: integer + required: + - error + - message + - statusCode + SLOs_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + example: 'Invalid value ''foo'' supplied to: [...]' + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + SLOs_401_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 401 + type: number + required: + - statusCode + - error + - message + SLOs_403_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 403 + type: number + required: + - statusCode + - error + - message + SLOs_404_response: + title: Not found + type: object + properties: + error: + example: Not Found + type: string + message: + example: 'SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found' + type: string + statusCode: + example: 404 + type: number + required: + - statusCode + - error + - message + SLOs_409_response: + title: Conflict + type: object + properties: + error: + example: Conflict + type: string + message: + example: 'SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists' + type: string + statusCode: + example: 409 + type: number + required: + - statusCode + - error + - message + SLOs_budgeting_method: + description: The budgeting method to use when computing the rollup data. + enum: + - occurrences + - timeslices + example: occurrences + title: Budgeting method + type: string + SLOs_create_slo_request: + description: > + The create SLO API request body varies depending on the type of + indicator, time window and budgeting method. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: >- + A optional and unique identifier for the SLO. Must be between 8 and + 36 chars + example: my-super-slo-id + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + required: + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + title: Create SLO request + type: object + SLOs_create_slo_response: + title: Create SLO response + type: object + properties: + id: + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - id + SLOs_delete_slo_instances_request: + description: > + The delete SLO instances request takes a list of SLO id and instance id, + then delete the rollup and summary data. This API can be used to remove + the staled data of an instance SLO that no longer get updated. + properties: + list: + description: An array of slo id and instance id + items: + type: object + properties: + instanceId: + description: The SLO instance identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + sloId: + description: The SLO unique identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - sloId + - instanceId + type: array + required: + - list + title: Delete SLO instances request + type: object + SLOs_error_budget: + title: Error budget + type: object + properties: + consumed: + description: 'The error budget consummed, as a percentage of the initial value.' + example: 0.8 + type: number + initial: + description: 'The initial error budget, as 1 - objective' + example: 0.02 + type: number + isEstimated: + description: >- + Only for SLO defined with occurrences budgeting method and calendar + aligned time window. + example: true + type: boolean + remaining: + description: 'The error budget remaining, as a percentage of the initial value.' + example: 0.2 + type: number + required: + - initial + - consumed + - remaining + - isEstimated + SLOs_filter: + description: Defines properties for a filter + properties: + meta: + $ref: '#/components/schemas/SLOs_filter_meta' + query: + type: object + title: Filter + type: object + SLOs_filter_meta: + description: Defines properties for a filter + properties: + alias: + nullable: true + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + group: + type: string + index: + type: string + isMultiIndex: + type: boolean + key: + type: string + negate: + type: boolean + params: + type: object + type: + type: string + value: + type: string + title: FilterMeta + type: object + SLOs_find_slo_response: + description: | + A paginated response of SLOs matching the query. + properties: + page: + example: 1 + type: number + perPage: + example: 25 + type: number + results: + items: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + type: array + total: + example: 34 + type: number + title: Find SLO response + type: object + SLOs_indicator_properties_apm_availability: + description: Defines properties for the APM availability indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - Dest: - count: 0 - name: Dest + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestAirportID: - count: 0 - name: DestAirportID + index: + description: The index used by APM metrics + example: 'metrics-apm*,apm*' type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestCityName: - count: 0 - name: DestCityName + service: + description: The APM service name + example: o11y-app type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestCountry: - count: 0 - name: DestCountry + transactionName: + description: The APM transaction name or "*" + example: GET /my/api type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestLocation: - count: 0 - name: DestLocation - type: geo_point - esTypes: - - geo_point - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: geo_point - params: - transform: wkt - shortDotsEnable: false - isMapped: true - DestRegion: - count: 0 - name: DestRegion + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM availability + SLOs_indicator_properties_apm_latency: + description: Defines properties for the APM latency indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: 'metrics-apm*,apm*' + type: string + service: + description: The APM service name + example: o11y-app + type: string + threshold: + description: The latency threshold in milliseconds + example: 250 + type: number + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + - threshold + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM latency + SLOs_indicator_properties_custom_kql: + description: Defines properties for a custom query indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestWeather: - count: 0 - name: DestWeather + filter: + $ref: '#/components/schemas/SLOs_kql_with_filters' + good: + $ref: '#/components/schemas/SLOs_kql_with_filters_good' + index: + description: The index or index pattern to use + example: my-service-* type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DistanceKilometers: - count: 0 - name: DistanceKilometers - type: number - esTypes: - - float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - DistanceMiles: - count: 0 - name: DistanceMiles - type: number - esTypes: - - float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - FlightDelay: - count: 0 - name: FlightDelay - type: boolean - esTypes: - - boolean - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: boolean - shortDotsEnable: false - isMapped: true - FlightDelayMin: - count: 0 - name: FlightDelayMin - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - FlightDelayType: - count: 0 - name: FlightDelayType + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - FlightNum: - count: 0 - name: FlightNum + total: + $ref: '#/components/schemas/SLOs_kql_with_filters_total' + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.kql.custom + type: string + required: + - type + - params + title: Custom Query + SLOs_indicator_properties_custom_metric: + description: Defines properties for a custom metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - FlightTimeHour: - count: 0 - name: FlightTimeHour + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - FlightTimeMin: - count: 0 - name: FlightTimeMin - type: number - esTypes: - - float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - Origin: - count: 0 - name: Origin + good: + description: | + An object defining the "good" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "good" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + index: + description: The index or index pattern to use + example: my-service-* type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginAirportID: - count: 0 - name: OriginAirportID + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginCityName: - count: 0 - name: OriginCityName + total: + description: | + An object defining the "total" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "total" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: *' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.metric.custom + type: string + required: + - type + - params + title: Custom metric + SLOs_indicator_properties_histogram: + description: Defines properties for a histogram indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginCountry: - count: 0 - name: OriginCountry + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginLocation: - count: 0 - name: OriginLocation - type: geo_point - esTypes: - - geo_point - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: geo_point - params: - transform: wkt - shortDotsEnable: false - isMapped: true - OriginRegion: - count: 0 - name: OriginRegion + good: + description: | + An object defining the "good" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for good events. + example: 'processor.outcome: "success"' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + index: + description: The index or index pattern to use + example: my-service-* type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginWeather: - count: 0 - name: OriginWeather + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - _id: - count: 0 - name: _id + total: + description: | + An object defining the "total" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for total events. + example: 'processor.outcome : *' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.histogram.custom + type: string + required: + - type + - params + title: Histogram indicator + SLOs_indicator_properties_timeslice_metric: + description: Defines properties for a timeslice metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 type: string - esTypes: - - _id - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - _index: - count: 0 - name: _index + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' type: string - esTypes: - - _index - scripted: false - searchable: true - aggregatable: true - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - _score: - count: 0 - name: _score - type: number - scripted: false - searchable: false - aggregatable: false - readFromDocValues: false - format: - id: number - shortDotsEnable: false - isMapped: true - _source: - count: 0 - name: _source - type: _source - esTypes: - - _source - scripted: false - searchable: false - aggregatable: false - readFromDocValues: false - format: - id: _source - shortDotsEnable: false - isMapped: true - dayOfWeek: - count: 0 - name: dayOfWeek - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - timestamp: - count: 0 - name: timestamp - type: date - esTypes: - - date - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: date - shortDotsEnable: false - isMapped: true - fieldFormats: - hour_of_day: - id: number - params: - pattern: '00' - AvgTicketPrice: - id: number - params: - pattern: $0,0.[00] - runtimeFieldMap: - hour_of_day: - type: long - script: - source: emit(doc['timestamp'].value.getHour()); - fieldAttrs: {} - allowNoIndex: false - name: Kibana Sample Data Flights - Data_views_update_runtime_field_request: - summary: Update an existing runtime field on a data view. - value: - runtimeField: - script: - source: emit(doc["bar"].value) - Data_views_get_default_data_view_response: - summary: The get default data view API returns the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_set_default_data_view_request: - summary: Set the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - force: true - Data_views_swap_data_view_request: - summary: >- - Swap references from data view ID "abcd-efg" to "xyz-123" and remove the - data view that is no longer referenced. - value: - fromId: abcd-efg - toId: xyz-123 - delete: true - Data_views_preview_swap_data_view_request: - summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". - value: - fromId: abcd-efg - toId: xyz-123 - Machine_learning_APIs_mlSyncExample: - summary: Two anomaly detection jobs required synchronization in this example. - value: - savedObjectsCreated: - anomaly-detector: - myjob1: - success: true - myjob2: - success: true - savedObjectsDeleted: {} - datafeedsAdded: {} - datafeedsRemoved: {} - Serverless_saved_objects_export_objects_request: - summary: Export a specific saved object. - value: - objects: - - type: map - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - includeReferencesDeep: false - excludeExportDetails: true - Serverless_saved_objects_export_objects_response: - summary: >- - The export objects API response contains a JSON record for each exported - object. - value: - attributes: - description: '' - layerListJSON: >- - [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total - Requests by - Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web - logs - count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual - Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total - Requests and - Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web - logs - count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] - mapStateJSON: >- - {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} - title: '[Logs] Total Requests and Bytes' - uiStateJSON: '{"isDarkMode":false}' - coreMigrationVersion: 8.8.0 - created_at: '2023-08-23T20:03:32.204Z' - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - managed: false - references: - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_1_join_0_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_2_source_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_3_source_index_pattern - type: index-pattern - type: map - typeMigrationVersion: 8.4.0 - updated_at: '2023-08-23T20:03:32.204Z' - version: WzEzLDFd - Serverless_saved_objects_import_objects_request: - value: - file: file.ndjson - Serverless_saved_objects_import_objects_response: - summary: >- - The import objects API response indicates a successful import and the - objects are created. Since these objects are created as new copies, each - entry in the successResults array includes a destinationId attribute. - value: - successCount: 1 - success: true - successResults: - - type: index-pattern - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - meta: - title: Kibana Sample Data Logs - icon: indexPatternApp - managed: false - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 - responses: - Connectors_401: - description: Authorization information is missing or invalid. - content: - application/json: - schema: - type: object - title: Unauthorized response - properties: - error: - type: string - example: Unauthorized - enum: - - Unauthorized - message: - type: string - statusCode: - type: integer - example: 401 - enum: - - 401 - Connectors_404: - description: Object is not found. - content: - application/json: - schema: - type: object - title: Not found response - properties: - error: - type: string - example: Not Found - enum: - - Not Found - message: - type: string - example: >- - Saved object [action/baf33fc0-920c-11ed-b36a-874bd1548a00] not - found - statusCode: - type: integer - example: 404 - enum: - - 404 + index: + description: The index or index pattern to use + example: my-service-* + type: string + metric: + description: > + An object defining the metrics, equation, and threshold to + determine if it's a good slice or not + type: object + properties: + comparator: + description: >- + The comparator to use to compare the equation to the + threshold. + enum: + - GT + - GTE + - LT + - LTE + example: GT + type: string + equation: + description: The equation to calculate the metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + anyOf: + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_percentile_metric + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_doc_count_metric + type: array + threshold: + description: >- + The threshold used to determine if the metric is a good + slice or not. + example: 100 + type: number + required: + - metrics + - equation + - comparator + - threshold + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + required: + - index + - timestampField + - metric + type: + description: The type of indicator. + example: sli.metric.timeslice + type: string + required: + - type + - params + title: Timeslice metric + SLOs_kql_with_filters: + description: Defines properties for a filter + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL with filters + SLOs_kql_with_filters_good: + description: The KQL query used to define the good events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'request.latency <= 150 and request.status_code : "2xx"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for good events + SLOs_kql_with_filters_total: + description: The KQL query used to define all events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for all events + SLOs_objective: + description: Defines properties for the SLO objective + type: object + properties: + target: + description: the target objective between 0 and 1 excluded + example: 0.99 + exclusiveMaximum: true + exclusiveMinimum: true + maximum: 100 + minimum: 0 + type: number + timesliceTarget: + description: >- + the target objective for each slice when using a timeslices + budgeting method + example: 0.995 + maximum: 100 + minimum: 0 + type: number + timesliceWindow: + description: >- + the duration of each slice when using a timeslices budgeting method, + as {duraton}{unit} + example: 5m + type: string + required: + - target + title: Objective + SLOs_settings: + description: Defines properties for SLO settings. + properties: + frequency: + default: 1m + description: 'Configure how often the transform runs, default 1m' + example: 5m + type: string + preventInitialBackfill: + default: false + description: Prevents the transform from backfilling data when it starts. + example: true + type: boolean + syncDelay: + default: 1m + description: The synch delay to apply to the transform. Default 1m + example: 5m + type: string + title: Settings + type: object + SLOs_slo_definition_response: + title: SLO definition response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - enabled + - groupBy + - tags + - createdAt + - updatedAt + - version + SLOs_slo_with_summary_response: + title: SLO response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + instanceId: + description: 'the value derived from the groupBy field, if present, otherwise ''*''' + example: host-abcde + type: string + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + summary: + $ref: '#/components/schemas/SLOs_summary' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - summary + - enabled + - groupBy + - instanceId + - tags + - createdAt + - updatedAt + - version + SLOs_summary: + description: The SLO computed data + properties: + errorBudget: + $ref: '#/components/schemas/SLOs_error_budget' + sliValue: + example: 0.9836 + type: number + status: + $ref: '#/components/schemas/SLOs_summary_status' + required: + - status + - sliValue + - errorBudget + title: Summary + type: object + SLOs_summary_status: + enum: + - NO_DATA + - HEALTHY + - DEGRADING + - VIOLATED + example: HEALTHY + title: summary status + type: string + SLOs_time_window: + description: Defines properties for the SLO time window + type: object + properties: + duration: + description: >- + the duration formatted as {duration}{unit}. Accepted values for + rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w + (weekly) or 1M (monthly) + example: 30d + type: string + type: + description: >- + Indicates weither the time window is a rolling or a calendar aligned + time window. + enum: + - rolling + - calendarAligned + example: rolling + type: string + required: + - duration + - type + title: Time window + SLOs_timeslice_metric_basic_metric_with_field: + type: object + properties: + aggregation: + description: The aggregation type of the metric. + enum: + - sum + - avg + - min + - max + - std_deviation + - last_value + - cardinality + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + required: + - name + - aggregation + - field + title: Timeslice Metric Basic Metric with Field + SLOs_timeslice_metric_doc_count_metric: + type: object + properties: + aggregation: + description: The aggregation type of the metric. Only valid option is "doc_count" + enum: + - doc_count + example: doc_count + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + required: + - name + - aggregation + title: Timeslice Metric Doc Count Metric + SLOs_timeslice_metric_percentile_metric: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option is + "percentile" + enum: + - percentile + example: percentile + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + percentile: + description: The percentile value. + example: 95 + type: number + required: + - name + - aggregation + - field + - percentile + title: Timeslice Metric Percentile Metric + SLOs_update_slo_request: + description: > + The update SLO API request body varies depending on the type of + indicator, time window and budgeting method. Partial update is handled. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + title: Update SLO request + type: object securitySchemes: - Kibana_HTTP_APIs_apiKeyAuth: + apiKeyAuth: + description: > + These APIs use key-based authentication. You must create an API key and + use the encoded value in the request header. For example: + `Authorization: ApiKey base64AccessApiKey` in: header name: Authorization type: apiKey - Kibana_HTTP_APIs_basicAuth: - scheme: basic - type: http -x-tagGroups: - - name: APM UI - tags: - - APM agent keys - - APM annotations - - name: Connectors - tags: - - connectors - - name: Data views - tags: - - data views - - name: Machine learning APIs - tags: - - ml - - name: Serverless saved objects - tags: - - saved objects - - name: SLOs - tags: - - slo - - name: Kibana HTTP APIs - tags: - - system +security: + - apiKeyAuth: [] +tags: + - description: > + Configure APM agent keys to authorize requests from APM agents to the APM + Server. + name: APM agent keys + - description: > + Annotate visualizations in the APM app with significant events. + Annotations enable you to easily see how events are impacting the + performance of your applications. + name: APM annotations + - description: Connector APIs enable you to create and manage connectors. + name: connectors + - description: >- + Data view APIs enable you to manage data views, formerly known as Kibana + index patterns. + name: data views + - description: Machine learning + name: ml + - description: >- + Manage Kibana saved objects, including dashboards, visualizations, and + more. + name: saved objects + - description: Manage and interact with Security Assistant resources. + name: Security AI Assistant API + - description: >- + You can create rules that automatically turn events and external alerts + sent to Elastic Security into detection alerts. These alerts are displayed + on the Detections page. + name: Security Solution Detections API + - description: Interact with and manage endpoints running the Elastic Defend integration. + name: Security Solution Endpoint Management API + - description: '' + name: Security Solution Entity Analytics API + - description: >- + Exceptions API allows you to manage detection rule exceptions to prevent a + rule from generating an alert from incoming events even when the rule's + other criteria are met. + name: Security Solution Exceptions API + - description: 'Lists API allows you to manage lists of keywords, IPs or IP ranges items.' + name: Security Solution Lists API + - description: 'Run live queries, manage packs and saved queries.' + name: Security Solution Osquery API + - description: >- + You can create Timelines and Timeline templates via the API, as well as + import new Timelines from an ndjson file. + name: Security Solution Timeline API + - description: 'SLO APIs enable you to define, manage and track service-level objectives' + name: slo + - name: system diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index a16a834c63e73..977a910dabf6b 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -1,6 +1,7 @@ openapi: 3.0.3 info: - title: Kibana APIs + contact: + name: Kibana Team description: > The Kibana REST APIs enable you to manage resources such as connectors, data views, and saved objects. @@ -45,18372 +46,10638 @@ info: For more information about the console, refer to [Run API requests](https://www.elastic.co/guide/en/kibana/current/console-kibana.html). - version: 1.0.2 license: name: Elastic License 2.0 - url: https://www.elastic.co/licensing/elastic-license - contact: - name: Kibana Team + url: 'https://www.elastic.co/licensing/elastic-license' + title: Kibana APIs + version: 1.0.2 servers: - - url: / - - url: https://{kibana_url} + - url: 'https://{kibana_url}' variables: kibana_url: - default: localhost:5601 - - url: http://localhost:5622 -tags: - - name: alerting - description: Alerting APIs enable you to create and manage rules and alerts. - x-displayName: alerting - - name: APM agent keys - description: > - Configure APM agent keys to authorize requests from APM agents to the APM - Server. - x-displayName: APM agent keys - - name: APM annotations - description: > - Annotate visualizations in the APM app with significant events. - Annotations enable you to easily see how events are impacting the - performance of your applications. - x-displayName: APM annotations - - name: cases - description: Case APIs enable you to open and track issues. - x-displayName: cases - - name: connectors - description: Connector APIs enable you to create and manage connectors. - x-displayName: connectors - - name: data views - description: >- - Data view APIs enable you to manage data views, formerly known as Kibana - index patterns. - x-displayName: data views - - name: ml - description: Machine learning - x-displayName: ml - - name: saved objects - description: >- - Manage Kibana saved objects, including dashboards, visualizations, and - more. - x-displayName: saved objects - - name: system - x-displayName: system + default: 'localhost:5601' paths: - /api/alerting/rule: - post: - summary: Create a rule with a random identifier - operationId: createRule - description: > - To create a rule, you must have `all` privileges for the appropriate - Kibana features, depending on the `consumer` and `rule_type_id` of the - rule you're creating. For example, you must have privileges for the - **Management > Stack rules** feature, **Analytics > Discover** and - **Machine Learning** features, **Observability** features, or - **Security** features. If the rule has actions, you must also have - `read` privileges for the **Management > Actions and Connectors** - feature. This API supports both key- and token-based authentication. To - use key-based authentication, create an API key in Kibana and use it in - the header of the API call. To use token-based authentication, provide a - username and password; an API key that matches the current privileges of - the user is created automatically. In both cases, the API key is - subsequently used for authorization when the rule runs. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_create_rule_request' - examples: - createEsQueryEsqlRuleRequest: - $ref: >- - #/components/examples/Alerting_create_es_query_esql_rule_request - createEsQueryRuleRequest: - $ref: '#/components/examples/Alerting_create_es_query_rule_request' - createEsQueryKqlRuleRequest: - $ref: >- - #/components/examples/Alerting_create_es_query_kql_rule_request - createIndexThresholdRuleRequest: - $ref: >- - #/components/examples/Alerting_create_index_threshold_rule_request - createTrackingContainmentRuleRequest: - $ref: >- - #/components/examples/Alerting_create_tracking_containment_rule_request + /api/actions: + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get all connectors API instead. + operationId: legacyGetConnectors responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_rule_response_properties' - examples: - createEsQueryEsqlRuleResponse: - $ref: >- - #/components/examples/Alerting_create_es_query_esql_rule_response - createEsQueryRuleResponse: - $ref: '#/components/examples/Alerting_create_es_query_rule_response' - createEsQueryKqlRuleResponse: - $ref: >- - #/components/examples/Alerting_create_es_query_kql_rule_response - createIndexThresholdRuleResponse: - $ref: >- - #/components/examples/Alerting_create_index_threshold_rule_response - createTrackingContainmentRuleResponse: - $ref: >- - #/components/examples/Alerting_create_tracking_containment_rule_response + items: + $ref: '#/components/schemas/Connectors_action_response_properties' + type: array + description: Indicates a successful call. '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - '404': - description: Object is not found. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_404_response' - /api/alerting/rule/{ruleId}: - get: - summary: Get rule details - operationId: getRule - description: > - You must have `read` privileges for the appropriate Kibana features, - depending on the `consumer` and `rule_type_id` of the rules you're - seeking. For example, the **Management > Stack Rules** feature, - **Analytics > Discover** and **Machine Learning** features, - **Observability** features, or **Security** features. To get rules - associated with the **Stack Monitoring** feature, use the - `monitoring_user` built-in role. + $ref: '#/components/responses/Connectors_401' + summary: Get all connectors tags: - - alerting + - connectors + post: + deprecated: true + description: Deprecated in 7.13.0. Use the create connector API instead. + operationId: legacyCreateConnector parameters: - - $ref: '#/components/parameters/Alerting_rule_id' + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + title: Legacy create connector request properties + type: object + properties: + actionTypeId: + description: The connector type identifier. + type: string + config: + description: >- + The configuration for the connector. Configuration + properties vary depending on the connector type. + type: object + name: + description: The display name for the connector. + type: string + secrets: + description: > + The secrets configuration for the connector. Secrets + configuration properties vary depending on the connector + type. NOTE: Remember these values. You must provide them + each time you update the connector. + type: object + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_rule_response_properties' - examples: - getRuleResponse: - $ref: '#/components/examples/Alerting_get_rule_response' + $ref: '#/components/responses/Connectors_200_actions' '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - '404': - description: Object is not found. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_404_response' + $ref: '#/components/responses/Connectors_401' + summary: Create a connector + tags: + - connectors + '/api/actions/action/{actionId}': delete: - summary: Delete a rule - operationId: deleteRule + deprecated: true description: > - To delete a rule, you must have `all` privileges for the appropriate - Kibana features, depending on the `consumer` and `rule_type_id` of the - rule you're deleting. For example, the **Management** > **Stack Rules** - feature, **Analytics** > **Discover** or **Machine Learning** features, - **Observability**, or **Security** features. WARNING: After you delete a - rule, you cannot recover it. If the API key that is used by the rule was - created automatically, it is deleted. - tags: - - alerting + Deprecated in 7.13.0. Use the delete connector API instead. WARNING: + When you delete a connector, it cannot be recovered. + operationId: legacyDeleteConnector parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_rule_id' + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_action_id' responses: '204': description: Indicates a successful call. '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - '404': - description: Object is not found. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_404_response' - post: - summary: Create a rule - operationId: createRuleId - description: > - This API creates a rule with a specific rule identifier. If you omit the - identifer, it is automatically generated. To create a rule, you must - have `all` privileges for the appropriate Kibana features, depending on - the `consumer` and `rule_type_id` of the rule you're creating. For - example, you must have privileges for the **Management > Stack rules** - feature, **Analytics > Discover** and **Machine Learning** features, - **Observability** features, or **Security** features. If the rule has - actions, you must also have `read` privileges for the **Management > - Actions and Connectors** feature. This API supports both key- and - token-based authentication. To use key-based authentication, create an - API key in Kibana and use it in the header of the API call. To use - token-based authentication, provide a username and password; an API key - that matches the current privileges of the user is created - automatically. In both cases, the API key is subsequently used for - authorization when the rule runs. + $ref: '#/components/responses/Connectors_401' + summary: Delete a connector tags: - - alerting + - connectors + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get connector API instead. + operationId: legacyGetConnector parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: ruleId - description: > - An UUID v1 or v4 identifier for the rule. If you omit this - parameter, an identifier is randomly generated. - required: true - schema: - type: string - example: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 + - $ref: '#/components/parameters/Connectors_action_id' + responses: + '200': + $ref: '#/components/responses/Connectors_200_actions' + '401': + $ref: '#/components/responses/Connectors_401' + summary: Get connector information + tags: + - connectors + put: + deprecated: true + description: Deprecated in 7.13.0. Use the update connector API instead. + operationId: legacyUpdateConnector + parameters: + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_action_id' requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_create_rule_request' - examples: - createEsQueryEsqlRuleIdRequest: - $ref: >- - #/components/examples/Alerting_create_es_query_esql_rule_request - createEsQueryRuleIdRequest: - $ref: '#/components/examples/Alerting_create_es_query_rule_request' - createEsQueryKqlRuleIdRequest: - $ref: >- - #/components/examples/Alerting_create_es_query_kql_rule_request - createIndexThreholdRuleIdRequest: - $ref: >- - #/components/examples/Alerting_create_index_threshold_rule_request + description: The properties vary depending on the connector type. + properties: + config: + description: >- + The new connector configuration. Configuration properties + vary depending on the connector type. + type: object + name: + description: The new name for the connector. + type: string + secrets: + description: >- + The updated secrets configuration for the connector. Secrets + properties vary depending on the connector type. + type: object + title: Legacy update connector request body properties + type: object + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_rule_response_properties' - examples: - createEsQueryEsqlRuleIdResponse: - $ref: >- - #/components/examples/Alerting_create_es_query_esql_rule_response - createEsQueryRuleIdResponse: - $ref: '#/components/examples/Alerting_create_es_query_rule_response' - createEsQueryKqlRuleIdResponse: - $ref: >- - #/components/examples/Alerting_create_es_query_kql_rule_response - createIndexThresholdRuleIdResponse: - $ref: >- - #/components/examples/Alerting_create_index_threshold_rule_response - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' + $ref: '#/components/responses/Connectors_200_actions' '404': - description: Object is not found. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_404_response' - put: - summary: Update a rule - operationId: updateRule - description: > - To update a rule, you must have `all` privileges for the appropriate - Kibana features, depending on the `consumer` and `rule_type_id` of the - rule you're updating. For example, you must have privileges for the - **Management > Stack rules** feature, **Analytics > Discover** and - **Machine Learning** features, **Observability** features, or - **Security** features. If the rule has actions, you must also have - `read` privileges for the **Management > Actions and Connectors** - feature. This API supports both key- and token-based authentication. To - use key-based authentication, create an API key in Kibana and use it in - the header of the API call. To use token-based authentication, provide a - username and password; an API key that matches the current privileges of - the user is created automatically. In both cases, the API key is - subsequently used for authorization when the rule runs. NOTE: If the API - key has different privileges than the key that created or most recently - updated the rule, the rule behavior might change. Though some properties - are optional, when you update the rule the existing property values are - overwritten with default values. Therefore, it is recommended to - explicitly set all property values. + $ref: '#/components/responses/Connectors_404' + summary: Update a connector tags: - - alerting + - connectors + '/api/actions/action/{actionId}/_execute': + post: + deprecated: true + description: Deprecated in 7.13.0. Use the run connector API instead. + operationId: legacyRunConnector parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_rule_id' + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_action_id' requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_update_rule_request' - examples: - updateRuleRequest: - $ref: '#/components/examples/Alerting_update_rule_request' + description: The properties vary depending on the connector type. + properties: + params: + description: >- + The parameters of the connector. Parameter properties vary + depending on the connector type. + type: object + required: + - params + title: Legacy run connector request body properties + type: object + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_rule_response_properties' - examples: - updateRuleResponse: - $ref: '#/components/examples/Alerting_update_rule_response' + type: object + properties: + actionId: + type: string + data: + oneOf: + - additionalProperties: true + description: Information returned from the action. + type: object + - description: An array of information returned from the action. + items: + type: object + type: array + status: + description: The status of the action. + type: string + description: Indicates a successful call. '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - '404': - description: Object is not found. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_404_response' - /api/alerting/rule/{ruleId}/_disable: - post: - summary: Disable a rule - operationId: disableRule - description: > - You must have `all` privileges for the appropriate Kibana features, - depending on the `consumer` and `rule_type_id` of the rule. For example, - the **Management > Stack Rules** feature, **Analytics > Discover** and - **Machine Learning** features, **Observability**, and **Security** - features. + $ref: '#/components/responses/Connectors_401' + summary: Run a connector tags: - - alerting + - connectors + /api/actions/connector: + post: + description: The connector identifier is randomly generated. + operationId: createConnector parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_rule_id' + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createEmailConnectorRequest: + $ref: >- + #/components/examples/Connectors_create_email_connector_request + createIndexConnectorRequest: + $ref: >- + #/components/examples/Connectors_create_index_connector_request + createWebhookConnectorRequest: + $ref: >- + #/components/examples/Connectors_create_webhook_connector_request + createXmattersConnectorRequest: + $ref: >- + #/components/examples/Connectors_create_xmatters_connector_request + schema: + $ref: '#/components/schemas/Connectors_create_connector_request' + required: true responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createEmailConnectorResponse: + $ref: >- + #/components/examples/Connectors_create_email_connector_response + createIndexConnectorResponse: + $ref: >- + #/components/examples/Connectors_create_index_connector_response + createWebhookConnectorResponse: + $ref: >- + #/components/examples/Connectors_create_webhook_connector_response + createXmattersConnectorResponse: + $ref: >- + #/components/examples/Connectors_create_xmatters_connector_response schema: - $ref: '#/components/schemas/Alerting_401_response' - '404': - description: Object is not found. + $ref: '#/components/schemas/Connectors_connector_response_properties' + description: Indicates a successful call. + '401': + $ref: '#/components/responses/Connectors_401' + summary: Create a connector with a random ID + tags: + - connectors + /api/actions/connector_types: + get: + operationId: getConnectorTypes + parameters: + - description: >- + A filter to limit the retrieved connector types to those that + support a specific feature (such as alerting or cases). + in: query + name: feature_id + schema: + $ref: '#/components/schemas/Connectors_features' + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getConnectorTypesServerlessResponse: + $ref: >- + #/components/examples/Connectors_get_connector_types_generativeai_response schema: - $ref: '#/components/schemas/Alerting_404_response' - /api/alerting/rule/{ruleId}/_enable: - post: - summary: Enable a rule - operationId: enableRule - description: > - To enable a rule, you must have `all` privileges for the appropriate - Kibana features, depending on the `consumer` and `rule_type_id` of the - rule. For example, the **Management > Stack Rules** feature, **Analytics - > Discover** and **Machine Learning** features, **Observability**, and - **Security** features. This API supports both key- and token-based - authentication. To use key-based authentication, create an API key in - Kibana and use it in the header of the API call. To use token-based - authentication, provide a username and password; an API key that matches - the current privileges of the user is created automatically. In both - cases, the API key is subsequently used for authorization when the rule - runs. + description: The properties vary for each connector type. + items: + type: object + properties: + enabled: + description: >- + Indicates whether the connector type is enabled in + Kibana. + example: true + type: boolean + enabled_in_config: + description: >- + Indicates whether the connector type is enabled in the + Kibana configuration file. + example: true + type: boolean + enabled_in_license: + description: >- + Indicates whether the connector is enabled in the + license. + example: true + type: boolean + id: + $ref: '#/components/schemas/Connectors_connector_types' + is_system_action_type: + example: false + type: boolean + minimum_license_required: + description: The license that is required to use the connector type. + example: basic + type: string + name: + description: The name of the connector type. + example: Index + type: string + supported_feature_ids: + description: The features that are supported by the connector type. + example: + - alerting + - cases + - siem + items: + $ref: '#/components/schemas/Connectors_features' + type: array + title: Get connector types response body properties + type: array + description: Indicates a successful call. + '401': + $ref: '#/components/responses/Connectors_401' + summary: Get all connector types tags: - - alerting + - connectors + '/api/actions/connector/{connectorId}': + delete: + operationId: deleteConnector parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_rule_id' + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_connector_id' responses: '204': description: Indicates a successful call. '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' + $ref: '#/components/responses/Connectors_401' '404': - description: Object is not found. + $ref: '#/components/responses/Connectors_404' + summary: Delete a connector + tags: + - connectors + get: + operationId: getConnector + parameters: + - $ref: '#/components/parameters/Connectors_connector_id' + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getConnectorResponse: + $ref: '#/components/examples/Connectors_get_connector_response' schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerting/rules/_find: - get: - summary: Find rule information - operationId: findRules - description: > - You must have `read` privileges for the appropriate Kibana features, - depending on the `consumer` and `rule_type_id` of the rules you're - seeking. For example, you must have privileges for the **Management > - Stack rules** feature, **Analytics > Discover** and **Machine Learning** - features, **Observability** features, or **Security** features. To find - rules associated with the **Stack Monitoring** feature, use the - `monitoring_user` built-in role. + $ref: '#/components/schemas/Connectors_connector_response_properties' + description: Indicates a successful call. + '401': + $ref: '#/components/responses/Connectors_401' + '404': + $ref: '#/components/responses/Connectors_404' + summary: Get a connector information tags: - - alerting + - connectors + post: + operationId: createConnectorId parameters: - - name: default_search_operator - in: query - description: The default operator to use for the simple_query_string. - schema: - type: string - default: OR - example: OR - - name: fields - in: query - description: The fields to return in the `attributes` key of the response. - schema: - type: array - items: - type: string - - name: filter - in: query - description: > - A KQL string that you filter with an attribute from your saved - object. It should look like `savedObjectType.attributes.title: - "myTitle"`. However, if you used a direct attribute of a saved - object, such as `updatedAt`, you must define your filter, for - example, `savedObjectType.updatedAt > 2018-12-22`. - schema: - type: string - - name: has_reference - in: query - description: >- - Filters the rules that have a relation with the reference objects - with a specific type and identifier. - schema: - type: object - properties: - id: - type: string - type: - type: string - - name: page - in: query - description: The page number to return. - schema: - type: integer - default: 1 - example: 1 - - name: per_page - in: query - description: The number of rules to return per page. - schema: - type: integer - default: 20 - example: 20 - - name: search - in: query - description: >- - An Elasticsearch simple_query_string query that filters the objects - in the response. - schema: - type: string - example: threshold +-test* - - name: search_fields - in: query - description: The fields to perform the simple_query_string parsed query against. - schema: - oneOf: - - type: string - example: name - - type: array - items: - type: string - - name: sort_field - in: query - description: > - Determines which field is used to sort the results. The field must - exist in the `attributes` key of the response. - schema: - type: string - - name: sort_order - in: query - description: Determines the sort order. + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - description: > + A UUID v1 or v4 identifier for the connector. If you omit this + parameter, an identifier is randomly generated. + in: path + name: connectorId + required: true schema: + example: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 type: string - enum: - - asc - - desc - default: desc - example: asc + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createIndexConnectorRequest: + $ref: >- + #/components/examples/Connectors_create_index_connector_request + schema: + $ref: '#/components/schemas/Connectors_create_connector_request' + required: true responses: '200': - description: Indicates a successful call. content: - application/json: - schema: - type: object - properties: - data: - type: array - items: - $ref: '#/components/schemas/Alerting_rule_response_properties' - page: - type: integer - per_page: - type: integer - total: - type: integer + application/json; Elastic-Api-Version=2023-10-31: examples: - findRulesResponse: - $ref: '#/components/examples/Alerting_find_rules_response' - findConditionalActionRulesResponse: + createIndexConnectorResponse: $ref: >- - #/components/examples/Alerting_find_rules_response_conditional_action - '401': - description: Authorization information is missing or invalid. - content: - application/json: + #/components/examples/Connectors_create_index_connector_response schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerting/_health: - get: - summary: Get the alerting framework health - operationId: getAlertingHealth - description: > - You must have `read` privileges for the **Management > Stack Rules** - feature or for at least one of the **Analytics > Discover**, **Analytics - > Machine Learning**, **Observability**, or **Security** features. - tags: - - alerting - responses: - '200': + $ref: '#/components/schemas/Connectors_connector_response_properties' description: Indicates a successful call. - content: - application/json: - schema: - type: object - properties: - alerting_framework_health: - type: object - description: > - Three substates identify the health of the alerting - framework: `decryption_health`, `execution_health`, and - `read_health`. - properties: - decryption_health: - type: object - description: The timestamp and status of the rule decryption. - properties: - status: - type: string - example: ok - enum: - - error - - ok - - warn - timestamp: - type: string - format: date-time - example: '2023-01-13T01:28:00.280Z' - execution_health: - type: object - description: The timestamp and status of the rule run. - properties: - status: - type: string - example: ok - enum: - - error - - ok - - warn - timestamp: - type: string - format: date-time - example: '2023-01-13T01:28:00.280Z' - read_health: - type: object - description: The timestamp and status of the rule reading events. - properties: - status: - type: string - example: ok - enum: - - error - - ok - - warn - timestamp: - type: string - format: date-time - example: '2023-01-13T01:28:00.280Z' - has_permanent_encryption_key: - type: boolean - description: >- - If `false`, the encrypted saved object plugin does not - have a permanent encryption key. - example: true - is_sufficiently_secure: - type: boolean - description: If `false`, security is enabled but TLS is not. - example: true - examples: - getAlertingHealthResponse: - $ref: '#/components/examples/Alerting_get_health_response' '401': - description: Authorization information is missing or invalid. + $ref: '#/components/responses/Connectors_401' + summary: Create a connector + tags: + - connectors + put: + operationId: updateConnector + parameters: + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_connector_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateIndexConnectorRequest: + $ref: >- + #/components/examples/Connectors_update_index_connector_request + schema: + $ref: '#/components/schemas/Connectors_update_connector_request' + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerting/rule_types: - get: - summary: Get the rule types - operationId: getRuleTypes - description: > - If you have `read` privileges for one or more Kibana features, the API - response contains information about the appropriate rule types. For - example, there are rule types associated with the **Management > Stack - Rules** feature, **Analytics > Discover** and **Machine Learning** - features, **Observability** features, and **Security** features. To get - rule types associated with the **Stack Monitoring** feature, use the - `monitoring_user` built-in role. + $ref: '#/components/schemas/Connectors_connector_response_properties' + description: Indicates a successful call. + '400': + $ref: '#/components/responses/Connectors_401' + '401': + $ref: '#/components/responses/Connectors_401' + '404': + $ref: '#/components/responses/Connectors_404' + summary: Update a connector tags: - - alerting + - connectors + '/api/actions/connector/{connectorId}/_execute': + post: + description: > + You can use this API to test an action that involves interaction with + Kibana services or integrations with third-party systems. You must have + `read` privileges for the **Actions and Connectors** feature in the + **Management** section of the Kibana feature privileges. If you use an + index connector, you must also have `all`, `create`, `index`, or `write` + indices privileges. + operationId: runConnector + parameters: + - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - $ref: '#/components/parameters/Connectors_connector_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + runCasesWebhookConnectorRequest: + $ref: >- + #/components/examples/Connectors_run_cases_webhook_connector_request + runEmailConnectorRequest: + $ref: '#/components/examples/Connectors_run_email_connector_request' + runIndexConnectorRequest: + $ref: '#/components/examples/Connectors_run_index_connector_request' + runJiraConnectorRequest: + $ref: '#/components/examples/Connectors_run_jira_connector_request' + runPagerDutyConnectorRequest: + $ref: >- + #/components/examples/Connectors_run_pagerduty_connector_request + runServerLogConnectorRequest: + $ref: >- + #/components/examples/Connectors_run_server_log_connector_request + runServiceNowITOMConnectorRequest: + $ref: >- + #/components/examples/Connectors_run_servicenow_itom_connector_request + runSlackConnectorRequest: + $ref: >- + #/components/examples/Connectors_run_slack_api_connector_request + runSwimlaneConnectorRequest: + $ref: >- + #/components/examples/Connectors_run_swimlane_connector_request + schema: + $ref: '#/components/schemas/Connectors_run_connector_request' + required: true responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + runCasesWebhookConnectorResponse: + $ref: >- + #/components/examples/Connectors_run_cases_webhook_connector_response + runEmailConnectorResponse: + $ref: >- + #/components/examples/Connectors_run_email_connector_response + runIndexConnectorResponse: + $ref: >- + #/components/examples/Connectors_run_index_connector_response + runJiraConnectorResponse: + $ref: '#/components/examples/Connectors_run_jira_connector_response' + runPagerDutyConnectorResponse: + $ref: >- + #/components/examples/Connectors_run_pagerduty_connector_response + runServerLogConnectorResponse: + $ref: >- + #/components/examples/Connectors_run_server_log_connector_response + runServiceNowITOMConnectorResponse: + $ref: >- + #/components/examples/Connectors_run_servicenow_itom_connector_response + runSlackConnectorResponse: + $ref: >- + #/components/examples/Connectors_run_slack_api_connector_response + runSwimlaneConnectorResponse: + $ref: >- + #/components/examples/Connectors_run_swimlane_connector_response + schema: + type: object + properties: + connector_id: + description: The identifier for the connector. + type: string + data: + oneOf: + - additionalProperties: true + description: Information returned from the action. + type: object + - description: An array of information returned from the action. + items: + type: object + type: array + status: + description: The status of the action. + enum: + - error + - ok + type: string + required: + - connector_id + - status description: Indicates a successful call. + '401': + $ref: '#/components/responses/Connectors_401' + summary: Run a connector + tags: + - connectors + /api/actions/connectors: + get: + operationId: getConnectors + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getConnectorsResponse: + $ref: '#/components/examples/Connectors_get_connectors_response' schema: + items: + $ref: >- + #/components/schemas/Connectors_connector_response_properties type: array + description: Indicates a successful call. + '401': + $ref: '#/components/responses/Connectors_401' + summary: Get all connectors + tags: + - connectors + /api/actions/list_action_types: + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get all connector types API instead. + operationId: legacyGetConnectorTypes + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + description: The properties vary for each connector type. items: type: object properties: - action_groups: - description: > - An explicit list of groups for which the rule type can - schedule actions, each with the action group's unique ID - and human readable name. Rule actions validation uses - this configuration to ensure that groups are valid. - type: array - items: - type: object - properties: - id: - type: string - name: - type: string - action_variables: - description: > - A list of action variables that the rule type makes - available via context and state in action parameter - templates, and a short human readable description. When - you create a rule in Kibana, it uses this information to - prompt you for these variables in action parameter - editors. - type: object - properties: - context: - type: array - items: - type: object - properties: - name: - type: string - description: - type: string - useWithTripleBracesInTemplates: - type: boolean - params: - type: array - items: - type: object - properties: - description: - type: string - name: - type: string - state: - type: array - items: - type: object - properties: - description: - type: string - name: - type: string - alerts: - type: object - description: > - Details for writing alerts as data documents for this - rule type. - properties: - context: - type: string - description: | - The namespace for this rule type. - enum: - - ml.anomaly-detection - - observability.apm - - observability.logs - - observability.metrics - - observability.slo - - observability.threshold - - observability.uptime - - security - - stack - dynamic: - type: string - description: Indicates whether new fields are added dynamically. - enum: - - 'false' - - runtime - - strict - - 'true' - isSpaceAware: - type: boolean - description: > - Indicates whether the alerts are space-aware. If - true, space-specific alert indices are used. - mappings: - type: object - properties: - fieldMap: - type: object - description: > - Mapping information for each field supported in - alerts as data documents for this rule type. For - more information about mapping parameters, refer - to the Elasticsearch documentation. - additionalProperties: - $ref: >- - #/components/schemas/Alerting_fieldmap_properties - secondaryAlias: - type: string - description: > - A secondary alias. It is typically used to support - the signals alias for detection rules. - shouldWrite: - type: boolean - description: > - Indicates whether the rule should write out alerts - as data. - useEcs: - type: boolean - description: > - Indicates whether to include the ECS component - template for the alerts. - useLegacyAlerts: - type: boolean - default: false - description: > - Indicates whether to include the legacy component - template for the alerts. - authorized_consumers: - description: >- - The list of the plugins IDs that have access to the rule - type. - type: object - properties: - alerts: - type: object - properties: - all: - type: boolean - read: - type: boolean - apm: - type: object - properties: - all: - type: boolean - read: - type: boolean - discover: - type: object - properties: - all: - type: boolean - read: - type: boolean - infrastructure: - type: object - properties: - all: - type: boolean - read: - type: boolean - logs: - type: object - properties: - all: - type: boolean - read: - type: boolean - ml: - type: object - properties: - all: - type: boolean - read: - type: boolean - monitoring: - type: object - properties: - all: - type: boolean - read: - type: boolean - siem: - type: object - properties: - all: - type: boolean - read: - type: boolean - slo: - type: object - properties: - all: - type: boolean - read: - type: boolean - stackAlerts: - type: object - properties: - all: - type: boolean - read: - type: boolean - uptime: - type: object - properties: - all: - type: boolean - read: - type: boolean - category: - type: string - description: >- - The rule category, which is used by features such as - category-specific maintenance windows. - enum: - - management - - observability - - securitySolution - default_action_group_id: - description: The default identifier for the rule type group. - type: string - does_set_recovery_context: + enabled: description: >- - Indicates whether the rule passes context variables to - its recovery action. + Indicates whether the connector type is enabled in + Kibana. type: boolean - enabled_in_license: + enabledInConfig: description: >- - Indicates whether the rule type is enabled or disabled - based on the subscription. - type: boolean - has_alerts_mappings: + Indicates whether the connector type is enabled in the + Kibana `.yml` file. type: boolean + enabledInLicense: description: >- - Indicates whether the rule type has custom mappings for - the alert data. - has_fields_for_a_a_d: + Indicates whether the connector is enabled in the + license. + example: true type: boolean id: - description: The unique identifier for the rule type. + description: The unique identifier for the connector type. type: string - is_exportable: - description: >- - Indicates whether the rule type is exportable in **Stack - Management > Saved Objects**. - type: boolean - minimum_license_required: - description: The subscriptions required to use the rule type. + minimumLicenseRequired: + description: The license that is required to use the connector type. type: string - example: basic name: - description: The descriptive name of the rule type. - type: string - producer: - description: >- - An identifier for the application that produces this - rule type. - type: string - example: stackAlerts - recovery_action_group: - description: >- - An action group to use when an alert goes from an active - state to an inactive one. - type: object - properties: - id: - type: string - name: - type: string - rule_task_timeout: + description: The name of the connector type. type: string - example: 5m - examples: - getRuleTypesResponse: - $ref: '#/components/examples/Alerting_get_rule_types_response' - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerting/rule/{ruleId}/_mute_all: - post: - summary: Mute all alerts - operationId: muteAllAlerts - description: > - This API snoozes the notifications for the rule indefinitely. The rule - checks continue to occur but alerts will not trigger any actions. You - must have `all` privileges for the appropriate Kibana features, - depending on the `consumer` and `rule_type_id` of the rule. For example, - the **Management > Stack Rules** feature, **Analytics > Discover** and - **Machine Learning** features, **Observability**, and **Security** - features. If the rule has actions, you must also have `read` privileges - for the **Management > Actions and Connectors** feature. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_rule_id' - responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerting/rule/{ruleId}/_unmute_all: - post: - summary: Unmute all alerts - operationId: unmuteAllAlerts - description: > - If the rule has its notifications snoozed indefinitely, this API cancels - the snooze. You must have `all` privileges for the appropriate Kibana - features, depending on the `consumer` and `rule_type_id` of the rule. - For example, the **Management > Stack Rules** feature, **Analytics > - Discover** and **Machine Learning** features, **Observability**, and - **Security** features. If the rule has actions, you must also have - `read` privileges for the **Management > Actions and Connectors** - feature. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_rule_id' - responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerting/rule/{ruleId}/_update_api_key: - post: - summary: Update the API key for a rule - operationId: updateRuleAPIKey - description: >- - The new API key has the credentials of the user that submits the - request. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_rule_id' - responses: - '200': - description: Indicates a successful call. - '400': - description: Bad request - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_400_response' - /api/alerting/rule/{ruleId}/alert/{alertId}/_mute: - post: - summary: Mute an alert - operationId: muteAlert - description: > - You must have `all` privileges for the appropriate Kibana features, - depending on the `consumer` and `rule_type_id` of the rule. For example, - the **Management > Stack Rules** feature, **Analytics > Discover** and - **Machine Learning** features, **Observability**, and **Security** - features. If the rule has actions, you must also have `read` privileges - for the **Management > Actions and Connectors** feature. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_alert_id' - - $ref: '#/components/parameters/Alerting_rule_id' - responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerting/rule/{ruleId}/alert/{alertId}/_unmute: - post: - summary: Unmute an alert - operationId: unmuteAlert - description: > - You must have `all` privileges for the appropriate Kibana features, - depending on the `consumer` and `rule_type_id` of the rule. For example, - the **Management > Stack Rules** feature, **Analytics > Discover** and - **Machine Learning** features, **Observability**, and **Security** - features. If the rule has actions, you must also have `read` privileges - for the **Management > Actions and Connectors** feature. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - $ref: '#/components/parameters/Alerting_alert_id' - - $ref: '#/components/parameters/Alerting_rule_id' - responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alert/{alertId}: - delete: - summary: Delete an alert - operationId: legaryDeleteAlert - deprecated: true - description: > - Deprecated in 7.13.0. Use the delete rule API instead. WARNING: After - you delete an alert, you cannot recover it. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: The identifier for the alert. - required: true - schema: - type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - responses: - '204': + title: Legacy get connector types response body properties + type: array description: Indicates a successful call. '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - get: - summary: Get an alert by identifier - operationId: legacyGetAlert - deprecated: true - description: Deprecated in 7.13.0. Use the get rule API instead. + $ref: '#/components/responses/Connectors_401' + summary: Get connector types tags: - - alerting - parameters: - - in: path - name: alertId - description: The identifier for the alert. - required: true - schema: - type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - responses: - '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_alert_response_properties' - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' + - connectors + /api/apm/agent_keys: post: - summary: Create an alert - operationId: legacyCreateAlert - deprecated: true - description: Deprecated in 7.13.0. Use the create rule API instead. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: >- - An UUID v1 or v4 identifier for the alert. If this parameter is - omitted, the identifier is randomly generated. - required: true - schema: - type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + description: Create a new agent key for APM. + operationId: createAgentKey requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - title: Legacy create alert request properties type: object - required: - - alertTypeId - - consumer - - name - - notifyWhen - - params - - schedule properties: - actions: - type: array - items: - type: object - required: - - actionTypeId - - group - - id - - params - properties: - actionTypeId: - type: string - description: The identifier for the action type. - group: - type: string - description: > - Grouping actions is recommended for escalations for - different types of alert instances. If you don't need - this functionality, set it to `default`. - id: - type: string - description: The ID of the action saved object. - params: - type: object - description: > - The map to the `params` that the action type will - receive. `params` are handled as Mustache templates - and passed a default set of context. - alertTypeId: - type: string - description: >- - The ID of the alert type that you want to call when the - alert is scheduled to run. - consumer: - type: string - description: >- - The name of the application that owns the alert. This name - has to match the Kibana feature name, as that dictates the - required role-based access control privileges. - enabled: - type: boolean - description: >- - Indicates if you want to run the alert on an interval basis - after it is created. name: type: string - description: A name to reference and search. - notifyWhen: - type: string - description: The condition for throttling the notification. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - params: - type: object - description: >- - The parameters to pass to the alert type executor `params` - value. This will also validate against the alert type params - validator, if defined. - schedule: - type: object - description: > - The schedule specifying when this alert should be run. A - schedule is structured such that the key specifies the - format you wish to use and its value specifies the schedule. - properties: - interval: - type: string - description: >- - The interval format specifies the interval in seconds, - minutes, hours or days at which the alert should run. - example: 10s - tags: - type: array + privileges: items: + enum: + - 'event:write' + - 'config_agent:read' type: string - description: A list of keywords to reference and search. - throttle: - type: string - description: > - How often this alert should fire the same actions. This will - prevent the alert from sending out the same notification - over and over. For example, if an alert with a schedule of 1 - minute stays in a triggered state for 90 minutes, setting a - throttle of `10m` or `1h` will prevent it from sending 90 - notifications during this period. + type: array + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_alert_response_properties' - '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - put: - summary: Update an alert - operationId: legacyUpdateAlert - deprecated: true - description: Deprecated in 7.13.0. Use the update rule API instead. + type: object + properties: + api_key: + type: string + encoded: + type: string + expiration: + format: int64 + type: integer + id: + type: string + name: + type: string + description: Agent key created successfully + summary: Create an APM agent key tags: - - alerting + - APM agent keys + '/api/apm/services/{serviceName}/annotation': + post: + description: Create a new annotation for a specific service. + operationId: createAnnotation parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: The identifier for the alert. + - description: The name of the service + in: path + name: serviceName required: true schema: type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - title: Legacy update alert request properties type: object - required: - - name - - notifyWhen - - params - - schedule properties: - actions: - type: array - items: - type: object - required: - - actionTypeId - - group - - id - - params - properties: - actionTypeId: - type: string - description: The identifier for the action type. - group: - type: string - description: > - Grouping actions is recommended for escalations for - different types of alert instances. If you don't need - this functionality, set it to `default`. - id: - type: string - description: The ID of the action saved object. - params: - type: object - description: > - The map to the `params` that the action type will - receive. `params` are handled as Mustache templates - and passed a default set of context. - name: + '@timestamp': type: string - description: A name to reference and search. - notifyWhen: + message: type: string - description: The condition for throttling the notification. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - params: - type: object - description: >- - The parameters to pass to the alert type executor `params` - value. This will also validate against the alert type params - validator, if defined. - schedule: + service: type: object - description: > - The schedule specifying when this alert should be run. A - schedule is structured such that the key specifies the - format you wish to use and its value specifies the schedule. properties: - interval: + environment: + type: string + version: type: string - description: >- - The interval format specifies the interval in seconds, - minutes, hours or days at which the alert should run. - example: 1d tags: - type: array items: type: string - description: A list of keywords to reference and search. - throttle: - type: string - description: > - How often this alert should fire the same actions. This will - prevent the alert from sending out the same notification - over and over. For example, if an alert with a schedule of 1 - minute stays in a triggered state for 90 minutes, setting a - throttle of `10m` or `1h` will prevent it from sending 90 - notifications during this period. + type: array + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_alert_response_properties' - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alert/{alertId}/_disable: - post: - summary: Disable an alert - operationId: legacyDisableAlert - deprecated: true - description: Deprecated in 7.13.0. Use the disable rule API instead. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: The identifier for the alert. - required: true - schema: - type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alert/{alertId}/_enable: - post: - summary: Enable an alert - operationId: legacyEnableAlert - deprecated: true - description: Deprecated in 7.13.0. Use the enable rule API instead. - tags: - - alerting - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: The identifier for the alert. + type: object + properties: + _id: + type: string + _index: + type: string + _source: + type: object + properties: + '@timestamp': + type: string + annotation: + type: string + event: + type: object + properties: + created: + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + name: + type: string + version: + type: string + tags: + items: + type: string + type: array + description: Annotation created successfully + summary: Create a service annotation + tags: + - APM annotations + '/api/apm/services/{serviceName}/annotation/search': + get: + description: Search for annotations related to a specific service. + operationId: getAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName required: true schema: type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + - description: The environment to filter annotations by + in: query + name: environment + required: false + schema: + type: string + - description: The start date for the search + in: query + name: start + required: false + schema: + type: string + - description: The end date for the search + in: query + name: end + required: false + schema: + type: string responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alert/{alertId}/_mute_all: - post: - summary: Mute all alert instances - operationId: legacyMuteAllAlertInstances - deprecated: true - description: Deprecated in 7.13.0. Use the mute all alerts API instead. + type: object + properties: + annotations: + items: + type: object + properties: + '@timestamp': + type: number + id: + type: string + text: + type: string + type: + enum: + - version + type: string + type: array + description: Successful response + summary: Search for annotations tags: - - alerting + - APM annotations + /api/asset_criticality: + delete: + operationId: DeleteAssetCriticalityRecord parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: The identifier for the alert. + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field required: true schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + - description: If 'wait_for' the request will wait for the index refresh. + in: query + name: refresh + required: false + schema: + enum: + - wait_for type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alert/{alertId}/_unmute_all: - post: - summary: Unmute all alert instances - operationId: legacyUnmuteAllAlertInstances - deprecated: true - description: Deprecated in 7.13.0. Use the unmute all alerts API instead. + type: object + properties: + deleted: + description: >- + If the record was deleted. If false the record did not + exist. + type: boolean + record: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + required: + - deleted + description: Successful response + '400': + description: Invalid request + summary: Delete Criticality Record tags: - - alerting + - Security Solution Entity Analytics API + get: + operationId: GetAssetCriticalityRecord parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: The identifier for the alert. + - description: The ID value of the asset. + in: query + name: id_value required: true schema: type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alerts/_find: - get: - summary: Get a paginated set of alerts - operationId: legacyFindAlerts - deprecated: true - description: > - Deprecated in 7.13.0. Use the find rules API instead. NOTE: Alert - `params` are stored as a flattened field type and analyzed as keywords. - As alerts change in Kibana, the results on each page of the response - also change. Use the find API for traditional paginated results, but - avoid using it to export large amounts of data. + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + '404': + description: Criticality record not found + summary: Get Criticality Record tags: - - alerting + - Security Solution Entity Analytics API + post: + operationId: CreateAssetCriticalityRecord + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + refresh: + description: >- + If 'wait_for' the request will wait for the index + refresh. + enum: + - wait_for + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + summary: Create Criticality Record + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/bulk: + post: + operationId: BulkUpsertAssetCriticalityRecords + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + records: + - criticality_level: low_impact + id_field: host.name + id_value: host-1 + - criticality_level: medium_impact + id_field: host.name + id_value: host-2 + type: object + properties: + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + maxItems: 1000 + minItems: 1 + type: array + required: + - records + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + errors: + - index: 0 + message: Invalid ID field + stats: + failed: 1 + successful: 1 + total: 2 + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem + type: array + stats: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats + required: + - errors + - stats + description: Bulk upload successful + '413': + description: File too large + summary: >- + Bulk upsert asset criticality data, creating or updating records as + needed + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/list: + post: + operationId: FindAssetCriticalityRecords parameters: - - name: default_search_operator + - description: The field to sort by. in: query - description: The default operator to use for the `simple_query_string`. + name: sort_field + required: false schema: + enum: + - id_value + - id_field + - criticality_level + - \@timestamp type: string - default: OR - example: OR - - name: fields - in: query - description: The fields to return in the `attributes` key of the response. - schema: - type: array - items: - type: string - - name: filter + - description: The order to sort by. in: query - description: > - A KQL string that you filter with an attribute from your saved - object. It should look like `savedObjectType.attributes.title: - "myTitle"`. However, if you used a direct attribute of a saved - object, such as `updatedAt`, you must define your filter, for - example, `savedObjectType.updatedAt > 2018-12-22`. + name: sort_direction + required: false schema: + enum: + - asc + - desc type: string - - name: has_reference - in: query - description: >- - Filters the rules that have a relation with the reference objects - with a specific type and identifier. - schema: - type: object - properties: - id: - type: string - type: - type: string - - name: page + - description: The page number to return. in: query - description: The page number to return. + name: page + required: false schema: + minimum: 1 type: integer - default: 1 - example: 1 - - name: per_page + - description: The number of records to return per page. in: query - description: The number of alerts to return per page. + name: per_page + required: false schema: + maximum: 1000 + minimum: 1 type: integer - default: 20 - example: 20 - - name: search - in: query - description: >- - An Elasticsearch `simple_query_string` query that filters the alerts - in the response. - schema: - type: string - - name: search_fields - in: query - description: >- - The fields to perform the `simple_query_string` parsed query - against. - schema: - oneOf: - - type: string - - type: array - items: - type: string - - name: sort_field - in: query - description: > - Determines which field is used to sort the results. The field must - exist in the `attributes` key of the response. - schema: - type: string - - name: sort_order + - description: The kuery to filter by. in: query - description: Determines the sort order. + name: kuery + required: false schema: type: string - enum: - - asc - - desc - default: desc - example: asc responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - data: - type: array - items: - $ref: '#/components/schemas/Alerting_alert_response_properties' page: + minimum: 1 type: integer - perPage: + per_page: + maximum: 1000 + minimum: 1 type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + type: array total: + minimum: 0 type: integer - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alerts/_health: - get: - summary: Get the alerting framework health - operationId: legacyGetAlertingHealth - deprecated: true - description: Deprecated in 7.13.0. Use the get alerting framework health API instead. + required: + - records + - page + - per_page + - total + description: Bulk upload successful + summary: 'List asset criticality data, filtering and sorting as needed' tags: - - alerting + - Security Solution Entity Analytics API + /api/data_views: + get: + operationId: getAllDataViewsDefault responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getAllDataViewsResponse: + $ref: '#/components/examples/Data_views_get_data_views_response' schema: type: object properties: - alertingFrameworkHealth: - type: object - description: > - Three substates identify the health of the alerting - framework: `decryptionHealth`, `executionHealth`, and - `readHealth`. - properties: - decryptionHealth: - type: object - description: The timestamp and status of the alert decryption. - properties: - status: - type: string - example: ok - enum: - - error - - ok - - warn - timestamp: - type: string - format: date-time - example: '2023-01-13T01:28:00.280Z' - executionHealth: - type: object - description: The timestamp and status of the alert execution. - properties: - status: - type: string - example: ok - enum: - - error - - ok - - warn - timestamp: - type: string - format: date-time - example: '2023-01-13T01:28:00.280Z' - readHealth: - type: object - description: The timestamp and status of the alert reading events. - properties: - status: - type: string - example: ok - enum: - - error - - ok - - warn - timestamp: + data_view: + items: + type: object + properties: + id: + type: string + name: + type: string + namespaces: + items: type: string - format: date-time - example: '2023-01-13T01:28:00.280Z' - hasPermanentEncryptionKey: - type: boolean - description: >- - If `false`, the encrypted saved object plugin does not - have a permanent encryption key. - example: true - isSufficientlySecure: - type: boolean - description: If `false`, security is enabled but TLS is not. - example: true - '401': - description: Authorization information is missing or invalid. + type: array + title: + type: string + typeMeta: + type: object + type: array + description: Indicates a successful call. + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alerts/list_alert_types: - get: - summary: Get the alert types - operationId: legacyGetAlertTypes - deprecated: true - description: Deprecated in 7.13.0. Use the get rule types API instead. + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get all data views tags: - - alerting + - data views + /api/data_views/data_view: + post: + operationId: createDataViewDefaultw + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createDataViewRequest: + $ref: '#/components/examples/Data_views_create_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_create_data_view_request_object' + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - items: - type: object - properties: - actionGroups: - description: > - An explicit list of groups for which the alert type can - schedule actions, each with the action group's unique ID - and human readable name. Alert actions validation uses - this configuration to ensure that groups are valid. - type: array - items: - type: object - properties: - id: - type: string - name: - type: string - actionVariables: - description: > - A list of action variables that the alert type makes - available via context and state in action parameter - templates, and a short human readable description. The - Alert UI will use this information to prompt users for - these variables in action parameter editors. - type: object - properties: - context: - type: array - items: - type: object - properties: - name: - type: string - description: - type: string - params: - type: array - items: - type: object - properties: - description: - type: string - name: - type: string - state: - type: array - items: - type: object - properties: - description: - type: string - name: - type: string - authorizedConsumers: - description: >- - The list of the plugins IDs that have access to the - alert type. - type: object - defaultActionGroupId: - description: The default identifier for the alert type group. - type: string - enabledInLicense: - description: >- - Indicates whether the rule type is enabled based on the - subscription. - type: boolean - id: - description: The unique identifier for the alert type. - type: string - isExportable: - description: >- - Indicates whether the alert type is exportable in Saved - Objects Management UI. - type: boolean - minimumLicenseRequired: - description: The subscriptions required to use the alert type. - type: string - name: - description: The descriptive name of the alert type. - type: string - producer: - description: >- - An identifier for the application that produces this - alert type. - type: string - recoveryActionGroup: - description: > - An action group to use when an alert instance goes from - an active state to an inactive one. If it is not - specified, the default recovered action group is used. - type: object - properties: - id: - type: string - name: - type: string - '401': - description: Authorization information is missing or invalid. + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute: - post: - summary: Mute an alert instance - operationId: legacyMuteAlertInstance - deprecated: true - description: Deprecated in 7.13.0. Use the mute alert API instead. + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create a data view tags: - - alerting + - data views + '/api/data_views/data_view/{viewId}': + delete: + description: | + WARNING: When you delete a data view, it cannot be recovered. + operationId: deleteDataViewDefault parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: An identifier for the alert. - required: true - schema: - type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - - in: path - name: alertInstanceId - description: An identifier for the alert instance. - required: true - schema: - type: string - example: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' responses: '204': description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. + '404': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute: - post: - summary: Unmute an alert instance - operationId: legacyUnmuteAlertInstance - deprecated: true - description: Deprecated in 7.13.0. Use the unmute alert API instead. + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a data view tags: - - alerting + - data views + get: + operationId: getDataViewDefault parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - in: path - name: alertId - description: An identifier for the alert. - required: true - schema: - type: string - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - - in: path - name: alertInstanceId - description: An identifier for the alert instance. - required: true - schema: - type: string - example: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 + - $ref: '#/components/parameters/Data_views_view_id' responses: - '204': + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDataViewResponse: + $ref: '#/components/examples/Data_views_get_data_view_response' + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. + '404': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Alerting_401_response' - /api/apm/agent_keys: - post: - summary: Create an APM agent key - description: Create a new agent key for APM. - operationId: createAgentKey + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a data view tags: - - APM agent keys + - data views + post: + operationId: updateDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateDataViewRequest: + $ref: '#/components/examples/Data_views_update_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_update_data_view_request_object' required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a data view + tags: + - data views + '/api/data_views/data_view/{viewId}/fields': + post: + description: > + Update fields presentation metadata such as count, customLabel, + customDescription, and format. + operationId: updateFieldsMetadataDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateFieldsMetadataRequest: + $ref: '#/components/examples/Data_views_update_field_metadata_request' schema: type: object properties: - name: - type: string - privileges: - type: array - items: - type: string - enum: - - event:write - - config_agent:read + fields: + description: The field object. + type: object + required: + - fields + required: true responses: '200': - description: Agent key created successfully content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - api_key: - type: string - expiration: - type: integer - format: int64 - id: - type: string - name: - type: string - encoded: - type: string - /api/apm/services/{serviceName}/annotation/search: - get: - summary: Search for annotations - description: Search for annotations related to a specific service. - operationId: getAnnotation - tags: - - APM annotations - parameters: - - name: serviceName - in: path - required: true - description: The name of the service - schema: - type: string - - name: environment - in: query - required: false - description: The environment to filter annotations by - schema: - type: string - - name: start - in: query - required: false - description: The start date for the search - schema: - type: string - - name: end - in: query - required: false - description: The end date for the search - schema: - type: string + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update data view fields metadata + tags: + - data views + '/api/data_views/data_view/{viewId}/runtime_field': + post: + operationId: createRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true responses: '200': - description: Successful response content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object - properties: - annotations: - type: array - items: - type: object - properties: - type: - type: string - enum: - - version - id: - type: string - '@timestamp': - type: number - text: - type: string - /api/apm/services/{serviceName}/annotation: - post: - summary: Create a service annotation - description: Create a new annotation for a specific service. - operationId: createAnnotation + description: Indicates a successful call. + summary: Create a runtime field tags: - - APM annotations + - data views + put: + operationId: createUpdateRuntimeFieldDefault parameters: - - name: serviceName + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - description: | + The ID of the data view fields you want to update. in: path + name: viewId required: true - description: The name of the service schema: type: string requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' schema: type: object properties: - '@timestamp': + name: + description: | + The name for a runtime field. type: string - service: + runtimeField: + description: | + The runtime field definition object. type: object - properties: - version: - type: string - environment: - type: string - message: - type: string - tags: - type: array - items: - type: string + required: + - name + - runtimeField + required: true responses: '200': - description: Annotation created successfully content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - _id: - type: string - _index: - type: string - _source: + data_view: type: object - properties: - annotation: - type: string - tags: - type: array - items: - type: string - message: - type: string - service: - type: object - properties: - name: - type: string - environment: - type: string - version: - type: string - event: - type: object - properties: - created: - type: string - '@timestamp': - type: string - /api/cases: - post: - summary: Create a case - operationId: createCaseDefaultSpace - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the - Kibana feature privileges, depending on the owner of the case you're - creating. + fields: + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create or update a runtime field tags: - - cases + - data views + '/api/data_views/data_view/{viewId}/runtime_field/{fieldName}': + delete: + operationId: deleteRuntimeFieldDefault parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_create_case_request' - examples: - createCaseRequest: - $ref: '#/components/examples/Cases_create_case_request' + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' responses: '200': description: Indicates a successful call. + '404': content: - application/json: - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - examples: - createCaseResponse: - $ref: '#/components/examples/Cases_create_case_response' - '401': - description: Authorization information is missing or invalid. - content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - delete: - summary: Delete cases - operationId: deleteCaseDefaultSpace - description: > - You must have `read` or `all` privileges and the `delete` sub-feature - privilege for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases you're deleting. + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a runtime field from a data view tags: - - cases + - data views + get: + operationId: getRuntimeFieldDefault parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_ids' + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' responses: - '204': + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getRuntimeFieldResponse: + $ref: '#/components/examples/Data_views_get_runtime_field_response' + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. + '404': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - patch: - summary: Update cases - operationId: updateCaseDefaultSpace - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the - Kibana feature privileges, depending on the owner of the case you're - updating. + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a runtime field tags: - - cases + - data views + post: + operationId: updateRuntimeFieldDefault parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' requestBody: content: - application/json: - schema: - $ref: '#/components/schemas/Cases_update_case_request' + application/json; Elastic-Api-Version=2023-10-31: examples: - updateCaseRequest: - $ref: '#/components/examples/Cases_update_case_request' + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_update_runtime_field_request' + schema: + type: object + properties: + runtimeField: + description: | + The runtime field definition object. + + You can update following fields: + + - `type` + - `script` + type: object + required: + - runtimeField + required: true responses: '200': description: Indicates a successful call. + '400': content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/Cases_case_response_properties' - examples: - updateCaseResponse: - $ref: '#/components/examples/Cases_update_case_response' - '401': - description: Authorization information is missing or invalid. - content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/_find: - get: - summary: Search cases - operationId: findCasesDefaultSpace - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases you're seeking. + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a runtime field tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_assignees' - - $ref: '#/components/parameters/Cases_category' - - $ref: '#/components/parameters/Cases_defaultSearchOperator' - - $ref: '#/components/parameters/Cases_from' - - $ref: '#/components/parameters/Cases_owner' - - $ref: '#/components/parameters/Cases_page_index' - - $ref: '#/components/parameters/Cases_page_size' - - $ref: '#/components/parameters/Cases_reporters' - - $ref: '#/components/parameters/Cases_search' - - $ref: '#/components/parameters/Cases_searchFields' - - $ref: '#/components/parameters/Cases_severity' - - $ref: '#/components/parameters/Cases_sortField' - - $ref: '#/components/parameters/Cases_sort_order' - - $ref: '#/components/parameters/Cases_status' - - $ref: '#/components/parameters/Cases_tags' - - $ref: '#/components/parameters/Cases_to' + - data views + /api/data_views/default: + get: + operationId: getDefaultDataViewDefault responses: '200': - description: Indicates a successful call. content: - application/json: - schema: - type: object - properties: - cases: - type: array - maxItems: 10000 - items: - $ref: '#/components/schemas/Cases_case_response_properties' - count_closed_cases: - type: integer - count_in_progress_cases: - type: integer - count_open_cases: - type: integer - page: - type: integer - per_page: - type: integer - total: - type: integer + application/json; Elastic-Api-Version=2023-10-31: examples: - findCaseResponse: - $ref: '#/components/examples/Cases_find_case_response' - '401': - description: Authorization information is missing or invalid. - content: - application/json: + getDefaultDataViewResponse: + $ref: >- + #/components/examples/Data_views_get_default_data_view_response schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/alerts/{alertId}: - get: - summary: Get cases for an alert - operationId: getCasesByAlertDefaultSpace - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases you're seeking. - x-technical-preview: true - tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_alert_id' - - $ref: '#/components/parameters/Cases_owner' - responses: - '200': + type: object + properties: + data_view_id: + type: string description: Indicates a successful call. + '400': content: - application/json: - schema: - type: array - maxItems: 10000 - items: - type: object - properties: - id: - type: string - description: The case identifier. - title: - type: string - description: The case title. - example: - - id: 06116b80-e1c3-11ec-be9b-9b1838238ee6 - title: security_case - '401': - description: Authorization information is missing or invalid. - content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/configure: - get: - summary: Get case settings - operationId: getCaseConfigurationDefaultSpace - description: > - Get setting details such as the closure type, custom fields, templatse, - and the default connector for cases. You must have `read` privileges for - the **Cases** feature in the **Management**, **Observability**, or - **Security** section of the Kibana feature privileges, depending on - where the cases were created. + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get the default data view tags: - - cases + - data views + post: + operationId: setDefaultDatailViewDefault parameters: - - $ref: '#/components/parameters/Cases_owner' + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setDefaultDataViewRequest: + $ref: '#/components/examples/Data_views_set_default_data_view_request' + schema: + type: object + properties: + data_view_id: + description: > + The data view identifier. NOTE: The API does not validate + whether it is a valid identifier. Use `null` to unset the + default data view. + nullable: true + type: string + force: + default: false + description: Update an existing default data view identifier. + type: boolean + required: + - data_view_id + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - items: - type: object - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are - not used and are not propagated to individual cases, - therefore it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want - a default connector, use `none`. To retrieve - connector IDs, use the find connectors API. - type: string - example: none - name: - description: >- - The name of the connector. If you do not want a - default connector, use `none`. To retrieve connector - names, use the find connectors API. - type: string - example: none - type: - $ref: '#/components/schemas/Cases_connector_types' - created_at: - type: string - format: date-time - example: '2022-06-01T17:07:17.767Z' - created_by: - type: object - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - customFields: - type: array - description: Custom fields configuration details. - items: - type: object - properties: - defaultValue: - oneOf: - - type: string - - type: boolean - description: > - A default value for the custom field. If the - `type` is `text`, the default value must be a - string. If the `type` is `toggle`, the default - value must be boolean. - key: - description: > - A unique key for the custom field. Must be lower - case and composed only of a-z, 0-9, '_', and '-' - characters. It is used in API calls to refer to a - specific custom field. - type: string - minLength: 1 - maxLength: 36 - label: - description: >- - The custom field label that is displayed in the - case. - type: string - minLength: 1 - maxLength: 50 - required: - description: > - Indicates whether the field is required. If - `false`, the custom field can be set to null or - omitted when a case is created or updated. - type: boolean - type: - description: The type of the custom field. - type: string - enum: - - text - - toggle - error: - type: string - nullable: true - example: null - id: - type: string - example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - mappings: - type: array - items: - type: object - properties: - action_type: - type: string - example: overwrite - source: - type: string - example: title - target: - type: string - example: summary - owner: - $ref: '#/components/schemas/Cases_owners' - templates: - $ref: '#/components/schemas/Cases_templates' - updated_at: - type: string - format: date-time - nullable: true - example: '2022-06-01T19:58:48.169Z' - updated_by: - type: object - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - nullable: true - version: - type: string - example: WzIwNzMsMV0= - examples: - getConfigurationResponse: - $ref: '#/components/examples/Cases_get_case_configuration_response' - '401': - description: Authorization information is missing or invalid. + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Set the default data view + tags: + - data views + /api/data_views/swap_references: post: - summary: Add case settings - operationId: setCaseConfigurationDefaultSpace description: > - Case settings include external connection details, custom fields, and - templates. Connectors are used to interface with external systems. You - must create a connector before you can use it in your cases. If you set - a default connector, it is automatically selected when you create cases - in Kibana. If you use the create case API, however, you must still - specify all of the connector details. You must have `all` privileges for - the **Cases** feature in the **Management**, **Observability**, or - **Security** section of the Kibana feature privileges, depending on - where you are creating cases. - tags: - - cases + Changes saved object references from one data view identifier to + another. WARNING: Misuse can break large numbers of saved objects! + Practicing with a backup is recommended. + operationId: swapDataViewsDefault parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_kbn_xsrf' requestBody: content: - application/json: - schema: - $ref: '#/components/schemas/Cases_set_case_configuration_request' + application/json; Elastic-Api-Version=2023-10-31: examples: - setCaseConfigRequest: - $ref: '#/components/examples/Cases_set_case_configuration_request' + swapDataViewRequest: + $ref: '#/components/examples/Data_views_swap_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not - used and are not propagated to individual cases, - therefore it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a - default connector, use `none`. To retrieve connector - IDs, use the find connectors API. - type: string - example: none - name: - description: >- - The name of the connector. If you do not want a - default connector, use `none`. To retrieve connector - names, use the find connectors API. - type: string - example: none - type: - $ref: '#/components/schemas/Cases_connector_types' - created_at: - type: string - format: date-time - example: '2022-06-01T17:07:17.767Z' - created_by: + deleteStatus: type: object - required: - - email - - full_name - - username properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - customFields: - type: array - description: Custom fields configuration details. + deletePerformed: + type: boolean + remainingRefs: + type: integer + result: items: type: object properties: - defaultValue: - oneOf: - - type: string - - type: boolean - description: > - A default value for the custom field. If the `type` - is `text`, the default value must be a string. If - the `type` is `toggle`, the default value must be - boolean. - key: - description: > - A unique key for the custom field. Must be lower - case and composed only of a-z, 0-9, '_', and '-' - characters. It is used in API calls to refer to a - specific custom field. - type: string - minLength: 1 - maxLength: 36 - label: - description: >- - The custom field label that is displayed in the - case. + id: + description: A saved object identifier. type: string - minLength: 1 - maxLength: 50 - required: - description: > - Indicates whether the field is required. If `false`, - the custom field can be set to null or omitted when - a case is created or updated. - type: boolean type: - description: The type of the custom field. + description: The saved object type. type: string - enum: - - text - - toggle - error: - type: string - nullable: true - example: null - id: - type: string - example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - mappings: type: array - items: - type: object - properties: - action_type: - type: string - example: overwrite - source: - type: string - example: title - target: - type: string - example: summary - owner: - $ref: '#/components/schemas/Cases_owners' - templates: - $ref: '#/components/schemas/Cases_templates' - updated_at: - type: string - format: date-time - nullable: true - example: '2022-06-01T19:58:48.169Z' - updated_by: - type: object - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - nullable: true - version: - type: string - example: WzIwNzMsMV0= - examples: - setCaseConfigResponse: - $ref: '#/components/examples/Cases_set_case_configuration_response' - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/configure/{configurationId}: - patch: - summary: Update case settings - operationId: updateCaseConfigurationDefaultSpace - description: > - Updates setting details such as the closure type, custom fields, - templates, and the default connector for cases. Connectors are used to - interface with external systems. You must create a connector before you - can use it in your cases. You must have `all` privileges for the - **Cases** feature in the **Management**, **Observability**, or - **Security** section of the Kibana feature privileges, depending on - where the case was created. + description: Indicates a successful call. + summary: Swap saved object references tags: - - cases + - data views + /api/data_views/swap_references/_preview: + post: + description: > + Preview the impact of swapping saved object references from one data + view identifier to another. + operationId: previewSwapDataViewsDefault parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_configuration_id' + - $ref: '#/components/parameters/Data_views_kbn_xsrf' requestBody: content: - application/json: - schema: - $ref: '#/components/schemas/Cases_update_case_configuration_request' + application/json; Elastic-Api-Version=2023-10-31: examples: - updateCaseConfigurationRequest: - $ref: '#/components/examples/Cases_update_case_configuration_request' + previewSwapDataViewRequest: + $ref: >- + #/components/examples/Data_views_preview_swap_data_view_request + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not - used and are not propagated to individual cases, - therefore it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a - default connector, use `none`. To retrieve connector - IDs, use the find connectors API. - type: string - example: none - name: - description: >- - The name of the connector. If you do not want a - default connector, use `none`. To retrieve connector - names, use the find connectors API. - type: string - example: none - type: - $ref: '#/components/schemas/Cases_connector_types' - created_at: - type: string - format: date-time - example: '2022-06-01T17:07:17.767Z' - created_by: - type: object - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - customFields: - type: array - description: Custom fields configuration details. + result: items: type: object properties: - defaultValue: - oneOf: - - type: string - - type: boolean - description: > - A default value for the custom field. If the `type` - is `text`, the default value must be a string. If - the `type` is `toggle`, the default value must be - boolean. - key: - description: > - A unique key for the custom field. Must be lower - case and composed only of a-z, 0-9, '_', and '-' - characters. It is used in API calls to refer to a - specific custom field. - type: string - minLength: 1 - maxLength: 36 - label: - description: >- - The custom field label that is displayed in the - case. + id: + description: A saved object identifier. type: string - minLength: 1 - maxLength: 50 - required: - description: > - Indicates whether the field is required. If `false`, - the custom field can be set to null or omitted when - a case is created or updated. - type: boolean type: - description: The type of the custom field. + description: The saved object type. type: string - enum: - - text - - toggle - error: - type: string - nullable: true - example: null - id: - type: string - example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - mappings: type: array - items: - type: object - properties: - action_type: - type: string - example: overwrite - source: - type: string - example: title - target: - type: string - example: summary - owner: - $ref: '#/components/schemas/Cases_owners' - templates: - $ref: '#/components/schemas/Cases_templates' - updated_at: - type: string - format: date-time - nullable: true - example: '2022-06-01T19:58:48.169Z' - updated_by: - type: object - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - nullable: true - version: - type: string - example: WzIwNzMsMV0= - examples: - updateCaseConfigurationResponse: - $ref: >- - #/components/examples/Cases_update_case_configuration_response - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/reporters: - get: - summary: Get case creators - operationId: getCaseReportersDefaultSpace - description: > - Returns information about the users who opened cases. You must have read - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases. The API returns - information about the users as they existed at the time of the case - creation, including their name, full name, and email address. If any of - those details change thereafter or if a user is deleted, the information - returned by this API is unchanged. + description: Indicates a successful call. + summary: Preview a saved object reference swap tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_owner' + - data views + /api/detection_engine/index: + delete: + operationId: DeleteAlertsIndex responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - maxItems: 10000 - items: - type: object - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - examples: - getReportersResponse: - $ref: '#/components/examples/Cases_get_reporters_response' + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/status: - get: - summary: Get case status summary - operationId: getCaseStatusDefaultSpace - description: > - Returns the number of cases that are open, closed, and in progress. - Deprecated in 8.1.0. This API is deprecated and will be removed in a - future release; use the find cases API instead. You must have `read` - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases you're seeking. - deprecated: true + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + description: Index does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete an alerts index tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_owner' + - Security Solution Detections API + - Alert index API + get: + operationId: ReadAlertsIndex responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - count_closed_cases: - type: integer - count_in_progress_cases: - type: integer - count_open_cases: - type: integer + index_mapping_outdated: + nullable: true + type: boolean + name: + type: string + required: + - name + - index_mapping_outdated + description: Successful response '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/tags: - get: - summary: Get case tags - operationId: getCaseTagsDefaultSpace - description: > - Aggregates and returns a list of case tags. You must have read - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases you're seeking. - tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_owner' - responses: - '200': - description: Indicates a successful call. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - maxItems: 10000 - items: - type: string - examples: - getTagsResponse: - $ref: '#/components/examples/Cases_get_tags_response' - '401': - description: Authorization information is missing or invalid. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/{caseId}: - get: - summary: Get case information - operationId: getCaseDefaultSpace - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the case you're seeking. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Reads the alert index name if it exists tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_includeComments' + - Security Solution Detections API + - Alert index API + post: + operationId: CreateAlertsIndex responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_case_response_properties' - examples: - getDefaultCaseResponse: - $ref: '#/components/examples/Cases_get_case_response' - getDefaultObservabilityCaseReponse: - $ref: '#/components/examples/Cases_get_case_observability_response' + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/{caseId}/alerts: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Create an alerts index + tags: + - Security Solution Detections API + - Alert index API + /api/detection_engine/privileges: get: - summary: Get all alerts for a case description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases you're seeking. - x-technical-preview: true - operationId: getCaseAlertsDefaultSpace - tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_case_id' + Retrieves whether or not the user is authenticated, and the user's + Kibana + + space and index privileges, which determine if the user can create an + + index for the Elastic Security alerts generated by + + detection engine rules. + operationId: ReadPrivileges responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - items: - $ref: '#/components/schemas/Cases_alert_response_properties' - examples: - getCaseAlertsResponse: - $ref: '#/components/examples/Cases_get_case_alerts_response' + type: object + properties: + has_encryption_key: + type: boolean + is_authenticated: + type: boolean + required: + - is_authenticated + - has_encryption_key + description: Successful response '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/{caseId}/comments: - post: - summary: Add a case comment or alert - operationId: addCaseCommentDefaultSpace - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the case you're creating. - NOTE: Each case can have a maximum of 1,000 alerts. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Returns user privileges for the Kibana space tags: - - cases + - Security Solution Detections API + - Privileges API + /api/detection_engine/rules: + delete: + description: Delete a detection rule using the `rule_id` or `id` field. + operationId: DeleteRule parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_case_id' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_add_case_comment_request' - examples: - createCaseCommentRequest: - $ref: '#/components/examples/Cases_add_comment_request' + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - examples: - createCaseCommentResponse: - $ref: '#/components/examples/Cases_add_comment_response' - '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - delete: - summary: Delete all case comments and alerts - operationId: deleteCaseCommentsDefaultSpace - description: > - Deletes all comments and alerts from a case. You must have `all` - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases you're deleting. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Delete a detection rule tags: - - cases + - Security Solution Detections API + - Rules API + get: + description: Retrieve a detection rule using the `rule_id` or `id` field. + operationId: ReadRule parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_case_id' + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId responses: - '204': - description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - patch: - summary: Update a case comment or alert - operationId: updateCaseCommentDefaultSpace - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the case you're updating. - NOTE: You cannot change the comment type or the owner of a comment. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Retrieve a detection rule tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_case_id' + - Security Solution Detections API + - Rules API + patch: + description: >- + Update specific fields of an existing detection rule using the `rule_id` + or `id` field. + operationId: PatchRule requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_update_case_comment_request' - examples: - updateCaseCommentRequest: - $ref: '#/components/examples/Cases_update_comment_request' + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - examples: - updateCaseCommentResponse: - $ref: '#/components/examples/Cases_update_comment_response' - '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - get: - summary: Get all case comments - operationId: getAllCaseCommentsDefaultSpace - description: > - Deprecated in 8.1.0. This API is deprecated and will be removed in a - future release; instead, use the get case comment API, which requires a - comment identifier in the path. You must have `read` privileges for the - **Cases** feature in the **Management**, **Observability**, or - **Security** section of the Kibana feature privileges, depending on the - owner of the cases with the comments you're seeking. - deprecated: true + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Patch a detection rule tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_case_id' + - Security Solution Detections API + - Rules API + post: + description: Create a new detection rule. + operationId: CreateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/{caseId}/comments/_find: - get: - summary: Find case comments and alerts - operationId: findCaseCommentsDefaultSpace - description: > - Retrieves a paginated list of comments for a case. You must have `read` - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases with the comments you're - seeking. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Create a detection rule tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_page_index' - - $ref: '#/components/parameters/Cases_page_size' - - $ref: '#/components/parameters/Cases_sort_order' + - Security Solution Detections API + - Rules API + put: + description: > + Update a detection rule using the `rule_id` or `id` field. The original + rule is replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: UpdateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/{caseId}/comments/{commentId}: - delete: - summary: Delete a case comment or alert - operationId: deleteCaseCommentDefaultSpace - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases you're deleting. - tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_comment_id' - responses: - '204': + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse description: Indicates a successful call. - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - get: - summary: Get a case comment or alert - operationId: getCaseCommentDefaultSpace - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases with the - comments you're seeking. + summary: Update a detection rule tags: - - cases + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_bulk_action: + post: + description: >- + Apply a bulk action, such as bulk edit, duplicate, or delete, to + multiple detection rules. The bulk action is applied to all rules that + match the query or to the rules listed by their IDs. + operationId: PerformRulesBulkAction parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_comment_id' + - description: Enables dry run mode for the request call. + in: query + name: dry_run + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDeleteRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDisableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEnableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDuplicateRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkManualRuleRun + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditRules responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: oneOf: - $ref: >- - #/components/schemas/Cases_alert_comment_response_properties + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResponse - $ref: >- - #/components/schemas/Cases_user_comment_response_properties - examples: - getCaseCommentResponse: - $ref: '#/components/examples/Cases_get_comment_response' - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/{caseId}/connector/{connectorId}/_push: - post: - summary: Push a case to an external service - description: > - You must have `all` privileges for the **Actions and Connectors** - feature in the **Management** section of the Kibana feature privileges. - You must also have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the case you're pushing. - operationId: pushCaseDefaultSpace + #/components/schemas/Security_Solution_Detections_API_BulkExportActionResponse + description: OK + summary: Apply a bulk action to detection rules tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_connector_id' - - $ref: '#/components/parameters/Cases_kbn_xsrf' + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_create: + post: + deprecated: true + description: Create new detection rules in bulk. + operationId: BulkCreateRules requestBody: content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - nullable: true + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + type: array + description: 'A JSON array of rules, where each rule contains the required fields.' + required: true responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - examples: - pushCaseResponse: - $ref: '#/components/examples/Cases_push_case_response' - '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/{caseId}/user_actions: - get: - summary: Get case activity - description: > - Returns all user activity for a case. Deprecated in 8.1.0. This API is - deprecated and will be removed in a future release; use the find user - actions API instead. You must have `read` privileges for the **Cases** - feature in the **Management**, **Observability**, or **Security** - section of the Kibana feature privileges, depending on the owner of the - case you're seeking. - deprecated: true - operationId: getCaseActivityDefaultSpace + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Create multiple detection rules tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_case_id' + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_delete: + delete: + deprecated: true + description: Delete detection rules in bulk. + operationId: BulkDeleteRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + type: array + description: >- + A JSON array of `id` or `rule_id` fields of the rules you want to + delete. + required: true responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse description: Indicates a successful call. + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - items: - $ref: '#/components/schemas/Cases_user_actions_response_properties' + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/{caseId}/user_actions/_find: - get: - summary: Find case activity - description: > - Retrives a paginated list of user activity for a case. You must have - `read` privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the case you're seeking. - operationId: findCaseActivityDefaultSpace - tags: - - cases - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_page_index' - - $ref: '#/components/parameters/Cases_page_size' - - $ref: '#/components/parameters/Cases_sort_order' - - $ref: '#/components/parameters/Cases_user_action_types' - responses: - '200': - description: Indicates a successful call. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + post: + deprecated: true + description: Deletes multiple rules. + operationId: BulkDeleteRulesPost + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: type: object properties: - page: - type: integer - perPage: - type: integer - total: - type: integer - userActions: - type: array - maxItems: 10000 - items: - $ref: >- - #/components/schemas/Cases_user_actions_find_response_properties - examples: - findCaseActivityResponse: - $ref: '#/components/examples/Cases_find_case_activity_response' - '401': - description: Authorization information is missing or invalid. - content: - application/json: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/cases/configure/connectors/_find: - get: - summary: Get case connectors - operationId: findCaseConnectorsDefaultSpace - description: > - Get information about connectors that are supported for use in cases. - You must have `read` privileges for the **Actions and Connectors** - feature in the **Management** section of the Kibana feature privileges. - tags: - - cases + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + type: array + description: >- + A JSON array of `id` or `rule_id` fields of the rules you want to + delete. + required: true responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse description: Indicates a successful call. + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - items: - type: object - properties: - actionTypeId: - $ref: '#/components/schemas/Cases_connector_types' - config: - type: object - properties: - apiUrl: - type: string - projectKey: - type: string - additionalProperties: true - id: - type: string - isDeprecated: - type: boolean - isMissingSecrets: - type: boolean - isPreconfigured: - type: boolean - name: - type: string - referencedByCount: - type: integer - maxItems: 1000 - examples: - findConnectorResponse: - $ref: '#/components/examples/Cases_find_connector_response' + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response '401': - description: Authorization information is missing or invalid. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Cases_4xx_response' - /api/actions/connector: - post: - summary: Create a connector with a random ID - operationId: createConnector - description: The connector identifier is randomly generated. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete multiple detection rules tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_update: + patch: + deprecated: true + description: >- + Update specific fields of existing detection rules using the `rule_id` + or `id` field. + operationId: BulkPatchRules requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Connectors_create_connector_request' - examples: - createEmailConnectorRequest: - $ref: >- - #/components/examples/Connectors_create_email_connector_request - createIndexConnectorRequest: + items: $ref: >- - #/components/examples/Connectors_create_index_connector_request - createWebhookConnectorRequest: + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + type: array + description: 'A JSON array of rules, where each rule contains the required fields.' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: $ref: >- - #/components/examples/Connectors_create_webhook_connector_request - createXmattersConnectorRequest: + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Patch multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + put: + deprecated: true + description: > + Update multiple detection rules using the `rule_id` or `id` field. The + original rules are replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: BulkUpdateRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: $ref: >- - #/components/examples/Connectors_create_xmatters_connector_request + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + type: array + description: >- + A JSON array where each element includes the `id` or `rule_id` field + of the rule you want to update and the fields you want to modify. + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Connectors_connector_response_properties' - examples: - createEmailConnectorResponse: - $ref: >- - #/components/examples/Connectors_create_email_connector_response - createIndexConnectorResponse: - $ref: >- - #/components/examples/Connectors_create_index_connector_response - createWebhookConnectorResponse: - $ref: >- - #/components/examples/Connectors_create_webhook_connector_response - createXmattersConnectorResponse: - $ref: >- - #/components/examples/Connectors_create_xmatters_connector_response - '401': - $ref: '#/components/responses/Connectors_401' - /api/actions/connector/{connectorId}: - get: - summary: Get a connector information - operationId: getConnector - tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_connector_id' - responses: - '200': + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_connector_response_properties' - examples: - getConnectorResponse: - $ref: '#/components/examples/Connectors_get_connector_response' - '401': - $ref: '#/components/responses/Connectors_401' - '404': - $ref: '#/components/responses/Connectors_404' - delete: - summary: Delete a connector - operationId: deleteConnector + summary: Update multiple detection rules tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - $ref: '#/components/parameters/Connectors_connector_id' - responses: - '204': - description: Indicates a successful call. - '401': - $ref: '#/components/responses/Connectors_401' - '404': - $ref: '#/components/responses/Connectors_404' + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_export: post: - summary: Create a connector - operationId: createConnectorId - tags: - - connectors + description: > + Export detection rules to an `.ndjson` file. The following configuration + items are also included in the `.ndjson` file: + + - Actions + + - Exception lists + + > info + + > You cannot export prebuilt rules. + operationId: ExportRules parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - in: path - name: connectorId - description: > - A UUID v1 or v4 identifier for the connector. If you omit this - parameter, an identifier is randomly generated. - required: true + - description: Determines whether a summary of the exported rules is returned. + in: query + name: exclude_export_details + required: false + schema: + default: false + type: boolean + - description: File name for saving the exported rules. + in: query + name: file_name + required: false schema: + default: export.ndjson type: string - example: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Connectors_create_connector_request' - examples: - createIndexConnectorRequest: - $ref: >- - #/components/examples/Connectors_create_index_connector_request + nullable: true + type: object + properties: + objects: + description: >- + Array of `rule_id` fields. Exports all rules when + unspecified. + items: + type: object + properties: + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - rule_id + type: array + required: + - objects + required: false responses: '200': - description: Indicates a successful call. content: - application/json: + application/ndjson; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Connectors_connector_response_properties' - examples: - createIndexConnectorResponse: - $ref: >- - #/components/examples/Connectors_create_index_connector_response - '401': - $ref: '#/components/responses/Connectors_401' - put: - summary: Update a connector - operationId: updateConnector + description: An `.ndjson` file containing the returned rules. + format: binary + type: string + description: Indicates a successful call. + summary: Export detection rules tags: - - connectors + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/_find: + get: + description: >- + Retrieve a paginated list of detection rules. By default, the first page + is returned, with 20 results per page. + operationId: FindRules parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - $ref: '#/components/parameters/Connectors_connector_id' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_update_connector_request' - examples: - updateIndexConnectorRequest: - $ref: >- - #/components/examples/Connectors_update_index_connector_request + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_FindRulesSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Rules per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Connectors_connector_response_properties' - '400': - $ref: '#/components/responses/Connectors_401' - '401': - $ref: '#/components/responses/Connectors_401' - '404': - $ref: '#/components/responses/Connectors_404' - /api/actions/connector/{connectorId}/_execute: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + summary: List all detection rules + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_import: post: - summary: Run a connector - operationId: runConnector description: > - You can use this API to test an action that involves interaction with - Kibana services or integrations with third-party systems. You must have - `read` privileges for the **Actions and Connectors** feature in the - **Management** section of the Kibana feature privileges. If you use an - index connector, you must also have `all`, `create`, `index`, or `write` - indices privileges. - tags: - - connectors + Import detection rules from an `.ndjson` file, including actions and + exception lists. The request must include: + + - The `Content-Type: multipart/form-data` HTTP header. + + - A link to the `.ndjson` file containing the rules. + operationId: ImportRules parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - $ref: '#/components/parameters/Connectors_connector_id' + - description: >- + Determines whether existing rules with the same `rule_id` are + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing exception lists with the same `list_id` + are overwritten. + in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing actions with the same + `kibana.alert.rule.actions.id` are overwritten. + in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: Generates a new list ID for each imported exception list. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean requestBody: - required: true content: - application/json: + multipart/form-data; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Connectors_run_connector_request' - examples: - runCasesWebhookConnectorRequest: - $ref: >- - #/components/examples/Connectors_run_cases_webhook_connector_request - runEmailConnectorRequest: - $ref: '#/components/examples/Connectors_run_email_connector_request' - runIndexConnectorRequest: - $ref: '#/components/examples/Connectors_run_index_connector_request' - runJiraConnectorRequest: - $ref: '#/components/examples/Connectors_run_jira_connector_request' - runPagerDutyConnectorRequest: - $ref: >- - #/components/examples/Connectors_run_pagerduty_connector_request - runServerLogConnectorRequest: - $ref: >- - #/components/examples/Connectors_run_server_log_connector_request - runServiceNowITOMConnectorRequest: - $ref: >- - #/components/examples/Connectors_run_servicenow_itom_connector_request - runSlackConnectorRequest: - $ref: >- - #/components/examples/Connectors_run_slack_api_connector_request - runSwimlaneConnectorRequest: - $ref: >- - #/components/examples/Connectors_run_swimlane_connector_request + type: object + properties: + file: + description: The `.ndjson` file containing the rules. + format: binary + type: string + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: false type: object - required: - - connector_id - - status properties: - connector_id: - type: string - description: The identifier for the connector. - data: - oneOf: - - type: object - description: Information returned from the action. - additionalProperties: true - - type: array - description: An array of information returned from the action. - items: - type: object - status: - type: string - description: The status of the action. - enum: - - error - - ok - examples: - runCasesWebhookConnectorResponse: - $ref: >- - #/components/examples/Connectors_run_cases_webhook_connector_response - runEmailConnectorResponse: - $ref: >- - #/components/examples/Connectors_run_email_connector_response - runIndexConnectorResponse: - $ref: >- - #/components/examples/Connectors_run_index_connector_response - runJiraConnectorResponse: - $ref: '#/components/examples/Connectors_run_jira_connector_response' - runPagerDutyConnectorResponse: - $ref: >- - #/components/examples/Connectors_run_pagerduty_connector_response - runServerLogConnectorResponse: - $ref: >- - #/components/examples/Connectors_run_server_log_connector_response - runServiceNowITOMConnectorResponse: - $ref: >- - #/components/examples/Connectors_run_servicenow_itom_connector_response - runSlackConnectorResponse: - $ref: >- - #/components/examples/Connectors_run_slack_api_connector_response - runSwimlaneConnectorResponse: - $ref: >- - #/components/examples/Connectors_run_swimlane_connector_response - '401': - $ref: '#/components/responses/Connectors_401' - /api/actions/connectors: - get: - summary: Get all connectors - operationId: getConnectors + action_connectors_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + action_connectors_success: + type: boolean + action_connectors_success_count: + minimum: 0 + type: integer + action_connectors_warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_WarningSchema + type: array + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_success: + type: boolean + exceptions_success_count: + minimum: 0 + type: integer + rules_count: + minimum: 0 + type: integer + success: + type: boolean + success_count: + minimum: 0 + type: integer + required: + - exceptions_success + - exceptions_success_count + - exceptions_errors + - rules_count + - success + - success_count + - errors + - action_connectors_errors + - action_connectors_warnings + - action_connectors_success + - action_connectors_success_count + description: Indicates a successful call. + summary: Import detection rules tags: - - connectors + - Security Solution Detections API + - Import/Export API + '/api/detection_engine/rules/{id}/exceptions': + post: + operationId: CreateRuleExceptionListItems + parameters: + - description: Detection rule's identifier + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_RuleId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps + type: array + required: + - items + description: Rule exception list items + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array items: $ref: >- - #/components/schemas/Connectors_connector_response_properties - examples: - getConnectorsResponse: - $ref: '#/components/examples/Connectors_get_connectors_response' + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response '401': - $ref: '#/components/responses/Connectors_401' - /api/actions/connector_types: - get: - summary: Get all connector types - operationId: getConnectorTypes + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Creates rule exception list items tags: - - connectors - parameters: - - in: query - name: feature_id - description: >- - A filter to limit the retrieved connector types to those that - support a specific feature (such as alerting or cases). - schema: - $ref: '#/components/schemas/Connectors_features' + - Security Solution Exceptions API + /api/detection_engine/rules/prepackaged: + put: + description: Install and update all Elastic prebuilt detection rules and Timelines. + operationId: InstallPrebuiltRulesAndTimelines responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - title: Get connector types response body properties - description: The properties vary for each connector type. - type: array - items: - type: object - properties: - enabled: - type: boolean - description: >- - Indicates whether the connector type is enabled in - Kibana. - example: true - enabled_in_config: - type: boolean - description: >- - Indicates whether the connector type is enabled in the - Kibana configuration file. - example: true - enabled_in_license: - type: boolean - description: >- - Indicates whether the connector is enabled in the - license. - example: true - id: - $ref: '#/components/schemas/Connectors_connector_types' - is_system_action_type: - type: boolean - example: false - minimum_license_required: - type: string - description: The license that is required to use the connector type. - example: basic - name: - type: string - description: The name of the connector type. - example: Index - supported_feature_ids: - type: array - description: The features that are supported by the connector type. - items: - $ref: '#/components/schemas/Connectors_features' - example: - - alerting - - cases - - siem - examples: - getConnectorTypesServerlessResponse: - $ref: >- - #/components/examples/Connectors_get_connector_types_generativeai_response - '401': - $ref: '#/components/responses/Connectors_401' - /api/actions/action/{actionId}: - delete: - summary: Delete a connector - operationId: legacyDeleteConnector - deprecated: true - description: > - Deprecated in 7.13.0. Use the delete connector API instead. WARNING: - When you delete a connector, it cannot be recovered. + additionalProperties: false + type: object + properties: + rules_installed: + description: The number of rules installed + minimum: 0 + type: integer + rules_updated: + description: The number of rules updated + minimum: 0 + type: integer + timelines_installed: + description: The number of timelines installed + minimum: 0 + type: integer + timelines_updated: + description: The number of timelines updated + minimum: 0 + type: integer + required: + - rules_installed + - rules_updated + - timelines_installed + - timelines_updated + description: Indicates a successful call + summary: Install prebuilt detection rules and Timelines tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - $ref: '#/components/parameters/Connectors_action_id' - responses: - '204': - description: Indicates a successful call. - '401': - $ref: '#/components/responses/Connectors_401' + - Security Solution Detections API + - Prebuilt Rules API + /api/detection_engine/rules/prepackaged/_status: get: - summary: Get connector information - operationId: legacyGetConnector - description: Deprecated in 7.13.0. Use the get connector API instead. - deprecated: true - tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_action_id' + description: >- + Retrieve the status of all Elastic prebuilt detection rules and + Timelines. + operationId: ReadPrebuiltRulesAndTimelinesStatus responses: '200': - $ref: '#/components/responses/Connectors_200_actions' - '401': - $ref: '#/components/responses/Connectors_401' - put: - summary: Update a connector - operationId: legacyUpdateConnector - deprecated: true - description: Deprecated in 7.13.0. Use the update connector API instead. + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + rules_custom_installed: + description: The total number of custom rules + minimum: 0 + type: integer + rules_installed: + description: The total number of installed prebuilt rules + minimum: 0 + type: integer + rules_not_installed: + description: >- + The total number of available prebuilt rules that are not + installed + minimum: 0 + type: integer + rules_not_updated: + description: The total number of outdated prebuilt rules + minimum: 0 + type: integer + timelines_installed: + description: The total number of installed prebuilt timelines + minimum: 0 + type: integer + timelines_not_installed: + description: >- + The total number of available prebuilt timelines that are + not installed + minimum: 0 + type: integer + timelines_not_updated: + description: The total number of outdated prebuilt timelines + minimum: 0 + type: integer + required: + - rules_custom_installed + - rules_installed + - rules_not_installed + - rules_not_updated + - timelines_installed + - timelines_not_installed + - timelines_not_updated + description: Indicates a successful call + summary: Retrieve the status of prebuilt detection rules and Timelines tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - $ref: '#/components/parameters/Connectors_action_id' + - Security Solution Detections API + - Prebuilt Rules API + /api/detection_engine/rules/preview: + post: + operationId: RulePreview requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - title: Legacy update connector request body properties - description: The properties vary depending on the connector type. - type: object - properties: - config: - type: object - description: >- - The new connector configuration. Configuration properties - vary depending on the connector type. - name: - type: string - description: The new name for the connector. - secrets: - type: object - description: >- - The updated secrets configuration for the connector. Secrets - properties vary depending on the connector type. + anyOf: + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + discriminator: + propertyName: type + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true responses: '200': - $ref: '#/components/responses/Connectors_200_actions' - '404': - $ref: '#/components/responses/Connectors_404' - /api/actions: - get: - summary: Get all connectors - operationId: legacyGetConnectors - deprecated: true - description: Deprecated in 7.13.0. Use the get all connectors API instead. - tags: - - connectors - responses: - '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - items: - $ref: '#/components/schemas/Connectors_action_response_properties' + type: object + properties: + isAborted: + type: boolean + logs: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLogs + type: array + previewId: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - logs + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response '401': - $ref: '#/components/responses/Connectors_401' - post: - summary: Create a connector - operationId: legacyCreateConnector - deprecated: true - description: Deprecated in 7.13.0. Use the create connector API instead. + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Preview rule alerts generated on specified time range tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' + - Security Solution Detections API + - Rule preview API + /api/detection_engine/signals/assignees: + post: + description: | + Assign users to detection alerts, and unassign them from alerts. + > info + > You cannot add and remove the same assignee in the same request. + operationId: SetAlertAssignees requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - title: Legacy create connector request properties type: object properties: - actionTypeId: - type: string - description: The connector type identifier. - config: - type: object - description: >- - The configuration for the connector. Configuration - properties vary depending on the connector type. - name: - type: string - description: The display name for the connector. - secrets: - type: object - description: > - The secrets configuration for the connector. Secrets - configuration properties vary depending on the connector - type. NOTE: Remember these values. You must provide them - each time you update the connector. + assignees: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertAssignees + description: Details about the assignees to assign and unassign. + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + description: List of alerts ids to assign and unassign passed assignees. + required: + - assignees + - ids + required: true responses: '200': - $ref: '#/components/responses/Connectors_200_actions' - '401': - $ref: '#/components/responses/Connectors_401' - /api/actions/list_action_types: - get: - summary: Get connector types - operationId: legacyGetConnectorTypes - deprecated: true - description: Deprecated in 7.13.0. Use the get all connector types API instead. + description: Indicates a successful call. + '400': + description: Invalid request. + summary: Assign and unassign users from detection alerts tags: - - connectors + - Security Solution Detections API + /api/detection_engine/signals/finalize_migration: + post: + description: > + Finalize successful migrations of detection alerts. This replaces the + original index's alias with the successfully migrated index's alias. + + The endpoint is idempotent; therefore, it can safely be used to poll a + given migration and, upon completion, + + finalize it. + operationId: FinalizeAlertsMigration + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + migration_ids: + items: + type: string + minItems: 1 + type: array + required: + - migration_ids + description: Array of `migration_id`s to finalize + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - title: Legacy get connector types response body properties - description: The properties vary for each connector type. - type: array items: - type: object - properties: - enabled: - type: boolean - description: >- - Indicates whether the connector type is enabled in - Kibana. - enabledInConfig: - type: boolean - description: >- - Indicates whether the connector type is enabled in the - Kibana `.yml` file. - enabledInLicense: - type: boolean - description: >- - Indicates whether the connector is enabled in the - license. - example: true - id: - type: string - description: The unique identifier for the connector type. - minimumLicenseRequired: - type: string - description: The license that is required to use the connector type. - name: - type: string - description: The name of the connector type. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationFinalizationResult + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response '401': - $ref: '#/components/responses/Connectors_401' - /api/actions/action/{actionId}/_execute: - post: - summary: Run a connector - operationId: legacyRunConnector - deprecated: true - description: Deprecated in 7.13.0. Use the run connector API instead. + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Finalize detection alert migrations tags: - - connectors - parameters: - - $ref: '#/components/parameters/Connectors_kbn_xsrf' - - $ref: '#/components/parameters/Connectors_action_id' + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/migration: + delete: + description: > + Migrations favor data integrity over shard size. Consequently, unused or + orphaned indices are artifacts of + + the migration process. A successful migration will result in both the + old and new indices being present. + + As such, the old, orphaned index can (and likely should) be deleted. + + + While you can delete these indices manually, + + the endpoint accomplishes this task by applying a deletion policy to the + relevant index, causing it to be deleted + + after 30 days. It also deletes other artifacts specific to the migration + implementation. + operationId: AlertsMigrationCleanup requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - title: Legacy run connector request body properties - description: The properties vary depending on the connector type. type: object - required: - - params properties: - params: - type: object - description: >- - The parameters of the connector. Parameter properties vary - depending on the connector type. + migration_ids: + items: + type: string + minItems: 1 + type: array + required: + - migration_ids + description: Array of `migration_id`s to cleanup + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - actionId: - type: string - data: - oneOf: - - type: object - description: Information returned from the action. - additionalProperties: true - - type: array - description: An array of information returned from the action. - items: - type: object - status: - type: string - description: The status of the action. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationCleanupResult + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response '401': - $ref: '#/components/responses/Connectors_401' - /api/data_views: - get: - summary: Get all data views - operationId: getAllDataViewsDefault + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Clean up detection alert migrations tags: - - data views + - Security Solution Detections API + - Alerts migration API + post: + description: > + Initiate a migration of detection alerts. + + Migrations are initiated per index. While the process is neither + destructive nor interferes with existing data, it may be + resource-intensive. As such, it is recommended that you plan your + migrations accordingly. + operationId: CreateAlertsMigration + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - type: object + properties: + index: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - index + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsReindexOptions + description: Alerts migration parameters + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object properties: - data_view: - type: array + indices: items: - type: object - properties: - id: - type: string - name: - type: string - namespaces: - type: array - items: - type: string - title: - type: string - typeMeta: - type: object - examples: - getAllDataViewsResponse: - $ref: '#/components/examples/Data_views_get_data_views_response' + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexMigrationSuccess + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexMigrationError + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SkippedAlertsIndexMigration + type: array + required: + - indices + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view: - post: - summary: Create a data view - operationId: createDataViewDefaultw - tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_create_data_view_request_object' - examples: - createDataViewRequest: - $ref: '#/components/examples/Data_views_create_data_view_request' - responses: - '200': - description: Indicates a successful call. + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - '400': - description: Bad request + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view/{viewId}: - get: - summary: Get a data view - operationId: getDataViewDefault + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Initiate a detection alert migration tags: - - data views + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/migration_status: + post: + description: >- + Retrieve indices that contain detection alerts of a particular age, + along with migration information for each of those indices. + operationId: ReadAlertsMigrationStatus parameters: - - $ref: '#/components/parameters/Data_views_view_id' + - description: Maximum age of qualifying detection alerts + in: query + name: from + required: true + schema: + description: > + Time from which data is analyzed. For example, now-4200s means the + rule analyzes data from 70 minutes + + before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - examples: - getDataViewResponse: - $ref: '#/components/examples/Data_views_get_data_view_response' - '404': - description: Object is not found. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_404_response' - delete: - summary: Delete a data view - operationId: deleteDataViewDefault - description: | - WARNING: When you delete a data view, it cannot be recovered. - tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '204': - description: Indicates a successful call. - '404': - description: Object is not found. + type: object + properties: + indices: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexMigrationStatus + type: array + required: + - indices + description: Successful response + '400': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_404_response' - post: - summary: Update a data view - operationId: updateDataViewDefault - tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_update_data_view_request_object' - examples: - updateDataViewRequest: - $ref: '#/components/examples/Data_views_update_data_view_request' - responses: - '200': - description: Indicates a successful call. + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - '400': - description: Bad request + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view/{viewId}/fields: - post: - summary: Update data view fields metadata - operationId: updateFieldsMetadataDefault - description: > - Update fields presentation metadata such as count, customLabel, - customDescription, and format. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Retrieve the status of detection alert migrations tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/search: + post: + description: Find and/or aggregate detection alerts that match the given query. + operationId: SearchAlerts requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: + description: Elasticsearch query and aggregation request type: object - required: - - fields properties: + _source: + oneOf: + - type: boolean + - type: string + - items: + type: string + type: array + aggs: + additionalProperties: true + type: object fields: - description: The field object. + items: + type: string + type: array + query: + additionalProperties: true type: object - examples: - updateFieldsMetadataRequest: - $ref: '#/components/examples/Data_views_update_field_metadata_request' + runtime_mappings: + additionalProperties: true + type: object + size: + minimum: 0 + type: integer + sort: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSort + track_total_hits: + type: boolean + description: Search and/or aggregation query + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: true + description: Elasticsearch search response type: object - properties: - acknowledged: - type: boolean + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view/{viewId}/runtime_field: - post: - summary: Create a runtime field - operationId: createRuntimeFieldDefault + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Find and/or aggregate detection alerts tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/status: + post: + description: Set the status of one or more detection alerts. + operationId: SetAlertsStatus requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - required: - - name - - runtimeField - properties: - name: - type: string - description: | - The name for a runtime field. - runtimeField: - type: object - description: | - The runtime field definition object. - examples: - createRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_create_runtime_field_request' + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByIds + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByQuery + description: >- + An object containing desired status and explicit alert ids or a query + to select alerts + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: true + description: Elasticsearch update by query response type: object - put: - summary: Create or update a runtime field - operationId: createUpdateRuntimeFieldDefault + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Set a detection alert status tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - name: viewId - in: path - description: | - The ID of the data view fields you want to update. - required: true - schema: - type: string + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/tags: + post: + description: | + And tags to detection alerts, and remove them from alerts. + > info + > You cannot add and remove the same alert tag in the same request. + operationId: SetAlertTags requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object - required: - - name - - runtimeField properties: - name: - type: string - description: | - The name for a runtime field. - runtimeField: - type: object - description: | - The runtime field definition object. - examples: - updateRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_create_runtime_field_request' + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertTags + required: + - ids + - tags + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: + additionalProperties: true + description: Elasticsearch update by query response type: object - properties: - data_view: - type: object - fields: - type: array - items: - type: object + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: - get: - summary: Get a runtime field - operationId: getRuntimeFieldDefault - tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '200': - description: Indicates a successful call. + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - data_view: - type: object - fields: - type: array - items: - type: object - examples: - getRuntimeFieldResponse: - $ref: '#/components/examples/Data_views_get_runtime_field_response' - '404': - description: Object is not found. + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_404_response' - delete: - summary: Delete a runtime field from a data view - operationId: deleteRuntimeFieldDefault + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Add and remove detection alert tags tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' + - Security Solution Detections API + - Alerts API + /api/detection_engine/tags: + get: + description: List all unique tags from all detection rules. + operationId: ReadTags responses: '200': - description: Indicates a successful call. - '404': - description: Object is not found. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_404_response' - post: - summary: Update a runtime field - operationId: updateRuntimeFieldDefault + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + description: Indicates a successful call + summary: List all detection rule tags tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - required: true - content: - application/json: - schema: - type: object - required: - - runtimeField - properties: - runtimeField: - type: object - description: | - The runtime field definition object. + - Security Solution Detections API + - Tags API + /api/encrypted_saved_objects/_rotate_key: + post: + description: > + Superuser role required. - You can update following fields: - - `type` - - `script` - examples: - updateRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_update_runtime_field_request' + If a saved object cannot be decrypted using the primary encryption key, + then Kibana will attempt to decrypt it using the specified + decryption-only keys. In most of the cases this overhead is negligible, + but if you're dealing with a large number of saved objects and + experiencing performance issues, you may want to rotate the encryption + key. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: rotateEncryptionKey + parameters: + - description: > + Specifies a maximum number of saved objects that Kibana can process + in a single batch. Bulk key rotation is an iterative process since + Kibana may not be able to fetch and process all required saved + objects in one go and splits processing into consequent batches. By + default, the batch size is 10000, which is also a maximum allowed + value. + in: query + name: batch_size + required: false + schema: + default: 10000 + type: number + - description: > + Limits encryption key rotation only to the saved objects with the + specified type. By default, Kibana tries to rotate the encryption + key for all saved object types that may contain encrypted + attributes. + in: query + name: type + required: false + schema: + type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + rotateEncryptionKeyResponse: + $ref: '#/components/examples/Saved_objects_key_rotation_response' + schema: + type: object + properties: + failed: + description: > + Indicates the number of the saved objects that were still + encrypted with one of the old encryption keys that Kibana + failed to re-encrypt with the primary key. + type: number + successful: + description: > + Indicates the total number of all encrypted saved objects + (optionally filtered by the requested `type`), regardless + of the key Kibana used for encryption. + + + NOTE: In most cases, `total` will be greater than + `successful` even if `failed` is zero. The reason is that + Kibana may not need or may not be able to rotate + encryption keys for all encrypted saved objects. + type: number + total: + description: > + Indicates the total number of all encrypted saved objects + (optionally filtered by the requested `type`), regardless + of the key Kibana used for encryption. + type: number description: Indicates a successful call. '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' description: Bad request + '429': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/default: - get: - summary: Get the default data view - operationId: getDefaultDataViewDefault + type: object + description: Already in progress. + summary: Rotate a key for encrypted saved objects tags: - - data views + - saved objects + /api/endpoint_list: + post: + description: Creates an endpoint list or does nothing if the list already exists + operationId: CreateEndpointList responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - data_view_id: - type: string - examples: - getDefaultDataViewResponse: - $ref: >- - #/components/examples/Data_views_get_default_data_view_response + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointList + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - post: - summary: Set the default data view - operationId: setDefaultDatailViewDefault - tags: - - data views + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Creates an endpoint list + /api/endpoint_list/items: + delete: + operationId: DeleteEndpointListItem parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: object - required: - - data_view_id - properties: - data_view_id: - type: string - nullable: true - description: > - The data view identifier. NOTE: The API does not validate - whether it is a valid identifier. Use `null` to unset the - default data view. - force: - type: boolean - description: Update an existing default data view identifier. - default: false - examples: - setDefaultDataViewRequest: - $ref: '#/components/examples/Data_views_set_default_data_view_request' + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - acknowledged: - type: boolean + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Data_views_400_response' - /api/data_views/swap_references: - post: - summary: Swap saved object references - operationId: swapDataViewsDefault - description: > - Changes saved object references from one data view identifier to - another. WARNING: Misuse can break large numbers of saved objects! - Practicing with a backup is recommended. - tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_swap_data_view_request_object' - examples: - swapDataViewRequest: - $ref: '#/components/examples/Data_views_swap_data_view_request' - responses: - '200': - description: Indicates a successful call. + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - deleteStatus: - type: object - properties: - deletePerformed: - type: boolean - remainingRefs: - type: integer - result: - type: array - items: - type: object - properties: - id: - type: string - description: A saved object identifier. - type: - type: string - description: The saved object type. - /api/data_views/swap_references/_preview: - post: - summary: Preview a saved object reference swap - operationId: previewSwapDataViewsDefault - description: > - Preview the impact of swapping saved object references from one data - view identifier to another. - tags: - - data views - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/Data_views_swap_data_view_request_object' - examples: - previewSwapDataViewRequest: $ref: >- - #/components/examples/Data_views_preview_swap_data_view_request - responses: - '200': - description: Indicates a successful call. + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - result: - type: array - items: - type: object - properties: - id: - type: string - description: A saved object identifier. - type: - type: string - description: The saved object type. - /api/ml/saved_objects/sync: - get: - summary: Sync saved objects in the default space - description: > - Synchronizes Kibana saved objects for machine learning jobs and trained - models in the default space. You must have `all` privileges for the - **Machine Learning** feature in the **Analytics** section of the Kibana - feature privileges. This API runs automatically when you start Kibana - and periodically thereafter. - operationId: mlSync - tags: - - ml - parameters: - - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' - responses: - '200': - description: Indicates a successful call + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' - examples: - syncExample: - $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' - '401': - description: Authorization information is missing or invalid. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' - /api/encrypted_saved_objects/_rotate_key: - post: - summary: Rotate a key for encrypted saved objects - operationId: rotateEncryptionKey - description: > - Superuser role required. - - - If a saved object cannot be decrypted using the primary encryption key, - then Kibana will attempt to decrypt it using the specified - decryption-only keys. In most of the cases this overhead is negligible, - but if you're dealing with a large number of saved objects and - experiencing performance issues, you may want to rotate the encryption - key. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - tags: - - saved objects + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Deletes an endpoint list item + get: + operationId: ReadEndpointListItem parameters: - - in: query - name: batch_size - schema: - type: number - default: 10000 + - description: Either `id` or `item_id` must be specified + in: query + name: id required: false - description: > - Specifies a maximum number of saved objects that Kibana can process - in a single batch. Bulk key rotation is an iterative process since - Kibana may not be able to fetch and process all required saved - objects in one go and splits processing into consequent batches. By - default, the batch size is 10000, which is also a maximum allowed - value. - - in: query - name: type schema: - type: string + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id required: false - description: > - Limits encryption key rotation only to the saved objects with the - specified type. By default, Kibana tries to rotate the encryption - key for all saved object types that may contain encrypted - attributes. + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - total: - type: number - description: > - Indicates the total number of all encrypted saved objects - (optionally filtered by the requested `type`), regardless - of the key Kibana used for encryption. - successful: - type: number - description: > - Indicates the total number of all encrypted saved objects - (optionally filtered by the requested `type`), regardless - of the key Kibana used for encryption. - - - NOTE: In most cases, `total` will be greater than - `successful` even if `failed` is zero. The reason is that - Kibana may not need or may not be able to rotate - encryption keys for all encrypted saved objects. - failed: - type: number - description: > - Indicates the number of the saved objects that were still - encrypted with one of the old encryption keys that Kibana - failed to re-encrypt with the primary key. - examples: - rotateEncryptionKeyResponse: - $ref: '#/components/examples/Saved_objects_key_rotation_response' + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - '429': - description: Already in progress. + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - /api/saved_objects/_bulk_create: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Reads an endpoint list item post: - summary: Create saved objects - operationId: bulkCreateSavedObjects - deprecated: true - tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - in: query - name: overwrite - description: When true, overwrites the document with the same identifier. - schema: - type: boolean + operationId: CreateEndpointListItem requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - items: - type: object + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/_bulk_delete: - post: - summary: Delete saved objects - operationId: bulkDeleteSavedObjects - description: | - WARNING: When you delete a saved object, it cannot be recovered. - deprecated: true - tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - in: query - name: force - description: > - When true, force delete objects that exist in multiple namespaces. - Note that the option applies to the whole request. Use the delete - object API to specify per-object deletion behavior. TIP: Use this if - you attempted to delete objects and received an HTTP 400 error with - the following message: "Unable to delete saved object that exists in - multiple namespaces, use the force option to delete it anyway". - WARNING: When you bulk delete objects that exist in multiple - namespaces, the API also deletes legacy url aliases that reference - the object. These requests are batched to minimise the impact but - they can place a heavy load on Kibana. Make sure you limit the - number of objects that exist in multiple namespaces in a single bulk - delete operation. - schema: - type: boolean - requestBody: - required: true - content: - application/json: - schema: - type: array - items: - type: object - responses: - '200': - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - '400': - description: Bad request + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/_bulk_get: - post: - summary: Get saved objects - operationId: bulkGetSavedObjects - deprecated: true - tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: array - items: - type: object - responses: - '200': - description: Indicates a successful call. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '409': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - '400': - description: Bad request + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item already exists + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/_bulk_resolve: - post: - summary: Resolve saved objects - operationId: bulkResolveSavedObjects - deprecated: true - description: > - Retrieve multiple Kibana saved objects by identifier using any legacy - URL aliases if they exist. Under certain circumstances when Kibana is - upgraded, saved object migrations may necessitate regenerating some - object IDs to enable new features. When an object's ID is regenerated, a - legacy URL alias is created for that object, preserving its old ID. In - such a scenario, that object can be retrieved by the bulk resolve API - using either its new ID or its old ID. - tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Creates an endpoint list item + put: + operationId: UpdateEndpointListItem requestBody: - required: true content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: array - items: - type: object + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true responses: '200': - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/_bulk_update: - post: - summary: Update saved objects - operationId: bulkUpdateSavedObjects - description: Update the attributes for multiple Kibana saved objects. - deprecated: true - tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: array - items: - type: object - responses: - '200': - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - '400': - description: Bad request + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/_export: - post: - summary: Export saved objects - operationId: exportSavedObjectsDefault - description: > - Retrieve sets of saved objects that you want to import into Kibana. - - You must include `type` or `objects` in the request body. - - - Exported saved objects are not backwards compatible and cannot be - imported into an older version of Kibana. - - - NOTE: The `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be exported. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - required: true - content: - application/json: - schema: - type: object - properties: - excludeExportDetails: - description: Do not add export details entry at the end of the stream. - type: boolean - default: false - includeReferencesDeep: - description: >- - Includes all of the referenced objects in the exported - objects. - type: boolean - objects: - description: A list of objects to export. - type: array - items: - type: object - type: - description: >- - The saved object types to include in the export. Use `*` to - export all the types. - oneOf: - - type: string - - type: array - items: - type: string - examples: - exportSavedObjectsRequest: - $ref: '#/components/examples/Saved_objects_export_objects_request' - responses: - '200': - description: Indicates a successful call. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': content: - application/x-ndjson: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - additionalProperties: true - examples: - exportSavedObjectsResponse: - $ref: '#/components/examples/Saved_objects_export_objects_response' - '400': - description: Bad request. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/_find: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Updates an endpoint list item + /api/endpoint_list/items/_find: get: - summary: Search for saved objects - operationId: findSavedObjects - description: Retrieve a paginated set of Kibana saved objects. - deprecated: true - tags: - - saved objects + operationId: FindEndpointListItems parameters: - - in: query - name: aggs - description: > - An aggregation structure, serialized as a string. The field format - is similar to filter, meaning that to use a saved object type - attribute in the aggregation, the `savedObjectType.attributes.title: - "myTitle"` format must be used. For root fields, the syntax is - `savedObjectType.rootField`. NOTE: As objects change in Kibana, the - results on each page of the response also change. Use the find API - for traditional paginated results, but avoid using it to export - large amounts of data. - schema: - type: string - - in: query - name: default_search_operator - description: The default operator to use for the `simple_query_string`. - schema: - type: string - - in: query - name: fields - description: The fields to return in the attributes key of the response. - schema: - oneOf: - - type: string - - type: array - - in: query + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query name: filter - description: > - The filter is a KQL string with the caveat that if you filter with - an attribute from your saved object type, it should look like that: - `savedObjectType.attributes.title: "myTitle"`. However, if you use a - root attribute of a saved object such as `updated_at`, you will have - to define your filter like that: `savedObjectType.updated_at > - 2018-12-22`. - schema: - type: string - - in: query - name: has_no_reference - description: >- - Filters to objects that do not have a relationship with the type and - identifier combination. - schema: - type: object - - in: query - name: has_no_reference_operator - description: >- - The operator to use for the `has_no_reference` parameter. Either - `OR` or `AND`. Defaults to `OR`. - schema: - type: string - - in: query - name: has_reference - description: >- - Filters to objects that have a relationship with the type and ID - combination. - schema: - type: object - - in: query - name: has_reference_operator - description: >- - The operator to use for the `has_reference` parameter. Either `OR` - or `AND`. Defaults to `OR`. + required: false schema: - type: string - - in: query + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter + - description: The page number to return + in: query name: page - description: The page of objects to return. + required: false schema: + minimum: 0 type: integer - - in: query + - description: The number of exception list items to return per page + in: query name: per_page - description: The number of objects to return per page. + required: false schema: + minimum: 0 type: integer - - in: query - name: search - description: >- - An Elasticsearch `simple_query_string` query that filters the - objects in the response. - schema: - type: string - - in: query - name: search_fields - description: >- - The fields to perform the `simple_query_string` parsed query - against. - schema: - oneOf: - - type: string - - type: array - - in: query + - description: Determines which field is used to sort the results + in: query name: sort_field - description: > - Sorts the response. Includes "root" and "type" fields. "root" fields - exist for all saved objects, such as "updated_at". "type" fields are - specific to an object type, such as fields returned in the - attributes key of the response. When a single type is defined in the - type parameter, the "root" and "type" fields are allowed, and - validity checks are made in that order. When multiple types are - defined in the type parameter, only "root" fields are allowed. + required: false schema: - type: string - - in: query - name: type - description: The saved object types to include. - required: true + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false schema: - oneOf: - - type: string - - type: array + enum: + - desc + - asc + type: string responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response '400': - description: Bad request content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/_import: - post: - summary: Import saved objects - operationId: importSavedObjectsDefault - description: > - Create sets of Kibana saved objects from a file created by the export - API. - - Saved objects can be imported only into the same version, a newer minor - on the same major, or the next major. Exported saved objects are not - backwards compatible and cannot be imported into an older version of - Kibana. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - tags: - - saved objects + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Finds endpoint list items + /api/endpoint/action: + get: + description: Get a list of action requests and their responses + operationId: EndpointGetActionsList parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - in: query - name: createNewCopies + name: query + required: true schema: - type: boolean - required: false - description: > - Creates copies of saved objects, regenerates each object ID, and - resets the origin. When used, potential conflict errors are avoided. - NOTE: This option cannot be used with the `overwrite` and - `compatibilityMode` options. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Actions List schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/action_log/{agent_id}': + get: + deprecated: true + description: Get action requests log + operationId: EndpointGetActionLog + parameters: + - in: path + name: agent_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId - in: query - name: overwrite + name: query + required: true schema: - type: boolean - required: false - description: > - Overwrites saved objects when they already exist. When used, - potential conflict errors are automatically resolved by overwriting - the destination object. NOTE: This option cannot be used with the - `createNewCopies` option. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionLogRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get action requests log schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_status: + get: + description: Get action status + operationId: EndpointGetActionsStatus + parameters: - in: query - name: compatibilityMode + name: query + required: true schema: - type: boolean - required: false - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. Use this option only if you encounter issues with imported - saved objects. NOTE: This option cannot be used with the - `createNewCopies` option. - requestBody: - required: true - content: - multipart/form-data: - schema: - type: object - properties: - file: - description: > - A file exported using the export API. NOTE: The - `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be included in - this file. Similarly, the - `savedObjects.maxImportPayloadBytes` setting limits the - overall size of the file that can be imported. - examples: - importObjectsRequest: - $ref: '#/components/examples/Saved_objects_import_objects_request' + type: object + properties: + agent_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - properties: - success: - type: boolean - description: > - Indicates when the import was successfully completed. When - set to false, some objects may not have been created. For - additional information, refer to the `errors` and - `successResults` properties. - successCount: - type: integer - description: Indicates the number of successfully imported records. - errors: - type: array - items: - type: object - description: > - Indicates the import was unsuccessful and specifies the - objects that failed to import. - - - NOTE: One object may result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and conflict error. - successResults: - type: array - items: - type: object - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are created only when all resolvable errors - are addressed, including conflicts and missing references. - If objects are created as new copies, each entry in the - `successResults` array includes a `destinationId` - attribute. - examples: - importObjectsResponse: - $ref: '#/components/examples/Saved_objects_import_objects_response' - '400': - description: Bad request. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse + description: OK + summary: Get Actions status schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/action/{action_id}': + get: + description: Get action details + operationId: EndpointGetActionsDetails + parameters: + - in: path + name: action_id + required: true + schema: + type: string + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/_resolve_import_errors: - post: - summary: Resolve import errors - operationId: resolveImportErrors - description: > - To resolve errors from the Import objects API, you can: - - - * Retry certain saved objects - - * Overwrite specific saved objects - - * Change references to different saved objects - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Action details schema tags: - - saved objects + - Security Solution Endpoint Management API + '/api/endpoint/action/{action_id}/file/{file_id}/download`': + get: + description: Download a file from an endpoint + operationId: EndpointFileDownload parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - in: query - name: compatibilityMode + - in: path + name: action_id + required: true schema: - type: boolean - required: false - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. When enabled during the initial import, also enable when - resolving import errors. This option cannot be used with the - `createNewCopies` option. - - in: query - name: createNewCopies + type: string + - in: path + name: file_id + required: true schema: - type: boolean - required: false - description: > - Creates copies of the saved objects, regenerates each object ID, and - resets the origin. When enabled during the initial import, also - enable when resolving import errors. - requestBody: - required: true - content: - multipart/form-data: - schema: - type: object - required: - - retries - properties: - file: - description: The same file given to the import API. - type: string - format: binary - retries: - description: >- - The retry operations, which can specify how to resolve - different types of errors. - type: array - items: - type: object - required: - - type - - id - properties: - type: - description: The saved object type. - type: string - id: - description: The saved object ID. - type: string - overwrite: - description: >- - When set to `true`, the source object overwrites the - conflicting destination object. When set to `false`, - does nothing. - type: boolean - destinationId: - description: >- - Specifies the destination ID that the imported object - should have, if different from the current ID. - type: string - replaceReferences: - description: >- - A list of `type`, `from`, and `to` used to change the - object references. - type: array - items: - type: object - properties: - type: - type: string - from: - type: string - to: - type: string - ignoreMissingReferences: - description: >- - When set to `true`, ignores missing reference errors. - When set to `false`, does nothing. - type: boolean - examples: - resolveImportErrorsRequest: - $ref: >- - #/components/examples/Saved_objects_resolve_missing_reference_request + type: string responses: '200': - description: Indicates a successful call. - content: - application/json: - schema: - type: object - properties: - success: - type: boolean - description: > - Indicates a successful import. When set to `false`, some - objects may not have been created. For additional - information, refer to the `errors` and `successResults` - properties. - successCount: - type: number - description: | - Indicates the number of successfully resolved records. - errors: - type: array - description: > - Specifies the objects that failed to resolve. - - - NOTE: One object can result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and a `conflict` error. - items: - type: object - successResults: - type: array - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are only created when all resolvable errors - are addressed, including conflict and missing references. - items: - type: object - examples: - resolveImportErrorsResponse: - $ref: >- - #/components/examples/Saved_objects_resolve_missing_reference_response - '400': - description: Bad request. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/saved_objects/{type}: - post: - summary: Create a saved object - operationId: createSavedObject - description: Create a Kibana saved object with a randomly generated identifier. - deprecated: true + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: File Download schema tags: - - saved objects + - Security Solution Endpoint Management API + '/api/endpoint/action/{action_id}/file/{file_id}`': + get: + description: Get file info + operationId: EndpointFileInfo parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - in: query - name: overwrite - description: If true, overwrites the document with the same identifier. + - in: path + name: action_id + required: true schema: - type: boolean - requestBody: - required: true - content: - application/json: - schema: - type: object - required: - - attributes - properties: - attributes: - $ref: '#/components/schemas/Saved_objects_attributes' - initialNamespaces: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - references: - $ref: '#/components/schemas/Saved_objects_references' + type: string + - in: path + name: file_id + required: true + schema: + type: string responses: '200': - description: Indicates a successful call. content: - application/json: - schema: - type: object - '409': - description: Indicates a conflict error. - content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - /api/saved_objects/{type}/{id}: - get: - summary: Get a saved object - operationId: getSavedObject - description: Retrieve a single Kibana saved object by identifier. - deprecated: true + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: File Info schema tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - Security Solution Endpoint Management API + /api/endpoint/action/execute: + post: + description: Execute a given command on an endpoint + operationId: EndpointExecuteAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - '400': - description: Bad request. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Execute Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/get_file: + post: + description: Get a file from an endpoint + operationId: EndpointGetFileAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get File Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/isolate: post: - summary: Create a saved object - operationId: createSavedObjectId - description: >- - Create a Kibana saved object and specify its identifier instead of using - a randomly generated ID. - deprecated: true + description: Isolate an endpoint + operationId: EndpointIsolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Isolate Action tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - in: query - name: overwrite - description: If true, overwrites the document with the same identifier. - schema: - type: boolean + - Security Solution Endpoint Management API + /api/endpoint/action/kill_process: + post: + description: Kill a running process on an endpoint + operationId: EndpointKillProcessAction requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Kill process Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/running_procs: + post: + description: Get list of running processes on an endpoint + operationId: EndpointGetProcessesAction + requestBody: content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - required: - - attributes - properties: - attributes: - $ref: '#/components/schemas/Saved_objects_attributes' - initialNamespaces: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - references: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - '409': - description: Indicates a conflict error. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Running Processes Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/scan: + post: + description: Scan a file or directory + operationId: EndpointScanAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ScanRouteRequestBody + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - put: - summary: Update a saved object - operationId: updateSavedObject - description: Update the attributes for Kibana saved objects. - deprecated: true + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Scan Action tags: - - saved objects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - Security Solution Endpoint Management API + /api/endpoint/action/state: + get: + operationId: EndpointGetActionsState + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse + description: OK + summary: Get Action State schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/suspend_process: + post: + description: Suspend a running process on an endpoint + operationId: EndpointSuspendProcessAction requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Suspend process Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/unisolate: + post: + description: Release an endpoint + operationId: EndpointUnisolateAction + requestBody: content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody + required: true responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - '404': - description: Indicates the object was not found. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Unisolate Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/upload: + post: + description: Upload a file to an endpoint + operationId: EndpointUploadAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UploadRouteRequestBody + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - '409': - description: Indicates a conflict error. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Upload Action + tags: + - Security Solution Endpoint Management API + /api/endpoint/isolate: + post: + deprecated: true + operationId: EndpointIsolateRedirect + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: true + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - /api/saved_objects/resolve/{type}/{id}: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + '308': + description: Permanent Redirect + headers: + Location: + description: Permanently redirects to "/api/endpoint/action/isolate" + schema: + example: /api/endpoint/action/isolate + type: string + summary: Permanently redirects to a new location + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata: get: - summary: Resolve a saved object - operationId: resolveSavedObject - description: > - Retrieve a single Kibana saved object by identifier using any legacy URL - alias if it exists. Under certain circumstances, when Kibana is - upgraded, saved object migrations may necessitate regenerating some - object IDs to enable new features. When an object's ID is regenerated, a - legacy URL alias is created for that object, preserving its old ID. In - such a scenario, that object can be retrieved using either its new ID or - its old ID. - deprecated: true + operationId: GetEndpointMetadataList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ListRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Metadata List schema tags: - - saved objects + - Security Solution Endpoint Management API + '/api/endpoint/metadata/{id}': + get: + operationId: GetEndpointMetadata parameters: - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - in: path + name: id + required: true + schema: + type: string responses: '200': - description: Indicates a successful call. content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - type: object - '400': - description: Bad request. + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Metadata schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/transforms: + get: + operationId: GetEndpointMetadataTransform + responses: + '200': content: - application/json: + application/json; Elastic-Api-Version=2023-10-31: schema: - $ref: '#/components/schemas/Saved_objects_400_response' - /api/status: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Metadata Transform schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy_response: get: - operationId: /api/status#0 + operationId: GetPolicyResponse parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Set to "true" to get the response in v7 format. - in: query - name: v7format - required: false - schema: - type: boolean - - description: Set to "true" to get the response in v8 format. - in: query - name: v8format - required: false + - in: query + name: query + required: true schema: - type: boolean + type: object + properties: + agentId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: Overall status is OK and Kibana should be functioning normally. - '503': + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Policy Response schema + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy/summaries: + get: + deprecated: true + operationId: GetAgentPolicySummary + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + package_name: + type: string + policy_id: + nullable: true + type: string + responses: + '200': content: application/json; Elastic-Api-Version=2023-10-31: schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: >- - Kibana or some of it's essential services are unavailable. Kibana - may be degraded or unavailable. - summary: Get Kibana's current status + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get Agent Policy Summary schema tags: - - system - security: - - Kibana_HTTP_APIs_basicAuth: [] -components: - parameters: - Alerting_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - Alerting_rule_id: - in: path - name: ruleId - description: An identifier for the rule. - required: true - schema: - type: string - example: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 - Alerting_alert_id: - in: path - name: alertId - description: >- - An identifier for the alert. The identifier is generated by the rule and - might be any arbitrary string. - required: true - schema: - type: string - example: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 - Cases_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - Cases_ids: - name: ids - description: > - The cases that you want to removed. All non-ASCII characters must be URL - encoded. - in: query - required: true - schema: - type: array - items: - type: string - minItems: 1 - maxItems: 100 - example: d4e7abb0-b462-11ec-9a8d-698504725a43 - Cases_assignees: - in: query - name: assignees - description: > - Filters the returned cases by assignees. Valid values are `none` or - unique identifiers for the user profiles. These identifiers can be found - by using the suggest user profile API. - schema: - oneOf: - - type: string - - type: array - items: - type: string - maxItems: 100 - Cases_category: - in: query - name: category - description: Filters the returned cases by category. - schema: - oneOf: - - type: string - example: my-category - - type: array - items: - type: string - maxItems: 100 - Cases_defaultSearchOperator: - in: query - name: defaultSearchOperator - description: he default operator to use for the simple_query_string. - schema: - type: string - default: OR - example: OR - Cases_from: - in: query - name: from - description: > - Returns only cases that were created after a specific date. The date - must be specified as a KQL data range or date match expression. - schema: - type: string - example: now-1d - Cases_owner: - in: query - name: owner - description: > - A filter to limit the response to a specific set of applications. If - this parameter is omitted, the response contains information about all - the cases that the user has access to read. - schema: - oneOf: - - $ref: '#/components/schemas/Cases_owners' - - type: array - items: - $ref: '#/components/schemas/Cases_owners' - example: cases - Cases_page_index: - in: query - name: page - description: The page number to return. - required: false - schema: - type: integer - default: 1 - Cases_page_size: - in: query - name: perPage - description: The number of items to return. Limited to 100 items. - required: false - schema: - type: integer - default: 20 - maximum: 100 - Cases_reporters: - in: query - name: reporters - description: Filters the returned cases by the user name of the reporter. - schema: - oneOf: - - type: string - - type: array - items: - type: string - maxItems: 100 - example: elastic - Cases_search: - in: query - name: search - description: >- - An Elasticsearch simple_query_string query that filters the objects in - the response. - schema: - type: string - Cases_searchFields: - in: query - name: searchFields - description: The fields to perform the simple_query_string parsed query against. - schema: - oneOf: - - $ref: '#/components/schemas/Cases_searchFieldsType' - - type: array - items: - $ref: '#/components/schemas/Cases_searchFieldsType' - Cases_severity: - in: query - name: severity - description: The severity of the case. - schema: - type: string - enum: - - critical - - high - - low - - medium - Cases_sortField: - in: query - name: sortField - description: Determines which field is used to sort the results. - schema: - type: string - enum: - - createdAt - - updatedAt - - closedAt - - title - - category - - status - - severity - default: createdAt - example: updatedAt - Cases_sort_order: - in: query - name: sortOrder - description: Determines the sort order. - required: false - schema: - type: string - enum: - - asc - - desc - default: desc - Cases_status: - in: query - name: status - description: Filters the returned cases by state. - schema: - type: string - enum: - - closed - - in-progress - - open - example: open - Cases_tags: - in: query - name: tags - description: Filters the returned cases by tags. - schema: - oneOf: - - type: string - - type: array - items: - type: string - maxItems: 100 - example: tag-1 - Cases_to: - in: query - name: to - description: > - Returns only cases that were created before a specific date. The date - must be specified as a KQL data range or date match expression. - schema: - type: string - example: now+1d - Cases_alert_id: - in: path - name: alertId - description: An identifier for the alert. - required: true - schema: - type: string - example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540 - Cases_configuration_id: - in: path - name: configurationId - description: An identifier for the configuration. - required: true - schema: - type: string - example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9 - Cases_case_id: - in: path - name: caseId - description: >- - The identifier for the case. To retrieve case IDs, use the find cases - API. All non-ASCII characters must be URL encoded. - required: true - schema: - type: string - example: 9c235210-6834-11ea-a78c-6ffb38a34414 - Cases_includeComments: - in: query - name: includeComments - description: >- - Deprecated in 8.1.0. This parameter is deprecated and will be removed in - a future release. It determines whether case comments are returned. + - Security Solution Endpoint Management API + '/api/endpoint/protection_updates_note/{package_policy_id}': + get: + operationId: GetProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Get Protection Updates Note schema + tags: + - Security Solution Endpoint Management API + post: + operationId: CreateUpdateProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + note: + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Create Update Protection Updates Note schema + tags: + - Security Solution Endpoint Management API + '/api/endpoint/suggestions/{suggestion_type}': + post: + operationId: GetEndpointSuggestions + parameters: + - in: path + name: suggestion_type + required: true + schema: + enum: + - eventFilters + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + field: + type: string + fieldMeta: {} + filters: {} + query: + type: string + required: + - parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get suggestions + tags: + - Security Solution Endpoint Management API + /api/endpoint/unisolate: + post: deprecated: true - schema: - type: boolean - default: true - Cases_comment_id: - in: path - name: commentId - description: > - The identifier for the comment. To retrieve comment IDs, use the get - case or find cases APIs. - required: true - schema: - type: string - example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2 - Cases_connector_id: - in: path - name: connectorId - description: >- - An identifier for the connector. To retrieve connector IDs, use the find - connectors API. - required: true - schema: - type: string - example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 - Cases_user_action_types: - in: query - name: types - description: Determines the types of user actions to return. - schema: - type: array - items: - type: string - enum: - - action - - alert - - assignees - - attachment - - comment - - connector - - create_case - - description - - pushed - - settings - - severity - - status - - tags - - title - - user - example: create_case - Connectors_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - Connectors_connector_id: - in: path - name: connectorId - description: An identifier for the connector. - required: true - schema: - type: string - example: df770e30-8b8b-11ed-a780-3b746c987a81 - Connectors_action_id: - in: path - name: actionId - description: An identifier for the action. - required: true - schema: - type: string - example: c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad - Data_views_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - Data_views_view_id: - in: path - name: viewId - description: An identifier for the data view. - required: true - schema: - type: string - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_field_name: - in: path - name: fieldName - description: The name of the runtime field. - required: true - schema: - type: string - example: hour_of_day - Machine_learning_APIs_simulateParam: - in: query - name: simulate - description: >- - When true, simulates the synchronization by returning only the list of - actions that would be performed. - required: false - schema: - type: boolean - example: 'true' - Saved_objects_kbn_xsrf: - schema: - type: string - in: header - name: kbn-xsrf - description: Cross-site request forgery protection - required: true - Saved_objects_saved_object_type: - in: path - name: type - description: >- - Valid options include `visualization`, `dashboard`, `search`, - `index-pattern`, `config`. - required: true - schema: - type: string - Saved_objects_saved_object_id: - in: path - name: id - description: An identifier for the saved object. - required: true - schema: - type: string - schemas: - Alerting_create_anomaly_detection_alert_rule_request: - title: Create anomaly detection rule request - description: > - A rule that checks if the anomaly detection job results contain - anomalies that match the rule conditions. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for an anomaly detection rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - xpack.ml.anomaly_detection_alert - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_anomaly_detection_jobs_health_rule_request: - title: Create anomaly detection jobs health rule request - description: > - An rule that monitors job health and alerts if an operational issue - occurred that may prevent the job from detecting anomalies. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for an anomaly detection jobs health rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - xpack.ml.anomaly_detection_jobs_health - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_apm_anomaly_rule_request: - title: Create APM anomaly rule rule request - description: >- - A rule that detects when either the latency, throughput, or failed - transaction rate of a service is anomalous. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_property_apm_anomaly' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - apm.anomaly - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_apm_error_count_rule_request: - title: Create APM error count rule request - description: >- - A rule that detects when the number of errors in a service exceeds a - defined threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_property_apm_error_count' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - apm.error_rate - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_apm_transaction_duration_rule_request: - title: Create latency threshold rule request - description: >- - A rule that detects when the latency of a specific transaction type in a - service exceeds a threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: >- - #/components/schemas/Alerting_params_property_apm_transaction_duration - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - apm.transaction_duration - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_apm_transaction_error_rate_rule_request: - title: Create APM transaction error rate rule request - description: >- - A rule that sends notifications when the rate of transaction errors in a - service exceeds a threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: >- - #/components/schemas/Alerting_params_property_apm_transaction_error_rate - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - apm.transaction_error_rate - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_es_query_rule_request: - title: Create Elasticsearch query rule request - description: > - A rule that runs a user-configured query, compares the number of matches - to a configured threshold, and schedules actions to run when the - threshold condition is met. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_es_query_rule' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - .es-query - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_geo_containment_rule_request: - title: Create tracking containment rule request - description: > - A rule that runs an Elasticsearch query over indices to determine - whether any documents are currently contained within any boundaries from - the specified boundary index. In the event that an entity is contained - within a boundary, an alert may be generated. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for an tracking containment rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - .geo-containment - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_index_threshold_rule_request: - title: Create index threshold rule request - description: >- - A rule that runs an Elasticsearch query, aggregates field values from - documents, compares them to threshold values, and schedules actions to - run when the thresholds are met. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_index_threshold_rule' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - .index-threshold - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_infra_inventory_rule_request: - title: Create infra inventory rule request - description: > - A rule that sends notifications when a metric has reached or exceeded a - value for a specific resource or a group of resources within your - infrastructure. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_property_infra_inventory' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - metrics.alert.inventory.threshold - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_infra_metric_anomaly_rule_request: - title: Create infrastructure anomaly rule request - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for an infrastructure anomaly rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - metrics.alert.anomaly - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_infra_metric_threshold_rule_request: - title: Create infra metric threshold rule request - description: > - A rule that sends notifications when a metric has reached or exceeded a - value for a specific time period. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_property_infra_metric_threshold' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - metrics.alert.threshold - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_jvm_memory_usage_rule_request: - title: Create JVM memory usage rule request - description: A rule that detects when a node reports high memory usage. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a JVM memory usage rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_jvm_memory_usage - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_log_threshold_rule_request: - title: Create log threshold rule request - description: A rule that detects when a log aggregation exceeds a threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_property_log_threshold' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - logs.alert.document.count - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_ccr_exceptions_rule_request: - title: Create CCR read exceptions rule request - description: A rule that detects cross-cluster replication (CCR) read exceptions. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a CCR read exceptions rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_ccr_read_exceptions - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_cluster_health_rule_request: - title: Create cluster health rule request - description: A rule that detects when the health of the cluster changes. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a cluster health rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_cluster_health - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_cpu_usage_rule_request: - title: Create CPU usage rule request - description: A rule that detects when the CPU load for a node is consistently high. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a CPU usage rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_cpu_usage - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_disk_usage_rule_request: - title: Create disk usage rule request - description: A rule that detects when the disk usage for a node is consistently high. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a disk usage rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_disk_usage - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_elasticsearch_version_mismatch_rule_request: - title: Create Elasticsearch version mismatch rule request - description: >- - A rule that detects when the cluster has multipe versions of - Elasticsearch. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a Elasticsearch version mismatch rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_elasticsearch_version_mismatch - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_license_expiration_rule_request: - title: Create license expiration rule request - description: A rule that detects when the cluster license is about to expire. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a license expiration rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_license_expiration - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_kibana_version_mismatch_rule_request: - title: Create Kibana version mismatch rule request - description: A rule that detects when the cluster has multiple versions of Kibana. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a Kibana version mismatch rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_kibana_version_mismatch - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_logstash_version_mismatch_rule_request: - title: Create Logstash version mismatch rule request - description: A rule that detects when the cluster has multiple versions of Logstash. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a Logstash version mismatch rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_logstash_version_mismatch - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_missing_data_rule_request: - title: Create missing monitoring data rule request - description: A rule that detects when monitoring data is missing. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a missing monitoring data rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_missing_monitoring_data - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_nodes_changed_rule_request: - title: Create nodes changed rule request - description: A rule that detects when nodes are added, removed, or restarted. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a nodes changed rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_nodes_changed - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_shard_size_rule_request: - title: Create shard size rule request - description: >- - A rule that detects when the average shard size is larger than a - threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a shard size rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_shard_size - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_thread_pool_search_rejections_rule_request: - title: Create thread pool search rejections rule request - description: >- - A rule that detects when the number of rejections in the thread pool - exceeds a threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a thread pool search rejections rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_thread_pool_search_rejections - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_monitoring_thread_pool_write_rejections_rule_request: - title: Create thread pool write rejections rule request - description: >- - A rule that detects when the number of rejections in the write thread - pool exceeds a threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a thread pool write rejections rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - monitoring_alert_thread_pool_write_rejections - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_siem_eql_rule_request: - title: Create event correlation rule request - description: > - A rule that uses Event Query Language (EQL) to match events, generate - sequences, and stack data. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for an event correlation rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - siem.eqlRule - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_siem_indicator_rule_request: - title: Create indicator match rule request - description: > - A rule that uses indicators from intelligence sources to detect matching - events and alerts. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for an indicator match rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - siem.indicatorRule - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_siem_ml_rule_request: - title: Create machine learning rule request - description: > - A rule that detects when a machine learning job discovers an anomaly - above the defined threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a machine learning rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - siem.mlRule - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_siem_new_terms_rule_request: - title: Create new terms rule request - description: A rule that finds documents with values that appear for the first time. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a new terms rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - siem.newTermsRule - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_siem_notifications_rule_request: - title: Create security solution notification (legacy) rule request - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a notification rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - siem.notifications - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_siem_query_rule_request: - title: Create custom query rule request - description: | - A rule that uses KQL or Lucene to detect issues across indices. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a custom query rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - siem.queryRule - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_siem_saved_query_rule_request: - title: Create saved query rule request - description: > - A rule that searches the defined indices and creates an alert when a - document matches the saved search. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a saved query rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - siem.savedQueryRule - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_siem_threshold_rule_request: - title: Create threshold rule request - description: > - A rule that aggregates query results to detect when the number of - matches exceeds a threshold. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a threshold rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - siem.thresholdRule - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_slo_burn_rate_rule_request: - title: Create slo burn rate rule request - description: > - A rule that detects when the burn rate is above a defined threshold for - two different lookback periods. The two periods are a long period and a - short period that is 1/12th of the long period. For each lookback - period, the burn rate is computed as the error rate divided by the error - budget. When the burn rates for both periods surpass the threshold, an - alert occurs. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_property_slo_burn_rate' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - slo.rules.burnRate - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_synthetics_monitor_status_rule_request: - title: Create synthetics monitor status rule request - description: >- - A rule that detects when a monitor is down or an availability threshold - is breached. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for the synthetics monitor status rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - xpack.synthetics.alerts.monitorStatus - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_synthetics_uptime_duration_anomaly_rule_request: - title: Create synthetics uptime duration anomaly rule request - description: > - A rule that detects response durations for all of the geographic - locations of each monitor. When a monitor runs for an unusual amount of - time, at a particular time, an anomaly is recorded. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for the uptime duration anomaly rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - xpack.uptime.alerts.durationAnomaly - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_synthetics_uptime_tls_rule_request: - title: Create synthetics uptime TLS rule request - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: '#/components/schemas/Alerting_params_property_synthetics_uptime_tls' - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - xpack.uptime.alerts.tls - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_synthetics_uptime_tls_certificate_rule_request: - title: Create TLS certificate rule request - description: > - A rule that detects when a monitor has a TLS certificate expiring or - when it exceeds an age limit. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a TLS certificate rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - xpack.uptime.alerts.tlsCertificate - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_transform_health_rule_request: - title: Create transform health rule request - description: > - A rule that monitors transforms health and alerts if an operational - issue occurred. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for a transform health rule. - additionalProperties: true - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - transform_health - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_create_uptime_monitor_status_rule_request: - title: Create uptime monitor status rule request - description: A rule that detects monitor errors and outages. - type: object - required: - - consumer - - name - - params - - rule_type_id - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - consumer: - $ref: '#/components/schemas/Alerting_consumer' - enabled: - $ref: '#/components/schemas/Alerting_enabled_rule' - name: - $ref: '#/components/schemas/Alerting_name_rule' - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - $ref: >- - #/components/schemas/Alerting_params_property_synthetics_monitor_status - rule_type_id: - type: string - description: >- - The ID of the rule type that you want to call when the rule is - scheduled to run. - enum: - - xpack.uptime.alerts.monitorStatus - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_filter: - type: object - description: >- - A filter written in Elasticsearch Query Domain Specific Language (DSL) - as defined in the `kbn-es-query` package. - properties: - meta: - type: object - properties: - alias: - type: string - nullable: true - controlledBy: - type: string - disabled: - type: boolean - field: - type: string - group: - type: string - index: - type: string - isMultiIndex: - type: boolean - key: - type: string - negate: - type: boolean - params: - type: object - type: - type: string - value: - type: string - query: - type: object - $state: - type: object - Alerting_notify_when_action: - type: string - description: > - Indicates how often alerts generate actions. Valid values include: - `onActionGroupChange`: Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert becomes active and at each - check interval while the rule conditions are met; `onThrottleInterval`: - Actions run when the alert becomes active and at the interval specified - in the throttle property while the rule conditions are met. NOTE: You - cannot specify `notify_when` at both the rule and action level. The - recommended method is to set it for each action. If you set it at the - rule level then update the rule in Kibana, it is automatically changed - to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - example: onActiveAlert - Alerting_throttle_action: - type: string - nullable: true - description: > - The throttle interval, which defines how often an alert generates - repeated actions. It is specified in seconds, minutes, hours, or days - and is applicable only if `notify_when` is set to `onThrottleInterval`. - NOTE: You cannot specify the throttle interval at both the rule and - action level. The recommended method is to set it for each action. If - you set it at the rule level then update the rule in Kibana, it is - automatically changed to use action-specific values. - default: null - example: 10m - Alerting_actions: - type: array - default: [] - nullable: true - items: - type: object - required: - - group - - id - - params - description: | - An action that runs under defined conditions. - properties: - alerts_filter: - type: object - description: > - Conditions that affect whether the action runs. If you specify - multiple conditions, all conditions must be met for the action to - run. For example, if an alert occurs within the specified time - frame and matches the query, the action runs. - properties: - query: - type: object - description: >- - Defines a query filter that determines whether the action - runs. - properties: - kql: - type: string - description: A filter written in Kibana Query Language (KQL). - filters: - type: array - items: - $ref: '#/components/schemas/Alerting_filter' - timeframe: - type: object - description: Defines a period that limits whether the action runs. - properties: - days: - type: array - description: >- - Defines the days of the week that the action can run, - represented as an array of numbers. For example, `1` - represents Monday. An empty array is equivalent to - specifying all the days of the week. - items: - type: integer - example: - - 1 - - 2 - - 3 - - 4 - - 5 - hours: - type: object - description: > - Defines the range of time in a day that the action can - run. If the `start` value is `00:00` and the `end` value - is `24:00`, actions be generated all day. - properties: - end: - type: string - description: >- - The end of the time frame in 24-hour notation - (`hh:mm`). - example: '17:00' - start: - type: string - description: >- - The start of the time frame in 24-hour notation - (`hh:mm`). - example: '08:00' - timezone: - type: string - description: > - The ISO time zone for the `hours` values. Values such as - `UTC` and `UTC+1` also work but lack built-in daylight - savings time support and are not recommended. - example: Europe/Madrid - connector_type_id: - type: string - description: >- - The type of connector. This property appears in responses but - cannot be set in requests. - example: .server-log - readOnly: true - frequency: - type: object - description: > - The properties that affect how often actions are generated. If the - rule type supports setting `summary` to `true`, the action can be - a summary of alerts at the specified notification interval. - Otherwise, an action runs for each alert at the specified - notification interval. NOTE: You cannot specify these parameters - when `notify_when` or `throttle` are defined at the rule level. - required: - - notify_when - - summary - properties: - notify_when: - $ref: '#/components/schemas/Alerting_notify_when_action' - summary: - type: boolean - description: Indicates whether the action is a summary. - throttle: - $ref: '#/components/schemas/Alerting_throttle_action' - group: - type: string - description: > - The group name, which affects when the action runs (for example, - when the threshold is met or when the alert is recovered). Each - rule type has a list of valid action group names. If you don't - need to group actions, set to `default`. - example: default - id: - type: string - description: The identifier for the connector saved object. - example: 9dca3e00-74f5-11ed-9801-35303b735aef - params: - type: object - description: >- - The parameters for the action, which are sent to the connector. - The `params` are handled as Mustache templates and passed a - default set of context. - additionalProperties: true - uuid: - type: string - description: A universally unique identifier (UUID) for the action. - example: 1c7a1280-f28c-4e06-96b2-e4e5f05d1d61 - Alerting_alert_delay: - type: object - description: >- - Indicates that an alert occurs only when the specified number of - consecutive runs met the rule conditions. - required: - - active - properties: - active: - type: number - description: The number of consecutive runs that must meet the rule conditions. - example: 3 - Alerting_consumer: - type: string - description: > - The name of the application or feature that owns the rule. For example: - `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, `ml`, - `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - Alerting_enabled_rule: - type: boolean - description: >- - Indicates whether you want to run the rule on an interval basis after it - is created. - Alerting_name_rule: - type: string - description: > - The name of the rule. While this name does not have to be unique, a - distinctive name can help you identify a rule. - Alerting_notify_when: - type: string - description: > - Deprecated in 8.13.0. Use the `notify_when` property in the action - `frequency` object instead. Indicates how often alerts generate actions. - NOTE: You cannot specify `notify_when` at both the rule and action - level. If you set it at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - deprecated: true - example: onActiveAlert - Alerting_schedule: - type: object - description: >- - The check interval, which specifies how frequently the rule conditions - are checked. The interval is specified in seconds, minutes, hours, or - days. - properties: - interval: - type: string - example: 1m - Alerting_tags: - type: array - description: The tags for the rule. - items: - type: string - default: [] - Alerting_throttle: - type: string - description: > - Deprecated in 8.13.0. Use the `throttle` property in the action - `frequency` object instead. The throttle interval, which defines how - often an alert generates repeated actions. NOTE: You cannot specify the - throttle interval at both the rule and action level. If you set it at - the rule level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - default: null - deprecated: true - example: 10m - Alerting_params_property_apm_anomaly: - required: - - windowSize - - windowUnit - - environment - - anomalySeverityType - properties: - serviceName: - type: string - description: The service name from APM - transactionType: - type: string - description: The transaction type from APM - windowSize: - type: number - example: 6 - description: The window size - windowUnit: - type: string - description: The window size unit - enum: - - m - - h - - d - environment: - type: string - description: The environment from APM - anomalySeverityType: - type: string - description: The anomaly threshold value - enum: - - critical - - major - - minor - - warning - Alerting_params_property_apm_error_count: - required: - - windowSize - - windowUnit - - threshold - - environment - properties: - serviceName: - type: string - description: The service name from APM - windowSize: - type: number - description: The window size - example: 6 - windowUnit: - type: string - description: The window size unit - enum: - - m - - h - - d - environment: - type: string - description: The environment from APM - threshold: - type: number - description: The error count threshold value - groupBy: - type: array - default: - - service.name - - service.environment - uniqueItems: true - items: - type: string - enum: - - service.name - - service.environment - - transaction.name - - error.grouping_key - errorGroupingKey: - type: string - Alerting_params_property_apm_transaction_duration: - required: - - windowSize - - windowUnit - - threshold - - environment - - aggregationType - properties: - serviceName: - type: string - description: The service name from APM - transactionType: - type: string - description: The transaction type from APM - transactionName: - type: string - description: The transaction name from APM - windowSize: - type: number - description: The window size - example: 6 - windowUnit: - type: string - description: ç - enum: - - m - - h - - d - environment: - type: string - threshold: - type: number - description: The latency threshold value - groupBy: - type: array - default: - - service.name - - service.environment - - transaction.type - uniqueItems: true - items: - type: string - enum: - - service.name - - service.environment - - transaction.type - - transaction.name - aggregationType: - type: string - enum: - - avg - - 95th - - 99th - Alerting_params_property_apm_transaction_error_rate: - required: - - windowSize - - windowUnit - - threshold - - environment - properties: - serviceName: - type: string - description: The service name from APM - transactionType: - type: string - description: The transaction type from APM - transactionName: - type: string - description: The transaction name from APM - windowSize: - type: number - description: The window size - example: 6 - windowUnit: - type: string - description: The window size unit - enum: - - m - - h - - d - environment: - type: string - description: The environment from APM - threshold: - type: number - description: The error rate threshold value - groupBy: - type: array - default: - - service.name - - service.environment - - transaction.type - uniqueItems: true - items: - type: string - enum: - - service.name - - service.environment - - transaction.type - - transaction.name - Alerting_aggfield: - description: > - The name of the numeric field that is used in the aggregation. This - property is required when `aggType` is `avg`, `max`, `min` or `sum`. - type: string - Alerting_aggtype: - description: The type of aggregation to perform. - type: string - enum: - - avg - - count - - max - - min - - sum - default: count - Alerting_excludehitsfrompreviousrun: - description: > - Indicates whether to exclude matches from previous runs. If `true`, you - can avoid alert duplication by excluding documents that have already - been detected by the previous rule run. This option is not available - when a grouping field is specified. - type: boolean - Alerting_groupby: - description: > - Indicates whether the aggregation is applied over all documents (`all`) - or split into groups (`top`) using a grouping field (`termField`). If - grouping is used, an alert will be created for each group when it - exceeds the threshold; only the top groups (up to `termSize` number of - groups) are checked. - type: string - enum: - - all - - top - default: all - Alerting_termsize: - description: > - This property is required when `groupBy` is `top`. It specifies the - number of groups to check against the threshold and therefore limits the - number of alerts on high cardinality fields. - type: integer - Alerting_timefield: - description: The field that is used to calculate the time window. - type: string - Alerting_timewindowsize: - description: > - The size of the time window (in `timeWindowUnit` units), which - determines how far back to search for documents. Generally it should be - a value higher than the rule check interval to avoid gaps in detection. - type: integer - example: 5 - Alerting_timewindowunit: - description: | - The type of units for the time window: seconds, minutes, hours, or days. - type: string - enum: - - s - - m - - h - - d - example: m - Alerting_size: - description: > - The number of documents to pass to the configured actions when the - threshold condition is met. - type: integer - Alerting_termfield: - description: > - The names of up to four fields that are used for grouping the - aggregation. This property is required when `groupBy` is `top`. - oneOf: - - type: string - - type: array - items: - type: string - maxItems: 4 - Alerting_threshold: - description: > - The threshold value that is used with the `thresholdComparator`. If the - `thresholdComparator` is `between` or `notBetween`, you must specify the - boundary values. - type: array - items: - type: integer - example: 4000 - Alerting_thresholdcomparator: - description: >- - The comparison function for the threshold. For example, "is above", "is - above or equals", "is below", "is below or equals", "is between", and - "is not between". - type: string - enum: - - '>' - - '>=' - - < - - <= - - between - - notBetween - example: '>' - Alerting_params_es_query_rule: - oneOf: - - type: object - x-technical-preview: true - description: > - The parameters for an Elasticsearch query rule that uses ES|QL to - define the query. This functionality is in technical pre view and - may be changed or removed in a future release. Elastic will work to - fix any issues, but features in technical preview are not subject to - the support SLA of official GA features. - required: - - esqlQuery - - searchType - - size - - threshold - - thresholdComparator - - timeWindowSize - - timeWindowUnit - properties: - aggField: - $ref: '#/components/schemas/Alerting_aggfield' - aggType: - $ref: '#/components/schemas/Alerting_aggtype' - esqlQuery: - type: object - required: - - esql - properties: - esql: - description: >- - The query definition, which uses Elasticsearch Query - Language. - type: string - excludeHitsFromPreviousRun: - $ref: '#/components/schemas/Alerting_excludehitsfrompreviousrun' - groupBy: - $ref: '#/components/schemas/Alerting_groupby' - searchType: - description: >- - The type of query, in this case a query that uses Elasticsearch - Query Language (ES|QL). - type: string - enum: - - esqlQuery - example: esqlQuery - size: - type: integer - description: > - When `searchType` is `esqlQuery`, this property is required but - it does not affect the rule behavior. - example: 0 - termSize: - $ref: '#/components/schemas/Alerting_termsize' - threshold: - type: array - items: - type: integer - minimum: 0 - maximum: 0 - description: > - The threshold value that is used with the `thresholdComparator`. - When `searchType` is `esqlQuery`, this property is required and - must be set to zero. - thresholdComparator: - type: string - description: > - The comparison function for the threshold. When `searchType` is - `esqlQuery`, this property is required and must be set to ">". - Since the `threshold` value must be `0`, the result is that an - alert occurs whenever the query returns results. - enum: - - '>' - example: '>' - timeField: - $ref: '#/components/schemas/Alerting_timefield' - timeWindowSize: - $ref: '#/components/schemas/Alerting_timewindowsize' - timeWindowUnit: - $ref: '#/components/schemas/Alerting_timewindowunit' - - type: object - description: >- - The parameters for an Elasticsearch query rule that uses KQL or - Lucene to define the query. - required: - - searchType - - size - - threshold - - thresholdComparator - - timeWindowSize - - timeWindowUnit - properties: - aggField: - $ref: '#/components/schemas/Alerting_aggfield' - aggType: - $ref: '#/components/schemas/Alerting_aggtype' - excludeHitsFromPreviousRun: - $ref: '#/components/schemas/Alerting_excludehitsfrompreviousrun' - groupBy: - $ref: '#/components/schemas/Alerting_groupby' - searchConfiguration: - description: >- - The query definition, which uses KQL or Lucene to fetch the - documents from Elasticsearch. - type: object - properties: - filter: - type: array - items: - $ref: '#/components/schemas/Alerting_filter' - index: - description: The indices to query. - oneOf: - - type: string - - type: array - items: - type: string - query: - type: object - properties: - language: - type: string - example: kuery - query: - type: string - searchType: - description: >- - The type of query, in this case a text-based query that uses KQL - or Lucene. - type: string - enum: - - searchSource - example: searchSource - size: - $ref: '#/components/schemas/Alerting_size' - termField: - $ref: '#/components/schemas/Alerting_termfield' - termSize: - $ref: '#/components/schemas/Alerting_termsize' - threshold: - $ref: '#/components/schemas/Alerting_threshold' - thresholdComparator: - $ref: '#/components/schemas/Alerting_thresholdcomparator' - timeField: - $ref: '#/components/schemas/Alerting_timefield' - timeWindowSize: - $ref: '#/components/schemas/Alerting_timewindowsize' - timeWindowUnit: - $ref: '#/components/schemas/Alerting_timewindowunit' - - type: object - description: >- - The parameters for an Elasticsearch query rule that uses - Elasticsearch Query DSL to define the query. - required: - - esQuery - - index - - threshold - - thresholdComparator - - timeField - - timeWindowSize - - timeWindowUnit - properties: - aggField: - $ref: '#/components/schemas/Alerting_aggfield' - aggType: - $ref: '#/components/schemas/Alerting_aggtype' - esQuery: - description: The query definition, which uses Elasticsearch Query DSL. - type: string - excludeHitsFromPreviousRun: - $ref: '#/components/schemas/Alerting_excludehitsfrompreviousrun' - groupBy: - $ref: '#/components/schemas/Alerting_groupby' - index: - description: The indices to query. - oneOf: - - type: array - items: - type: string - - type: string - searchType: - description: >- - The type of query, in this case a query that uses Elasticsearch - Query DSL. - type: string - enum: - - esQuery - default: esQuery - example: esQuery - size: - $ref: '#/components/schemas/Alerting_size' - termField: - $ref: '#/components/schemas/Alerting_termfield' - termSize: - $ref: '#/components/schemas/Alerting_termsize' - threshold: - $ref: '#/components/schemas/Alerting_threshold' - thresholdComparator: - $ref: '#/components/schemas/Alerting_thresholdcomparator' - timeField: - $ref: '#/components/schemas/Alerting_timefield' - timeWindowSize: - $ref: '#/components/schemas/Alerting_timewindowsize' - timeWindowUnit: - $ref: '#/components/schemas/Alerting_timewindowunit' - Alerting_params_index_threshold_rule: - type: object - description: The parameters for an index threshold rule. - required: - - index - - threshold - - thresholdComparator - - timeField - - timeWindowSize - - timeWindowUnit - properties: - aggField: - $ref: '#/components/schemas/Alerting_aggfield' - aggType: - $ref: '#/components/schemas/Alerting_aggtype' - filterKuery: - description: A KQL expression thats limits the scope of alerts. - type: string - groupBy: - $ref: '#/components/schemas/Alerting_groupby' - index: - description: The indices to query. - type: array - items: - type: string - termField: - $ref: '#/components/schemas/Alerting_termfield' - termSize: - $ref: '#/components/schemas/Alerting_termsize' - threshold: - $ref: '#/components/schemas/Alerting_threshold' - thresholdComparator: - $ref: '#/components/schemas/Alerting_thresholdcomparator' - timeField: - $ref: '#/components/schemas/Alerting_timefield' - timeWindowSize: - $ref: '#/components/schemas/Alerting_timewindowsize' - timeWindowUnit: - $ref: '#/components/schemas/Alerting_timewindowunit' - Alerting_params_property_infra_inventory: - properties: - criteria: - type: array - items: - type: object - properties: - metric: - type: string - enum: - - count - - cpu - - diskLatency - - load - - memory - - memoryTotal - - tx - - rx - - logRate - - diskIOReadBytes - - diskIOWriteBytes - - s3TotalRequests - - s3NumberOfObjects - - s3BucketSize - - s3DownloadBytes - - s3UploadBytes - - rdsConnections - - rdsQueriesExecuted - - rdsActiveTransactions - - rdsLatency - - sqsMessagesVisible - - sqsMessagesDelayed - - sqsMessagesSent - - sqsMessagesEmpty - - sqsOldestMessage - - custom - timeSize: - type: number - timeUnit: - type: string - enum: - - s - - m - - h - - d - sourceId: - type: string - threshold: - type: array - items: - type: number - comparator: - type: string - enum: - - < - - <= - - '>' - - '>=' - - between - - outside - customMetric: - type: object - properties: - type: - type: string - enum: - - custom - field: - type: string - aggregation: - type: string - enum: - - avg - - max - - min - - rate - id: - type: string - label: - type: string - warningThreshold: - type: array - items: - type: number - warningComparator: - type: string - enum: - - < - - <= - - '>' - - '>=' - - between - - outside - filterQuery: - type: string - filterQueryText: - type: string - nodeType: - type: string - enum: - - host - - pod - - container - - awsEC2 - - awsS3 - - awsSQS - - awsRDS - sourceId: - type: string - alertOnNoData: - type: boolean - Alerting_params_property_infra_metric_threshold: - properties: - criteria: - type: array - items: - oneOf: - - title: non count criterion - type: object - properties: - threshold: - type: array - items: - type: number - comparator: - type: string - enum: - - < - - <= - - '>' - - '>=' - - between - - outside - timeUnit: - type: string - timeSize: - type: number - warningThreshold: - type: array - items: - type: number - warningComparator: - type: string - enum: - - < - - <= - - '>' - - '>=' - - between - - outside - metric: - type: string - aggType: - type: string - enum: - - avg - - max - - min - - cardinality - - rate - - count - - sum - - p95 - - p99 - - custom - - title: count criterion - type: object - properties: - threshold: - type: array - items: - type: number - comparator: - type: string - enum: - - < - - <= - - '>' - - '>=' - - between - - outside - timeUnit: - type: string - timeSize: - type: number - warningThreshold: - type: array - items: - type: number - warningComparator: - type: string - enum: - - < - - <= - - '>' - - '>=' - - between - - outside - aggType: - type: string - enum: - - count - - title: custom criterion - type: object - properties: - threshold: - type: array - items: - type: number - comparator: - type: string - enum: - - < - - <= - - '>' - - '>=' - - between - - outside - timeUnit: - type: string - timeSize: - type: number - warningThreshold: - type: array - items: - type: number - warningComparator: - type: string - enum: - - < - - <= - - '>' - - '>=' - - between - - outside - aggType: - type: string - enum: - - custom - customMetric: - type: array - items: - oneOf: - - type: object - properties: - name: - type: string - aggType: - type: string - enum: - - avg - - sum - - max - - min - - cardinality - field: - type: string - - type: object - properties: - name: - type: string - aggType: - type: string - enum: - - count - filter: - type: string - equation: - type: string - label: - type: string - groupBy: - oneOf: - - type: string - - type: array - items: - type: string - filterQuery: - type: string - sourceId: - type: string - alertOnNoData: - type: boolean - alertOnGroupDisappear: - type: boolean - Alerting_params_property_log_threshold: - oneOf: - - title: Count - type: object - required: - - count - - timeSize - - timeUnit - - logView - properties: - criteria: - type: array - items: - type: object - properties: - field: - type: string - example: my.field - comparator: - type: string - enum: - - more than - - more than or equals - - less than - - less than or equals - - equals - - does not equal - - matches - - does not match - - matches phrase - - does not match phrase - value: - oneOf: - - type: number - example: 42 - - type: string - example: value - count: - type: object - properties: - comparator: - type: string - enum: - - more than - - more than or equals - - less than - - less than or equals - - equals - - does not equal - - matches - - does not match - - matches phrase - - does not match phrase - value: - type: number - example: 100 - timeSize: - type: number - example: 6 - timeUnit: - type: string - enum: - - s - - m - - h - - d - logView: - type: object - properties: - logViewId: - type: string - type: - type: string - enum: - - log-view-reference - example: log-view-reference - groupBy: - type: array - items: - type: string - - title: Ratio - type: object - required: - - count - - timeSize - - timeUnit - - logView - properties: - criteria: - type: array - items: - minItems: 2 - maxItems: 2 - type: array - items: - type: object - properties: - field: - type: string - example: my.field - comparator: - type: string - enum: - - more than - - more than or equals - - less than - - less than or equals - - equals - - does not equal - - matches - - does not match - - matches phrase - - does not match phrase - value: - oneOf: - - type: number - example: 42 - - type: string - example: value - count: - type: object - properties: - comparator: - type: string - enum: - - more than - - more than or equals - - less than - - less than or equals - - equals - - does not equal - - matches - - does not match - - matches phrase - - does not match phrase - value: - type: number - example: 100 - timeSize: - type: number - example: 6 - timeUnit: - type: string - enum: - - s - - m - - h - - d - logView: - type: object - properties: - logViewId: - type: string - type: - type: string - enum: - - log-view-reference - example: log-view-reference - groupBy: - type: array - items: - type: string - Alerting_params_property_slo_burn_rate: - properties: - sloId: - description: The SLO identifier used by the rule - type: string - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - burnRateThreshold: - description: The burn rate threshold used to trigger the alert - type: number - example: 14.4 - maxBurnRateThreshold: - description: >- - The maximum burn rate threshold value defined by the SLO error - budget - type: number - example: 168 - longWindow: - description: The duration of the long window used to compute the burn rate - type: object - properties: - value: - description: The duration value - type: number - example: 6 - unit: - description: The duration unit - type: string - example: h - shortWindow: - description: The duration of the short window used to compute the burn rate - type: object - properties: - value: - description: The duration value - type: number - example: 30 - unit: - description: The duration unit - type: string - example: m - Alerting_params_property_synthetics_uptime_tls: - properties: - search: - type: string - certExpirationThreshold: - type: number - certAgeThreshold: - type: number - Alerting_params_property_synthetics_monitor_status: - required: - - numTimes - - shouldCheckStatus - - shouldCheckAvailability - properties: - availability: - type: object - properties: - range: - type: number - rangeUnit: - type: string - threshold: - type: string - filters: - oneOf: - - type: string - - type: object - deprecated: true - properties: - monitor.type: - type: array - items: - type: string - observer.geo.name: - type: array - items: - type: string - tags: - type: array - items: - type: string - url.port: - type: array - items: - type: string - locations: - deprecated: true - type: array - items: - type: string - numTimes: - type: number - search: - type: string - shouldCheckStatus: - type: boolean - shouldCheckAvailability: - type: boolean - timerangeCount: - type: number - timerangeUnit: - type: string - timerange: - deprecated: true - type: object - properties: - from: - type: string - to: - type: string - version: - type: number - isAutoGenerated: - type: boolean - Alerting_create_rule_request: - title: Create rule request body properties - description: The properties vary depending on the rule type. - oneOf: - - $ref: >- - #/components/schemas/Alerting_create_anomaly_detection_alert_rule_request - - $ref: >- - #/components/schemas/Alerting_create_anomaly_detection_jobs_health_rule_request - - $ref: '#/components/schemas/Alerting_create_apm_anomaly_rule_request' - - $ref: '#/components/schemas/Alerting_create_apm_error_count_rule_request' - - $ref: >- - #/components/schemas/Alerting_create_apm_transaction_duration_rule_request - - $ref: >- - #/components/schemas/Alerting_create_apm_transaction_error_rate_rule_request - - $ref: '#/components/schemas/Alerting_create_es_query_rule_request' - - $ref: '#/components/schemas/Alerting_create_geo_containment_rule_request' - - $ref: '#/components/schemas/Alerting_create_index_threshold_rule_request' - - $ref: '#/components/schemas/Alerting_create_infra_inventory_rule_request' - - $ref: >- - #/components/schemas/Alerting_create_infra_metric_anomaly_rule_request - - $ref: >- - #/components/schemas/Alerting_create_infra_metric_threshold_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_jvm_memory_usage_rule_request - - $ref: '#/components/schemas/Alerting_create_log_threshold_rule_request' - - $ref: >- - #/components/schemas/Alerting_create_monitoring_ccr_exceptions_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_cluster_health_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_cpu_usage_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_disk_usage_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_elasticsearch_version_mismatch_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_license_expiration_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_kibana_version_mismatch_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_logstash_version_mismatch_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_missing_data_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_nodes_changed_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_shard_size_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_thread_pool_search_rejections_rule_request - - $ref: >- - #/components/schemas/Alerting_create_monitoring_thread_pool_write_rejections_rule_request - - $ref: '#/components/schemas/Alerting_create_siem_eql_rule_request' - - $ref: '#/components/schemas/Alerting_create_siem_indicator_rule_request' - - $ref: '#/components/schemas/Alerting_create_siem_ml_rule_request' - - $ref: '#/components/schemas/Alerting_create_siem_new_terms_rule_request' - - $ref: '#/components/schemas/Alerting_create_siem_notifications_rule_request' - - $ref: '#/components/schemas/Alerting_create_siem_query_rule_request' - - $ref: '#/components/schemas/Alerting_create_siem_saved_query_rule_request' - - $ref: '#/components/schemas/Alerting_create_siem_threshold_rule_request' - - $ref: '#/components/schemas/Alerting_create_slo_burn_rate_rule_request' - - $ref: >- - #/components/schemas/Alerting_create_synthetics_monitor_status_rule_request - - $ref: >- - #/components/schemas/Alerting_create_synthetics_uptime_duration_anomaly_rule_request - - $ref: >- - #/components/schemas/Alerting_create_synthetics_uptime_tls_rule_request - - $ref: >- - #/components/schemas/Alerting_create_synthetics_uptime_tls_certificate_rule_request - - $ref: '#/components/schemas/Alerting_create_transform_health_rule_request' - - $ref: >- - #/components/schemas/Alerting_create_uptime_monitor_status_rule_request - discriminator: - propertyName: rule_type_id - mapping: - xpack.ml.anomaly_detection_alert: >- - #/components/schemas/Alerting_create_anomaly_detection_alert_rule_request - xpack.ml.anomaly_detection_jobs_health: >- - #/components/schemas/Alerting_create_anomaly_detection_jobs_health_rule_request - apm.anomaly: '#/components/schemas/Alerting_create_apm_anomaly_rule_request' - apm.error_rate: '#/components/schemas/Alerting_create_apm_error_count_rule_request' - apm.transaction_duration: >- - #/components/schemas/Alerting_create_apm_transaction_duration_rule_request - apm.transaction_error_rate: >- - #/components/schemas/Alerting_create_apm_transaction_error_rate_rule_request - .es-query: '#/components/schemas/Alerting_create_es_query_rule_request' - .geo-containment: '#/components/schemas/Alerting_create_geo_containment_rule_request' - .index-threshold: '#/components/schemas/Alerting_create_index_threshold_rule_request' - metrics.alert.inventory.threshold: '#/components/schemas/Alerting_create_infra_inventory_rule_request' - metrics.alert.anomaly: >- - #/components/schemas/Alerting_create_infra_metric_anomaly_rule_request - metrics.alert.threshold: >- - #/components/schemas/Alerting_create_infra_metric_threshold_rule_request - monitoring_alert_jvm_memory_usage: >- - #/components/schemas/Alerting_create_monitoring_jvm_memory_usage_rule_request - logs.alert.document.count: '#/components/schemas/Alerting_create_log_threshold_rule_request' - monitoring_ccr_read_exceptions: >- - #/components/schemas/Alerting_create_monitoring_ccr_exceptions_rule_request - monitoring_alert_cluster_health: >- - #/components/schemas/Alerting_create_monitoring_cluster_health_rule_request - monitoring_alert_cpu_usage: >- - #/components/schemas/Alerting_create_monitoring_cpu_usage_rule_request - monitoring_alert_disk_usage: >- - #/components/schemas/Alerting_create_monitoring_disk_usage_rule_request - monitoring_alert_elasticsearch_version_mismatch: >- - #/components/schemas/Alerting_create_monitoring_elasticsearch_version_mismatch_rule_request - monitoring_alert_license_expiration: >- - #/components/schemas/Alerting_create_monitoring_license_expiration_rule_request - monitoring_alert_kibana_version_mismatch: >- - #/components/schemas/Alerting_create_monitoring_kibana_version_mismatch_rule_request - monitoring_alert_logstash_version_mismatch: >- - #/components/schemas/Alerting_create_monitoring_logstash_version_mismatch_rule_request - monitoring_alert_missing_monitoring_data: >- - #/components/schemas/Alerting_create_monitoring_missing_data_rule_request - monitoring_alert_nodes_changed: >- - #/components/schemas/Alerting_create_monitoring_nodes_changed_rule_request - monitoring_shard_size: >- - #/components/schemas/Alerting_create_monitoring_shard_size_rule_request - monitoring_alert_thread_pool_search_rejections: >- - #/components/schemas/Alerting_create_monitoring_thread_pool_search_rejections_rule_request - monitoring_alert_thread_pool_write_rejections: >- - #/components/schemas/Alerting_create_monitoring_thread_pool_write_rejections_rule_request - siem.eqlRule: '#/components/schemas/Alerting_create_siem_eql_rule_request' - siem.indicatorRule: '#/components/schemas/Alerting_create_siem_indicator_rule_request' - siem.mlRule: '#/components/schemas/Alerting_create_siem_ml_rule_request' - siem.newTermsRule: '#/components/schemas/Alerting_create_siem_new_terms_rule_request' - siem.notifications: '#/components/schemas/Alerting_create_siem_notifications_rule_request' - siem.queryRule: '#/components/schemas/Alerting_create_siem_query_rule_request' - siem.savedQueryRule: '#/components/schemas/Alerting_create_siem_saved_query_rule_request' - siem.thresholdRule: '#/components/schemas/Alerting_create_siem_threshold_rule_request' - slo.rules.burnRate: '#/components/schemas/Alerting_create_slo_burn_rate_rule_request' - xpack.synthetics.alerts.monitorStatus: >- - #/components/schemas/Alerting_create_synthetics_monitor_status_rule_request - xpack.uptime.alerts.durationAnomaly: >- - #/components/schemas/Alerting_create_synthetics_uptime_duration_anomaly_rule_request - xpack.uptime.alerts.tls: >- - #/components/schemas/Alerting_create_synthetics_uptime_tls_rule_request - xpack.uptime.alerts.tlsCertificate: >- - #/components/schemas/Alerting_create_synthetics_uptime_tls_certificate_rule_request - transform_health: '#/components/schemas/Alerting_create_transform_health_rule_request' - xpack.uptime.alerts.monitorStatus: >- - #/components/schemas/Alerting_create_uptime_monitor_status_rule_request - Alerting_rule_response_properties: - title: Rule response properties - type: object - required: - - actions - - api_key_owner - - consumer - - created_at - - created_by - - enabled - - execution_status - - id - - mute_all - - muted_alert_ids - - name - - params - - rule_type_id - - schedule - - tags - - throttle - - updated_at - - updated_by - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - api_key_created_by_user: - type: boolean - description: >- - Indicates whether the API key that is associated with the rule was - created by the user. - example: false - api_key_owner: - type: string - description: > - The owner of the API key that is associated with the rule and used - to run background tasks. - nullable: true - example: elastic - consumer: - type: string - description: >- - The application or feature that owns the rule. For example, - `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, - `ml`, `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or - `uptime`. - example: alerts - created_at: - type: string - description: The date and time that the rule was created. - format: date-time - example: '2022-12-05T23:36:58.284Z' - created_by: - type: string - description: The identifier for the user that created the rule. - nullable: true - example: elastic - enabled: - type: boolean - description: Indicates whether the rule is currently enabled. - example: true - execution_status: - type: object - properties: - last_duration: - type: integer - example: 55 - last_execution_date: - type: string - format: date-time - example: '2022-12-06T00:13:43.890Z' - status: - type: string - example: ok - id: - type: string - description: The identifier for the rule. - example: b530fed0-74f5-11ed-9801-35303b735aef - last_run: - type: object - properties: - alerts_count: - type: object - properties: - active: - type: integer - ignored: - type: integer - new: - type: integer - recovered: - type: integer - outcome: - type: string - example: succeeded - outcome_msg: - type: array - items: - type: string - nullable: true - outcome_order: - type: integer - warning: - type: string - nullable: true - example: null - muted_alert_ids: - type: array - nullable: true - items: - type: string - mute_all: - type: boolean - example: false - name: - type: string - description: The name of the rule. - example: cluster_health_rule - next_run: - type: string - format: date-time - nullable: true - example: '2022-12-06T00:14:43.818Z' - notify_when: - type: string - description: Indicates how often alerts generate actions. - nullable: true - params: - type: object - description: The parameters for the rule. - additionalProperties: true - revision: - type: integer - description: The rule revision number. - rule_type_id: - type: string - description: > - The identifier for the type of rule. For example, `.es-query`, - `.index-threshold`, `logs.alert.document.count`, - `monitoring_alert_cluster_health`, `siem.thresholdRule`, or - `xpack.ml.anomaly_detection_alert`. - example: monitoring_alert_cluster_health - running: - type: boolean - description: Indicates whether the rule is running. - schedule: - $ref: '#/components/schemas/Alerting_schedule' - scheduled_task_id: - type: string - example: b530fed0-74f5-11ed-9801-35303b735aef - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - updated_at: - type: string - description: The date and time that the rule was updated most recently. - example: '2022-12-05T23:36:58.284Z' - updated_by: - type: string - description: The identifier for the user that updated this rule most recently. - nullable: true - example: elastic - Alerting_401_response: - type: object - title: Unsuccessful rule API response - properties: - error: - type: string - example: Unauthorized - enum: - - Unauthorized - message: - type: string - statusCode: - type: integer - example: 401 - enum: - - 401 - Alerting_404_response: - type: object - properties: - error: - type: string - example: Not Found - enum: - - Not Found - message: - type: string - example: Saved object [alert/caaad6d0-920c-11ed-b36a-874bd1548a00] not found - statusCode: - type: integer - example: 404 - enum: - - 404 - Alerting_update_rule_request: - title: Update rule request - description: > - The update rule API request body varies depending on the type of rule - and actions. - type: object - required: - - name - - params - - schedule - properties: - actions: - $ref: '#/components/schemas/Alerting_actions' - alert_delay: - $ref: '#/components/schemas/Alerting_alert_delay' - name: - type: string - description: The name of the rule. - example: cluster_health_rule - notify_when: - $ref: '#/components/schemas/Alerting_notify_when' - params: - type: object - description: The parameters for the rule. - additionalProperties: true - schedule: - $ref: '#/components/schemas/Alerting_schedule' - tags: - $ref: '#/components/schemas/Alerting_tags' - throttle: - $ref: '#/components/schemas/Alerting_throttle' - Alerting_fieldmap_properties: - title: Field map objects in the get rule types response - type: object - properties: - array: - type: boolean - description: Indicates whether the field is an array. - dynamic: - type: boolean - description: Indicates whether it is a dynamic field mapping. - format: - type: string - description: > - Indicates the format of the field. For example, if the `type` is - `date_range`, the `format` can be - `epoch_millis||strict_date_optional_time`. - ignore_above: - type: integer - description: >- - Specifies the maximum length of a string field. Longer strings are - not indexed or stored. - index: - type: boolean - description: Indicates whether field values are indexed. - path: - type: string - description: TBD - properties: - type: object - description: > - Details about the object properties. This property is applicable - when `type` is `object`. - additionalProperties: - type: object - properties: - type: - type: string - description: The data type for each object property. - required: - type: boolean - description: Indicates whether the field is required. - scaling_factor: - type: integer - description: > - The scaling factor to use when encoding values. This property is - applicable when `type` is `scaled_float`. Values will be multiplied - by this factor at index time and rounded to the closest long value. - type: - type: string - description: Specifies the data type for the field. - example: scaled_float - Alerting_400_response: - title: Bad request - type: object - required: - - error - - message - - statusCode - properties: - error: - type: string - enum: - - Bad Request - message: - type: string - statusCode: - type: integer - enum: - - 400 - Alerting_alert_response_properties: - title: Legacy alert response properties - type: object - properties: - actions: - type: array - items: - type: object - alertTypeId: - type: string - example: .index-threshold - apiKeyOwner: - type: string - nullable: true - example: elastic - createdAt: - type: string - description: The date and time that the alert was created. - format: date-time - example: '2022-12-05T23:36:58.284Z' - createdBy: - type: string - description: The identifier for the user that created the alert. - example: elastic - enabled: - type: boolean - description: Indicates whether the alert is currently enabled. - example: true - executionStatus: - type: object - properties: - lastExecutionDate: - type: string - format: date-time - example: '2022-12-06T00:13:43.890Z' - status: - type: string - example: ok - id: - type: string - description: The identifier for the alert. - example: b530fed0-74f5-11ed-9801-35303b735aef - muteAll: - type: boolean - example: false - mutedInstanceIds: - type: array - nullable: true - items: - type: string - name: - type: string - description: The name of the alert. - example: my alert - notifyWhen: - type: string - example: onActionGroupChange - params: - type: object - additionalProperties: true - schedule: - type: object - properties: - interval: - type: string - scheduledTaskId: - type: string - example: b530fed0-74f5-11ed-9801-35303b735aef - tags: - type: array - items: - type: string - throttle: - type: string - nullable: true - updatedAt: - type: string - example: '2022-12-05T23:36:58.284Z' - updatedBy: - type: string - description: The identifier for the user that updated this alert most recently. - nullable: true - example: elastic - Cases_assignees: - type: array - description: An array containing users that are assigned to the case. - maxItems: 10 - nullable: true - items: - type: object - required: - - uid - properties: - uid: - type: string - description: >- - A unique identifier for the user profile. These identifiers can be - found by using the suggest user profile API. - example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - Cases_connector_properties_none: - title: Create or update case request properties for no connector - required: - - fields - - id - - name - - type - description: Defines properties for connectors when type is `.none`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case without - a connector, specify null. To update a case to remove the connector, - specify null. - nullable: true - type: string - example: null - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. To update a case to remove the connector, - specify `none`. - type: string - example: none - name: - description: >- - The name of the connector. To create a case without a connector, use - `none`. To update a case to remove the connector, specify `none`. - type: string - example: none - type: - description: >- - The type of connector. To create a case without a connector, use - `.none`. To update a case to remove the connector, specify `.none`. - type: string - example: .none - enum: - - .none - Cases_connector_properties_cases_webhook: - title: Create or upate case request properties for Cases Webhook connector - required: - - fields - - id - - name - - type - description: Defines properties for connectors when type is `.cases-webhook`. - type: object - properties: - fields: - type: string - nullable: true - example: null - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - type: string - example: .cases-webhook - enum: - - .cases-webhook - Cases_connector_properties_jira: - title: Create or update case request properties for a Jira connector - required: - - fields - - id - - name - - type - description: Defines properties for connectors when type is `.jira`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - required: - - issueType - - parent - - priority - properties: - issueType: - description: The type of issue. - type: string - nullable: true - parent: - description: The key of the parent issue, when the issue type is sub-task. - type: string - nullable: true - priority: - description: The priority of the issue. - type: string - nullable: true - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - type: string - example: .jira - enum: - - .jira - Cases_connector_properties_resilient: - title: Create case request properties for a IBM Resilient connector - required: - - fields - - id - - name - - type - description: Defines properties for connectors when type is `.resilient`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - nullable: true - required: - - issueTypes - - severityCode - properties: - issueTypes: - description: The type of incident. - type: array - items: - type: string - severityCode: - description: The severity code of the incident. - type: string - id: - description: The identifier for the connector. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - type: string - example: .resilient - enum: - - .resilient - Cases_connector_properties_servicenow: - title: Create case request properties for a ServiceNow ITSM connector - required: - - fields - - id - - name - - type - description: Defines properties for connectors when type is `.servicenow`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - required: - - category - - impact - - severity - - subcategory - - urgency - properties: - category: - description: The category of the incident. - type: string - nullable: true - impact: - description: The effect an incident had on business. - type: string - nullable: true - severity: - description: The severity of the incident. - type: string - nullable: true - subcategory: - description: The subcategory of the incident. - type: string - nullable: true - urgency: - description: The extent to which the incident resolution can be delayed. - type: string - nullable: true - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - type: string - example: .servicenow - enum: - - .servicenow - Cases_connector_properties_servicenow_sir: - title: Create case request properties for a ServiceNow SecOps connector - required: - - fields - - id - - name - - type - description: Defines properties for connectors when type is `.servicenow-sir`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - required: - - category - - destIp - - malwareHash - - malwareUrl - - priority - - sourceIp - - subcategory - properties: - category: - description: The category of the incident. - type: string - nullable: true - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs. - type: boolean - nullable: true - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes. - type: boolean - nullable: true - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs. - type: boolean - nullable: true - priority: - description: The priority of the issue. - type: string - nullable: true - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs. - type: boolean - nullable: true - subcategory: - description: The subcategory of the incident. - type: string - nullable: true - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - type: string - example: .servicenow-sir - enum: - - .servicenow-sir - Cases_connector_properties_swimlane: - title: Create case request properties for a Swimlane connector - required: - - fields - - id - - name - - type - description: Defines properties for connectors when type is `.swimlane`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - required: - - caseId - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - nullable: true - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - type: string - example: .swimlane - enum: - - .swimlane - Cases_case_description: - description: The description for the case. - type: string - maxLength: 30000 - Cases_owners: - type: string - description: > - The application that owns the cases: Stack Management, Observability, or - Elastic Security. - enum: - - cases - - observability - - securitySolution - example: cases - Cases_settings: - type: object - description: An object that contains the case settings. - required: - - syncAlerts - properties: - syncAlerts: - description: Turns alert syncing on or off. - type: boolean - example: true - Cases_case_severity: - type: string - description: The severity of the case. - enum: - - critical - - high - - low - - medium - default: low - Cases_case_tags: - description: > - The words and phrases that help categorize cases. It can be an empty - array. - type: array - maxItems: 200 - items: - type: string - maxLength: 256 - Cases_case_category: - description: A word or phrase that categorizes the case. - type: string - maxLength: 50 - Cases_case_title: - description: A title for the case. - type: string - maxLength: 160 - Cases_create_case_request: - title: Create case request - description: >- - The create case API request body varies depending on the type of - connector. - type: object - required: - - connector - - description - - owner - - settings - - tags - - title - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - connector: - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - description: - $ref: '#/components/schemas/Cases_case_description' - owner: - $ref: '#/components/schemas/Cases_owners' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - tags: - $ref: '#/components/schemas/Cases_case_tags' - category: - $ref: '#/components/schemas/Cases_case_category' - title: - $ref: '#/components/schemas/Cases_case_title' - customFields: - type: array - description: > - Custom field values for a case. Any optional custom fields that are - not specified in the request are set to null. - minItems: 0 - maxItems: 10 - items: - type: object - required: - - key - - type - - value - properties: - key: - description: > - The unique identifier for the custom field. The key value must - exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified in the - case configuration settings. - type: string - enum: - - text - - toggle - value: - description: > - The custom field value. If the custom field is required, it - cannot be explicitly set to null. However, for cases that - existed when the required custom field was added, the default - value stored in Elasticsearch is `undefined`. The value - returned in the API and user interface in this case is `null`. - oneOf: - - type: string - minLength: 1 - maxLength: 160 - nullable: true - - type: boolean - Cases_case_response_closed_by_properties: - title: Case response properties for closed_by - type: object - nullable: true - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - required: - - email - - full_name - - username - Cases_alert_comment_response_properties: - title: Add case comment response properties for alerts - type: object - required: - - type - properties: - alertId: - type: array - items: - type: string - example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446 - created_at: - type: string - format: date-time - example: '2023-11-06T19:29:38.424Z' - created_by: - type: object - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - id: - type: string - example: 73362370-ab1a-11ec-985f-97e55adae8b9 - index: - type: array - items: - type: string - example: .internal.alerts-security.alerts-default-000001 - owner: - $ref: '#/components/schemas/Cases_owners' - pushed_at: - type: string - format: date-time - example: null - nullable: true - pushed_by: - type: object - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - nullable: true - rule: - type: object - properties: - id: - description: The rule identifier. - type: string - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - name: - description: The rule name. - type: string - example: security_rule - type: - type: string - example: alert - enum: - - alert - updated_at: - type: string - format: date-time - nullable: true - updated_by: - type: object - nullable: true - required: - - email - - full_name - - username - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - version: - type: string - example: WzMwNDgsMV0= - Cases_user_comment_response_properties: - title: Case response properties for user comments - type: object - required: - - type - properties: - comment: - type: string - example: A new comment. - created_at: - type: string - format: date-time - example: '2022-05-13T09:16:17.416Z' - created_by: - $ref: '#/components/schemas/Cases_case_response_created_by_properties' - id: - type: string - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - owner: - $ref: '#/components/schemas/Cases_owners' - pushed_at: - type: string - format: date-time - nullable: true - example: null - pushed_by: - $ref: '#/components/schemas/Cases_case_response_pushed_by_properties' - type: - type: string - example: user - enum: - - user - updated_at: - type: string - format: date-time - nullable: true - example: null - updated_by: - $ref: '#/components/schemas/Cases_case_response_updated_by_properties' - version: - type: string - example: WzIwNDMxLDFd - Cases_case_response_created_by_properties: - title: Case response properties for created_by - type: object - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - required: - - email - - full_name - - username - Cases_case_response_pushed_by_properties: - title: Case response properties for pushed_by - type: object - nullable: true - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - required: - - email - - full_name - - username - Cases_case_response_updated_by_properties: - title: Case response properties for updated_by - type: object - nullable: true - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - required: - - email - - full_name - - username - Cases_external_service: - type: object - nullable: true - properties: - connector_id: - type: string - connector_name: - type: string - external_id: - type: string - external_title: - type: string - external_url: - type: string - pushed_at: - type: string - format: date-time - pushed_by: - type: object - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - nullable: true - Cases_case_status: - type: string - description: The status of the case. - enum: - - closed - - in-progress - - open - Cases_case_response_properties: - title: Case response properties - type: object - required: - - closed_at - - closed_by - - comments - - connector - - created_at - - created_by - - description - - duration - - external_service - - id - - owner - - settings - - severity - - status - - tags - - title - - totalAlerts - - totalComment - - updated_at - - updated_by - - version - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - type: string - description: The case category. - nullable: true - closed_at: - type: string - format: date-time - nullable: true - closed_by: - $ref: '#/components/schemas/Cases_case_response_closed_by_properties' - comments: - title: Case response properties for comments - description: An array of comment objects for the case. - type: array - maxItems: 10000 - items: - oneOf: - - $ref: '#/components/schemas/Cases_alert_comment_response_properties' - - $ref: '#/components/schemas/Cases_user_comment_response_properties' - discriminator: - propertyName: type - mapping: - alert: '#/components/schemas/Cases_alert_comment_response_properties' - user: '#/components/schemas/Cases_user_comment_response_properties' - connector: - title: Case response properties for connectors - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - discriminator: - propertyName: type - mapping: - .none: '#/components/schemas/Cases_connector_properties_none' - .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook' - .jira: '#/components/schemas/Cases_connector_properties_jira' - .resilient: '#/components/schemas/Cases_connector_properties_resilient' - .servicenow: '#/components/schemas/Cases_connector_properties_servicenow' - .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir' - .swimlane: '#/components/schemas/Cases_connector_properties_swimlane' - created_at: - type: string - format: date-time - example: '2022-05-13T09:16:17.416Z' - created_by: - $ref: '#/components/schemas/Cases_case_response_created_by_properties' - customFields: - type: array - description: Custom field values for the case. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key value must - exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified in the - case configuration settings. - type: string - enum: - - text - - toggle - value: - description: > - The custom field value. If the custom field is required, it - cannot be explicitly set to null. However, for cases that - existed when the required custom field was added, the default - value stored in Elasticsearch is `undefined`. The value - returned in the API and user interface in this case is `null`. - oneOf: - - type: string - minLength: 1 - maxLength: 160 - nullable: true - - type: boolean - description: - type: string - example: A case description. - duration: - type: integer - description: > - The elapsed time from the creation of the case to its closure (in - seconds). If the case has not been closed, the duration is set to - null. If the case was closed after less than half a second, the - duration is rounded down to zero. - nullable: true - example: 120 - external_service: - $ref: '#/components/schemas/Cases_external_service' - id: - type: string - example: 66b9aa00-94fa-11ea-9f74-e7e108796192 - owner: - $ref: '#/components/schemas/Cases_owners' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - type: array - items: - type: string - example: - - tag-1 - title: - type: string - example: Case title 1 - totalAlerts: - type: integer - example: 0 - totalComment: - type: integer - example: 0 - updated_at: - type: string - format: date-time - nullable: true - updated_by: - $ref: '#/components/schemas/Cases_case_response_updated_by_properties' - version: - type: string - example: WzUzMiwxXQ== - Cases_4xx_response: - type: object - title: Unsuccessful cases API response - properties: - error: - type: string - example: Unauthorized - message: - type: string - statusCode: - type: integer - example: 401 - Cases_update_case_request: - title: Update case request - description: >- - The update case API request body varies depending on the type of - connector. - type: object - required: - - cases - properties: - cases: - type: array - description: An array containing one or more case objects. - maxItems: 100 - minItems: 1 - items: - type: object - required: - - id - - version - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: >- - #/components/schemas/Cases_connector_properties_cases_webhook - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: >- - #/components/schemas/Cases_connector_properties_servicenow_sir - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - customFields: - type: array - description: > - Custom field values for a case. Any optional custom fields - that are not specified in the request are set to null. - minItems: 0 - maxItems: 10 - items: - type: object - required: - - key - - type - - value - properties: - key: - description: > - The unique identifier for the custom field. The key - value must exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified - in the case configuration settings. - type: string - enum: - - text - - toggle - value: - description: > - The custom field value. If the custom field is required, - it cannot be explicitly set to null. However, for cases - that existed when the required custom field was added, - the default value stored in Elasticsearch is - `undefined`. The value returned in the API and user - interface in this case is `null`. - oneOf: - - type: string - minLength: 1 - maxLength: 160 - nullable: true - - type: boolean - description: - $ref: '#/components/schemas/Cases_case_description' - id: - description: The identifier for the case. - type: string - maxLength: 30000 - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - version: - description: >- - The current version of the case. To determine this value, use - the get case or find cases APIs. - type: string - Cases_searchFieldsType: - type: string - description: The fields to perform the `simple_query_string` parsed query against. - enum: - - description - - title - Cases_closure_types: - type: string - description: >- - Indicates whether a case is automatically closed when it is pushed to - external systems (`close-by-pushing`) or not automatically closed - (`close-by-user`). - enum: - - close-by-pushing - - close-by-user - example: close-by-user - Cases_connector_types: - type: string - description: The type of connector. - enum: - - .cases-webhook - - .jira - - .none - - .resilient - - .servicenow - - .servicenow-sir - - .swimlane - example: .none - Cases_template_tags: - description: > - The words and phrases that help categorize templates. It can be an empty - array. - type: array - maxItems: 200 - items: - type: string - maxLength: 256 - Cases_templates: - type: array - x-technical-preview: true - items: - type: object - properties: - caseFields: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not - used and are not propagated to individual cases, therefore - it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a - default connector, use `none`. To retrieve connector IDs, - use the find connectors API. - type: string - example: none - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use - the find connectors API. - type: string - example: none - type: - $ref: '#/components/schemas/Cases_connector_types' - customFields: - type: array - x-technical-preview: true - description: Custom field values in the template. - items: - type: object - properties: - key: - type: string - description: The unique key for the custom field. - type: - type: string - enum: - - text - - toggle - description: The type of the custom field. - value: - oneOf: - - type: string - - type: boolean - description: > - The default value for the custom field when a case uses - the template. If the `type` is `text`, the default value - must be a string. If the `type` is `toggle`, the default - value must be boolean. - description: - $ref: '#/components/schemas/Cases_case_description' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - description: - type: string - description: A description for the template. - key: - type: string - description: > - A unique key for the template. Must be lower case and composed - only of a-z, 0-9, '_', and '-' characters. It is used in API calls - to refer to a specific template. - name: - type: string - description: The name of the template. - tags: - $ref: '#/components/schemas/Cases_template_tags' - Cases_set_case_configuration_request: - title: Set case configuration request - description: >- - External connection details, such as the closure type and default - connector for cases. - type: object - required: - - closure_type - - connector - - owner - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - description: An object that contains the connector configuration. - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not used and - are not propagated to individual cases, therefore it is - recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a default - connector, use `none`. To retrieve connector IDs, use the find - connectors API. - type: string - example: none - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use the find - connectors API. - type: string - example: none - type: - $ref: '#/components/schemas/Cases_connector_types' - required: - - fields - - id - - name - - type - customFields: - type: array - description: Custom fields case configuration. - minItems: 0 - maxItems: 10 - items: - type: object - required: - - key - - label - - required - - type - properties: - defaultValue: - oneOf: - - type: string - - type: boolean - description: > - A default value for the custom field. If the `type` is `text`, - the default value must be a string. If the `type` is `toggle`, - the default value must be boolean. - key: - description: > - A unique key for the custom field. Must be lower case and - composed only of a-z, 0-9, '_', and '-' characters. It is used - in API calls to refer to a specific custom field. - type: string - minLength: 1 - maxLength: 36 - label: - description: The custom field label that is displayed in the case. - type: string - minLength: 1 - maxLength: 50 - required: - description: > - Indicates whether the field is required. If `false`, the - custom field can be set to null or omitted when a case is - created or updated. - type: boolean - type: - description: The type of the custom field. - type: string - enum: - - text - - toggle - owner: - $ref: '#/components/schemas/Cases_owners' - templates: - $ref: '#/components/schemas/Cases_templates' - Cases_update_case_configuration_request: - title: Update case configuration request - description: > - You can update settings such as the closure type, custom fields, - templates, and the default connector for cases. - type: object - required: - - version - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - description: An object that contains the connector configuration. - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not used and - are not propagated to individual cases, therefore it is - recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a default - connector, use `none`. To retrieve connector IDs, use the find - connectors API. - type: string - example: none - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use the find - connectors API. - type: string - example: none - type: - $ref: '#/components/schemas/Cases_connector_types' - required: - - fields - - id - - name - - type - customFields: - type: array - description: Custom fields case configuration. - items: - type: object - required: - - key - - label - - required - - type - properties: - defaultValue: - oneOf: - - type: string - - type: boolean - description: > - A default value for the custom field. If the `type` is `text`, - the default value must be a string. If the `type` is `toggle`, - the default value must be boolean. - key: - description: > - A unique key for the custom field. Must be lower case and - composed only of a-z, 0-9, '_', and '-' characters. It is used - in API calls to refer to a specific custom field. - type: string - minLength: 1 - maxLength: 36 - label: - description: The custom field label that is displayed in the case. - type: string - minLength: 1 - maxLength: 50 - required: - description: > - Indicates whether the field is required. If `false`, the - custom field can be set to null or omitted when a case is - created or updated. - type: boolean - type: - description: The type of the custom field. - type: string - enum: - - text - - toggle - templates: - $ref: '#/components/schemas/Cases_templates' - version: - description: > - The version of the connector. To retrieve the version value, use the - get configuration API. - type: string - example: WzIwMiwxXQ== - Cases_alert_response_properties: - type: object - properties: - attached_at: - type: string - format: date-time - id: - description: The alert identifier. - type: string - index: - description: The alert index. - type: string - Cases_add_alert_comment_request_properties: - title: Add case comment request properties for alerts - required: - - alertId - - index - - owner - - rule - - type - description: Defines properties for case comment requests when type is alert. - type: object - properties: - alertId: - $ref: '#/components/schemas/Cases_alert_identifiers' - index: - $ref: '#/components/schemas/Cases_alert_indices' - owner: - $ref: '#/components/schemas/Cases_owners' - rule: - $ref: '#/components/schemas/Cases_rule' - type: - description: The type of comment. - type: string - example: alert - enum: - - alert - Cases_add_user_comment_request_properties: - title: Add case comment request properties for user comments - description: Defines properties for case comment requests when type is user. - type: object - properties: - comment: - description: The new comment. It is required only when `type` is `user`. - type: string - maxLength: 30000 - example: A new comment. - owner: - $ref: '#/components/schemas/Cases_owners' - type: - type: string - description: The type of comment. - example: user - enum: - - user - required: - - comment - - owner - - type - Cases_alert_identifiers: - title: Alert identifiers - description: > - The alert identifiers. It is required only when `type` is `alert`. You - can use an array of strings to add multiple alerts to a case, provided - that they all relate to the same rule; `index` must also be an array - with the same length or number of elements. Adding multiple alerts in - this manner is recommended rather than calling the API multiple times. - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - oneOf: - - type: string - - type: array - items: - type: string - maxItems: 1000 - x-technical-preview: true - example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42 - Cases_alert_indices: - title: Alert indices - description: > - The alert indices. It is required only when `type` is `alert`. If you - are adding multiple alerts to a case, use an array of strings; the - position of each index name in the array must match the position of the - corresponding alert identifier in the `alertId` array. This - functionality is in technical preview and may be changed or removed in a - future release. Elastic will work to fix any issues, but features in - technical preview are not subject to the support SLA of official GA - features. - oneOf: - - type: string - - type: array - items: - type: string - maxItems: 1000 - x-technical-preview: true - Cases_rule: - title: Alerting rule - description: > - The rule that is associated with the alerts. It is required only when - `type` is `alert`. This functionality is in technical preview and may be - changed or removed in a future release. Elastic will work to fix any - issues, but features in technical preview are not subject to the support - SLA of official GA features. - type: object - x-technical-preview: true - properties: - id: - description: The rule identifier. - type: string - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - name: - description: The rule name. - type: string - example: security_rule - Cases_add_case_comment_request: - title: Add case comment request - description: >- - The add comment to case API request body varies depending on whether you - are adding an alert or a comment. - oneOf: - - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties' - - $ref: '#/components/schemas/Cases_add_user_comment_request_properties' - discriminator: - propertyName: type - mapping: - alert: '#/components/schemas/Cases_add_alert_comment_request_properties' - user: '#/components/schemas/Cases_add_user_comment_request_properties' - Cases_update_alert_comment_request_properties: - title: Update case comment request properties for alerts - description: Defines properties for case comment requests when type is alert. - required: - - alertId - - id - - index - - owner - - rule - - type - - version - type: object - properties: - alertId: - $ref: '#/components/schemas/Cases_alert_identifiers' - id: - type: string - description: > - The identifier for the comment. To retrieve comment IDs, use the get - comments API. - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - index: - $ref: '#/components/schemas/Cases_alert_indices' - owner: - $ref: '#/components/schemas/Cases_owners' - rule: - $ref: '#/components/schemas/Cases_rule' - type: - description: The type of comment. - type: string - enum: - - alert - example: alert - version: - description: > - The current comment version. To retrieve version values, use the get - comments API. - type: string - example: Wzk1LDFd - Cases_update_user_comment_request_properties: - title: Update case comment request properties for user comments - description: Defines properties for case comment requests when type is user. - type: object - properties: - comment: - description: The new comment. It is required only when `type` is `user`. - type: string - maxLength: 30000 - example: A new comment. - id: - type: string - description: > - The identifier for the comment. To retrieve comment IDs, use the get - comments API. - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - owner: - $ref: '#/components/schemas/Cases_owners' - type: - type: string - description: The type of comment. - enum: - - user - example: user - version: - description: > - The current comment version. To retrieve version values, use the get - comments API. - type: string - example: Wzk1LDFd - required: - - comment - - id - - owner - - type - - version - Cases_update_case_comment_request: - title: Update case comment request - description: >- - The update case comment API request body varies depending on whether you - are updating an alert or a comment. - oneOf: - - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties' - - $ref: '#/components/schemas/Cases_update_user_comment_request_properties' - discriminator: - propertyName: type - mapping: - alert: '#/components/schemas/Cases_update_alert_comment_request_properties' - user: '#/components/schemas/Cases_update_user_comment_request_properties' - Cases_actions: - type: string - enum: - - add - - create - - delete - - push_to_service - - update - example: create - Cases_payload_alert_comment: - type: object - properties: - comment: - type: object - properties: - alertId: - oneOf: - - type: string - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d - - type: array - items: - type: string - index: - oneOf: - - type: string - example: .alerts-observability.logs.alerts-default - - type: array - items: - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - rule: - type: object - properties: - id: - description: The rule identifier. - type: string - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - name: - description: The rule name. - type: string - example: security_rule - type: - type: string - enum: - - alert - Cases_payload_assignees: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - Cases_payload_connector: - type: object - properties: - connector: - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case - without a connector, specify null. If you want to omit any - individual field, specify null as its value. - nullable: true - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - category: - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs for ServiceNow SecOps connectors. - type: boolean - nullable: true - impact: - description: >- - The effect an incident had on business for ServiceNow ITSM - connectors. - type: string - issueType: - description: The type of issue for Jira connectors. - type: string - issueTypes: - description: The type of incident for IBM Resilient connectors. - type: array - items: - type: string - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes for ServiceNow SecOps connectors. - type: boolean - nullable: true - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs for ServiceNow SecOps connectors. - type: boolean - nullable: true - parent: - description: >- - The key of the parent issue, when the issue type is sub-task - for Jira connectors. - type: string - priority: - description: >- - The priority of the issue for Jira and ServiceNow SecOps - connectors. - type: string - severity: - description: The severity of the incident for ServiceNow ITSM connectors. - type: string - severityCode: - description: >- - The severity code of the incident for IBM Resilient - connectors. - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs for ServiceNow SecOps connectors. - type: boolean - nullable: true - subcategory: - description: >- - The subcategory of the incident for ServiceNow ITSM - connectors. - type: string - urgency: - description: >- - The extent to which the incident resolution can be delayed - for ServiceNow ITSM connectors. - type: string - example: null - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. - type: string - example: none - name: - description: >- - The name of the connector. To create a case without a connector, - use `none`. - type: string - example: none - type: - $ref: '#/components/schemas/Cases_connector_types' - Cases_payload_create_case: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - connector: - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case - without a connector, specify null. If you want to omit any - individual field, specify null as its value. - nullable: true - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - category: - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs for ServiceNow SecOps connectors. - type: boolean - nullable: true - impact: - description: >- - The effect an incident had on business for ServiceNow ITSM - connectors. - type: string - issueType: - description: The type of issue for Jira connectors. - type: string - issueTypes: - description: The type of incident for IBM Resilient connectors. - type: array - items: - type: string - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes for ServiceNow SecOps connectors. - type: boolean - nullable: true - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs for ServiceNow SecOps connectors. - type: boolean - nullable: true - parent: - description: >- - The key of the parent issue, when the issue type is sub-task - for Jira connectors. - type: string - priority: - description: >- - The priority of the issue for Jira and ServiceNow SecOps - connectors. - type: string - severity: - description: The severity of the incident for ServiceNow ITSM connectors. - type: string - severityCode: - description: >- - The severity code of the incident for IBM Resilient - connectors. - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs for ServiceNow SecOps connectors. - type: boolean - nullable: true - subcategory: - description: >- - The subcategory of the incident for ServiceNow ITSM - connectors. - type: string - urgency: - description: >- - The extent to which the incident resolution can be delayed - for ServiceNow ITSM connectors. - type: string - example: null - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. - type: string - example: none - name: - description: >- - The name of the connector. To create a case without a connector, - use `none`. - type: string - example: none - type: - $ref: '#/components/schemas/Cases_connector_types' - description: - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - type: array - items: - type: string - example: - - tag-1 - title: - type: string - Cases_payload_delete: - type: object - description: >- - If the `action` is `delete` and the `type` is `delete_case`, the payload - is nullable. - nullable: true - Cases_payload_description: - type: object - properties: - description: - type: string - Cases_payload_pushed: - type: object - properties: - externalService: - $ref: '#/components/schemas/Cases_external_service' - Cases_payload_settings: - type: object - properties: - settings: - $ref: '#/components/schemas/Cases_settings' - Cases_payload_severity: - type: object - properties: - severity: - $ref: '#/components/schemas/Cases_case_severity' - Cases_payload_status: - type: object - properties: - status: - $ref: '#/components/schemas/Cases_case_status' - Cases_payload_tags: - type: object - properties: - tags: - type: array - items: - type: string - example: - - tag-1 - Cases_payload_title: - type: object - properties: - title: - type: string - Cases_payload_user_comment: - type: object - properties: - comment: - type: object - properties: - comment: - type: string - owner: - $ref: '#/components/schemas/Cases_owners' - type: - type: string - enum: - - user - Cases_action_types: - type: string - description: The type of action. - enum: - - assignees - - create_case - - comment - - connector - - delete_case - - description - - pushed - - tags - - title - - status - - settings - - severity - example: create_case - Cases_user_actions_response_properties: - type: object - required: - - action - - action_id - - case_id - - comment_id - - created_at - - created_by - - owner - - payload - - type - properties: - action: - $ref: '#/components/schemas/Cases_actions' - action_id: - type: string - example: 22fd3e30-03b1-11ed-920c-974bfa104448 - case_id: - type: string - example: 22df07d0-03b1-11ed-920c-974bfa104448 - comment_id: - type: string - nullable: true - example: 578608d0-03b1-11ed-920c-974bfa104448 - created_at: - type: string - format: date-time - example: '2022-05-13T09:16:17.416Z' - created_by: - type: object - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - required: - - email - - full_name - - username - owner: - $ref: '#/components/schemas/Cases_owners' - payload: - oneOf: - - $ref: '#/components/schemas/Cases_payload_alert_comment' - - $ref: '#/components/schemas/Cases_payload_assignees' - - $ref: '#/components/schemas/Cases_payload_connector' - - $ref: '#/components/schemas/Cases_payload_create_case' - - $ref: '#/components/schemas/Cases_payload_delete' - - $ref: '#/components/schemas/Cases_payload_description' - - $ref: '#/components/schemas/Cases_payload_pushed' - - $ref: '#/components/schemas/Cases_payload_settings' - - $ref: '#/components/schemas/Cases_payload_severity' - - $ref: '#/components/schemas/Cases_payload_status' - - $ref: '#/components/schemas/Cases_payload_tags' - - $ref: '#/components/schemas/Cases_payload_title' - - $ref: '#/components/schemas/Cases_payload_user_comment' - type: - $ref: '#/components/schemas/Cases_action_types' - Cases_user_actions_find_response_properties: - type: object - required: - - action - - comment_id - - created_at - - created_by - - id - - owner - - payload - - type - - version - properties: - action: - $ref: '#/components/schemas/Cases_actions' - comment_id: - type: string - nullable: true - example: 578608d0-03b1-11ed-920c-974bfa104448 - created_at: - type: string - format: date-time - example: '2022-05-13T09:16:17.416Z' - created_by: - type: object - properties: - email: - type: string - example: null - nullable: true - full_name: - type: string - example: null - nullable: true - username: - type: string - example: elastic - nullable: true - profile_uid: - type: string - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - required: - - email - - full_name - - username - id: - type: string - example: 22fd3e30-03b1-11ed-920c-974bfa104448 - owner: - $ref: '#/components/schemas/Cases_owners' - payload: - oneOf: - - $ref: '#/components/schemas/Cases_payload_alert_comment' - - $ref: '#/components/schemas/Cases_payload_assignees' - - $ref: '#/components/schemas/Cases_payload_connector' - - $ref: '#/components/schemas/Cases_payload_create_case' - - $ref: '#/components/schemas/Cases_payload_delete' - - $ref: '#/components/schemas/Cases_payload_description' - - $ref: '#/components/schemas/Cases_payload_pushed' - - $ref: '#/components/schemas/Cases_payload_settings' - - $ref: '#/components/schemas/Cases_payload_severity' - - $ref: '#/components/schemas/Cases_payload_status' - - $ref: '#/components/schemas/Cases_payload_tags' - - $ref: '#/components/schemas/Cases_payload_title' - - $ref: '#/components/schemas/Cases_payload_user_comment' - version: - type: string - example: WzM1ODg4LDFd - type: - type: string - description: The type of action. - enum: - - assignees - - create_case - - comment - - connector - - description - - pushed - - tags - - title - - status - - settings - - severity - example: create_case - Connectors_create_connector_request_bedrock: - title: Create Amazon Bedrock connector request - description: >- - The Amazon Bedrock connector uses axios to send a POST request to Amazon - Bedrock. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_bedrock' - connector_type_id: - type: string - description: The type of connector. - enum: - - .bedrock - example: .bedrock - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_bedrock' - Connectors_create_connector_request_gemini: - title: Create Google Gemini connector request - description: >- - The Google Gemini connector uses axios to send a POST request to Google - Gemini. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_gemini' - connector_type_id: - type: string - description: The type of connector. - enum: - - .gemini - example: .gemini - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_gemini' - Connectors_create_connector_request_cases_webhook: - title: Create Webhook - Case Managment connector request - description: > - The Webhook - Case Management connector uses axios to send POST, PUT, - and GET requests to a case management RESTful API web service. - type: object - required: - - config - - connector_type_id - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' - connector_type_id: - type: string - description: The type of connector. - enum: - - .cases-webhook - example: .cases-webhook - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_cases_webhook' - Connectors_create_connector_request_d3security: - title: Create D3 Security connector request - description: > - The connector uses axios to send a POST request to a D3 Security - endpoint. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_d3security' - connector_type_id: - type: string - description: The type of connector. - enum: - - .d3security - example: .d3security - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_d3security' - Connectors_create_connector_request_email: - title: Create email connector request - description: > - The email connector uses the SMTP protocol to send mail messages, using - an integration of Nodemailer. An exception is Microsoft Exchange, which - uses HTTP protocol for sending emails, Send mail. Email message text is - sent as both plain text and html text. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_email' - connector_type_id: - type: string - description: The type of connector. - enum: - - .email - example: .email - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_email' - Connectors_create_connector_request_genai: - title: Create OpenAI connector request - description: > - The OpenAI connector uses axios to send a POST request to either OpenAI - or Azure OpenAPI. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_genai' - connector_type_id: - type: string - description: The type of connector. - enum: - - .gen-ai - example: .gen-ai - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_genai' - Connectors_create_connector_request_index: - title: Create index connector request - description: The index connector indexes a document into Elasticsearch. - type: object - required: - - config - - connector_type_id - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_index' - connector_type_id: - type: string - description: The type of connector. - enum: - - .index - example: .index - name: - type: string - description: The display name for the connector. - example: my-connector - Connectors_create_connector_request_jira: - title: Create Jira connector request - description: The Jira connector uses the REST API v2 to create Jira issues. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_jira' - connector_type_id: - type: string - description: The type of connector. - enum: - - .jira - example: .jira - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_jira' - Connectors_create_connector_request_opsgenie: - title: Create Opsgenie connector request - description: The Opsgenie connector uses the Opsgenie alert API. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_opsgenie' - connector_type_id: - type: string - description: The type of connector. - enum: - - .opsgenie - example: .opsgenie - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_opsgenie' - Connectors_create_connector_request_pagerduty: - title: Create PagerDuty connector request - description: > - The PagerDuty connector uses the v2 Events API to trigger, acknowledge, - and resolve PagerDuty alerts. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_pagerduty' - connector_type_id: - type: string - description: The type of connector. - enum: - - .pagerduty - example: .pagerduty - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_pagerduty' - Connectors_create_connector_request_resilient: - title: Create IBM Resilient connector request - description: >- - The IBM Resilient connector uses the RESILIENT REST v2 to create IBM - Resilient incidents. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_resilient' - connector_type_id: - description: The type of connector. - type: string - example: .resilient - enum: - - .resilient - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_resilient' - Connectors_create_connector_request_sentinelone: - title: Create SentinelOne connector request - description: > - The SentinelOne connector communicates with SentinelOne Management - Console via REST API. This functionality is in technical preview and may - be changed or removed in a future release. Elastic will work to fix any - issues, but features in technical preview are not subject to the support - SLA of official GA features. - x-technical-preview: true - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_sentinelone' - connector_type_id: - type: string - description: The type of connector. - enum: - - .sentinelone - example: .sentinelone - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_sentinelone' - Connectors_create_connector_request_serverlog: - title: Create server log connector request - description: This connector writes an entry to the Kibana server log. - type: object - required: - - connector_type_id - - name - properties: - connector_type_id: - type: string - description: The type of connector. - enum: - - .server-log - example: .server-log - name: - type: string - description: The display name for the connector. - example: my-connector - Connectors_create_connector_request_servicenow: - title: Create ServiceNow ITSM connector request - description: > - The ServiceNow ITSM connector uses the import set API to create - ServiceNow incidents. You can use the connector for rule actions and - cases. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow - example: .servicenow - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_create_connector_request_servicenow_itom: - title: Create ServiceNow ITOM connector request - description: > - The ServiceNow ITOM connector uses the event API to create ServiceNow - events. You can use the connector for rule actions. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow-itom - example: .servicenow-itom - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_create_connector_request_servicenow_sir: - title: Create ServiceNow SecOps connector request - description: > - The ServiceNow SecOps connector uses the import set API to create - ServiceNow security incidents. You can use the connector for rule - actions and cases. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow-sir - example: .servicenow-sir - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_create_connector_request_slack_api: - title: Create Slack connector request - description: The Slack connector uses an API method to send Slack messages. - type: object - required: - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_slack_api' - connector_type_id: - type: string - description: The type of connector. - enum: - - .slack_api - example: .slack_api - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_slack_api' - Connectors_create_connector_request_slack_webhook: - title: Create Slack connector request - description: The Slack connector uses Slack Incoming Webhooks. - type: object - required: - - connector_type_id - - name - - secrets - properties: - connector_type_id: - type: string - description: The type of connector. - enum: - - .slack - example: .slack - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_slack_webhook' - Connectors_create_connector_request_swimlane: - title: Create Swimlane connector request - description: >- - The Swimlane connector uses the Swimlane REST API to create Swimlane - records. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_swimlane' - connector_type_id: - type: string - description: The type of connector. - enum: - - .swimlane - example: .swimlane - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_swimlane' - Connectors_create_connector_request_teams: - title: Create Microsoft Teams connector request - description: The Microsoft Teams connector uses Incoming Webhooks. - type: object - required: - - connector_type_id - - name - - secrets - properties: - connector_type_id: - type: string - description: The type of connector. - enum: - - .teams - example: .teams - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_teams' - Connectors_create_connector_request_tines: - title: Create Tines connector request - description: > - The Tines connector uses Tines Webhook actions to send events via POST - request. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_tines' - connector_type_id: - type: string - description: The type of connector. - enum: - - .tines - example: .tines - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_tines' - Connectors_create_connector_request_torq: - title: Create Torq connector request - description: > - The Torq connector uses a Torq webhook to trigger workflows with Kibana - actions. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_torq' - connector_type_id: - type: string - description: The type of connector. - enum: - - .torq - example: .torq - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_torq' - Connectors_create_connector_request_webhook: - title: Create Webhook connector request - description: > - The Webhook connector uses axios to send a POST or PUT request to a web - service. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_webhook' - connector_type_id: - type: string - description: The type of connector. - enum: - - .webhook - example: .webhook - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_webhook' - Connectors_create_connector_request_xmatters: - title: Create xMatters connector request - description: > - The xMatters connector uses the xMatters Workflow for Elastic to send - actionable alerts to on-call xMatters resources. - type: object - required: - - config - - connector_type_id - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_xmatters' - connector_type_id: - type: string - description: The type of connector. - enum: - - .xmatters - example: .xmatters - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_xmatters' - Connectors_config_properties_bedrock: - title: Connector request properties for an Amazon Bedrock connector - description: Defines properties for connectors when type is `.bedrock`. - type: object - required: - - apiUrl - properties: - apiUrl: - type: string - description: The Amazon Bedrock request URL. - defaultModel: - type: string - description: > - The generative artificial intelligence model for Amazon Bedrock to - use. Current support is for the Anthropic Claude models. - default: anthropic.claude-3-5-sonnet-20240620-v1:0 - Connectors_secrets_properties_bedrock: - title: Connector secrets properties for an Amazon Bedrock connector - description: Defines secrets for connectors when type is `.bedrock`. - type: object - required: - - accessKey - - secret - properties: - accessKey: - type: string - description: The AWS access key for authentication. - secret: - type: string - description: The AWS secret for authentication. - Connectors_config_properties_gemini: - title: Connector request properties for an Google Gemini connector - description: Defines properties for connectors when type is `.gemini`. - type: object - required: - - apiUrl - - gcpRegion - - gcpProjectID - properties: - apiUrl: - type: string - description: The Google Gemini request URL. - defaultModel: - type: string - description: >- - The generative artificial intelligence model for Google Gemini to - use. - default: gemini-1.5-pro-001 - gcpRegion: - type: string - description: The GCP region where the Vertex AI endpoint enabled. - gcpProjectID: - type: string - description: The Google ProjectID that has Vertex AI endpoint enabled. - Connectors_secrets_properties_gemini: - title: Connector secrets properties for a Google Gemini connector - description: Defines secrets for connectors when type is `.gemini`. - type: object - required: - - credentialsJSON - properties: - credentialsJSON: - type: string - description: >- - The service account credentials JSON file. The service account - should have Vertex AI user IAM role assigned to it. - Connectors_config_properties_cases_webhook: - title: Connector request properties for Webhook - Case Management connector - required: - - createIncidentJson - - createIncidentResponseKey - - createIncidentUrl - - getIncidentResponseExternalTitleKey - - getIncidentUrl - - updateIncidentJson - - updateIncidentUrl - - viewIncidentUrl - description: Defines properties for connectors when type is `.cases-webhook`. - type: object - properties: - createCommentJson: - type: string - description: > - A JSON payload sent to the create comment URL to create a case - comment. You can use variables to add Kibana Cases data to the - payload. The required variable is `case.comment`. Due to Mustache - template variables (the text enclosed in triple braces, for example, - `{{{case.title}}}`), the JSON is not validated when you create the - connector. The JSON is validated once the Mustache variables have - been placed when the REST method runs. Manually ensure that the JSON - is valid, disregarding the Mustache variables, so the later - validation will pass. - example: '{"body": {{{case.comment}}}}' - createCommentMethod: - type: string - description: > - The REST API HTTP request method to create a case comment in the - third-party system. Valid values are `patch`, `post`, and `put`. - default: put - enum: - - patch - - post - - put - createCommentUrl: - type: string - description: > - The REST API URL to create a case comment by ID in the third-party - system. You can use a variable to add the external system ID to the - URL. If you are using the `xpack.actions.allowedHosts setting`, add - the hostname to the allowed hosts. - example: https://example.com/issue/{{{external.system.id}}}/comment - createIncidentJson: - type: string - description: > - A JSON payload sent to the create case URL to create a case. You can - use variables to add case data to the payload. Required variables - are `case.title` and `case.description`. Due to Mustache template - variables (which is the text enclosed in triple braces, for example, - `{{{case.title}}}`), the JSON is not validated when you create the - connector. The JSON is validated after the Mustache variables have - been placed when REST method runs. Manually ensure that the JSON is - valid to avoid future validation errors; disregard Mustache - variables during your review. - example: >- - {"fields": {"summary": {{{case.title}}},"description": - {{{case.description}}},"labels": {{{case.tags}}}}} - createIncidentMethod: - type: string - description: > - The REST API HTTP request method to create a case in the third-party - system. Valid values are `patch`, `post`, and `put`. - enum: - - patch - - post - - put - default: post - createIncidentResponseKey: - type: string - description: >- - The JSON key in the create external case response that contains the - case ID. - createIncidentUrl: - type: string - description: > - The REST API URL to create a case in the third-party system. If you - are using the `xpack.actions.allowedHosts` setting, add the hostname - to the allowed hosts. - getIncidentResponseExternalTitleKey: - type: string - description: >- - The JSON key in get external case response that contains the case - title. - getIncidentUrl: - type: string - description: > - The REST API URL to get the case by ID from the third-party system. - If you are using the `xpack.actions.allowedHosts` setting, add the - hostname to the allowed hosts. You can use a variable to add the - external system ID to the URL. Due to Mustache template variables - (the text enclosed in triple braces, for example, - `{{{case.title}}}`), the JSON is not validated when you create the - connector. The JSON is validated after the Mustache variables have - been placed when REST method runs. Manually ensure that the JSON is - valid, disregarding the Mustache variables, so the later validation - will pass. - example: https://example.com/issue/{{{external.system.id}}} - hasAuth: - type: boolean - description: >- - If true, a username and password for login type authentication must - be provided. - default: true - headers: - type: string - description: > - A set of key-value pairs sent as headers with the request URLs for - the create case, update case, get case, and create comment methods. - updateIncidentJson: - type: string - description: > - The JSON payload sent to the update case URL to update the case. You - can use variables to add Kibana Cases data to the payload. Required - variables are `case.title` and `case.description`. Due to Mustache - template variables (which is the text enclosed in triple braces, for - example, `{{{case.title}}}`), the JSON is not validated when you - create the connector. The JSON is validated after the Mustache - variables have been placed when REST method runs. Manually ensure - that the JSON is valid to avoid future validation errors; disregard - Mustache variables during your review. - example: >- - {"fields": {"summary": {{{case.title}}},"description": - {{{case.description}}},"labels": {{{case.tags}}}}} - updateIncidentMethod: - type: string - description: > - The REST API HTTP request method to update the case in the - third-party system. Valid values are `patch`, `post`, and `put`. - default: put - enum: - - patch - - post - - put - updateIncidentUrl: - type: string - description: > - The REST API URL to update the case by ID in the third-party system. - You can use a variable to add the external system ID to the URL. If - you are using the `xpack.actions.allowedHosts` setting, add the - hostname to the allowed hosts. - example: https://example.com/issue/{{{external.system.ID}}} - viewIncidentUrl: - type: string - description: > - The URL to view the case in the external system. You can use - variables to add the external system ID or external system title to - the URL. - example: >- - https://testing-jira.atlassian.net/browse/{{{external.system.title}}} - Connectors_secrets_properties_cases_webhook: - title: Connector secrets properties for Webhook - Case Management connector - type: object - properties: - password: - type: string - description: >- - The password for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. - user: - type: string - description: >- - The username for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. - Connectors_config_properties_d3security: - title: Connector request properties for a D3 Security connector - description: Defines properties for connectors when type is `.d3security`. - type: object - required: - - url - properties: - url: - type: string - description: > - The D3 Security API request URL. If you are using the - `xpack.actions.allowedHosts` setting, add the hostname to the - allowed hosts. - Connectors_secrets_properties_d3security: - title: Connector secrets properties for a D3 Security connector - description: Defines secrets for connectors when type is `.d3security`. - required: - - token - type: object - properties: - token: - type: string - description: The D3 Security token. - Connectors_config_properties_email: - title: Connector request properties for an email connector - description: Defines properties for connectors when type is `.email`. - required: - - from - type: object - properties: - clientId: - description: > - The client identifier, which is a part of OAuth 2.0 client - credentials authentication, in GUID format. If `service` is - `exchange_server`, this property is required. - type: string - nullable: true - from: - description: > - The from address for all emails sent by the connector. It must be - specified in `user@host-name` format. - type: string - hasAuth: - description: > - Specifies whether a user and password are required inside the - secrets configuration. - default: true - type: boolean - host: - description: > - The host name of the service provider. If the `service` is - `elastic_cloud` (for Elastic Cloud notifications) or one of - Nodemailer's well-known email service providers, this property is - ignored. If `service` is `other`, this property must be defined. - type: string - oauthTokenUrl: - type: string - nullable: true - port: - description: > - The port to connect to on the service provider. If the `service` is - `elastic_cloud` (for Elastic Cloud notifications) or one of - Nodemailer's well-known email service providers, this property is - ignored. If `service` is `other`, this property must be defined. - type: integer - secure: - description: > - Specifies whether the connection to the service provider will use - TLS. If the `service` is `elastic_cloud` (for Elastic Cloud - notifications) or one of Nodemailer's well-known email service - providers, this property is ignored. - type: boolean - service: - description: | - The name of the email service. - type: string - enum: - - elastic_cloud - - exchange_server - - gmail - - other - - outlook365 - - ses - tenantId: - description: > - The tenant identifier, which is part of OAuth 2.0 client credentials - authentication, in GUID format. If `service` is `exchange_server`, - this property is required. - type: string - nullable: true - Connectors_secrets_properties_email: - title: Connector secrets properties for an email connector - description: Defines secrets for connectors when type is `.email`. - type: object - properties: - clientSecret: - type: string - description: > - The Microsoft Exchange Client secret for OAuth 2.0 client - credentials authentication. It must be URL-encoded. If `service` is - `exchange_server`, this property is required. - password: - type: string - description: > - The password for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. - user: - type: string - description: > - The username for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. - Connectors_config_properties_genai_azure: - title: >- - Connector request properties for an OpenAI connector that uses Azure - OpenAI - description: > - Defines properties for connectors when type is `.gen-ai` and the API - provider is `Azure OpenAI'. - type: object - required: - - apiProvider - - apiUrl - properties: - apiProvider: - type: string - description: The OpenAI API provider. - enum: - - Azure OpenAI - apiUrl: - type: string - description: The OpenAI API endpoint. - Connectors_config_properties_genai_openai: - title: Connector request properties for an OpenAI connector - description: > - Defines properties for connectors when type is `.gen-ai` and the API - provider is `OpenAI'. - type: object - required: - - apiProvider - - apiUrl - properties: - apiProvider: - type: string - description: The OpenAI API provider. - enum: - - OpenAI - apiUrl: - type: string - description: The OpenAI API endpoint. - defaultModel: - type: string - description: The default model to use for requests. - Connectors_config_properties_genai: - title: Connector request properties for an OpenAI connector - description: Defines properties for connectors when type is `.gen-ai`. - oneOf: - - $ref: '#/components/schemas/Connectors_config_properties_genai_azure' - - $ref: '#/components/schemas/Connectors_config_properties_genai_openai' - discriminator: - propertyName: apiProvider - mapping: - Azure OpenAI: '#/components/schemas/Connectors_config_properties_genai_azure' - OpenAI: '#/components/schemas/Connectors_config_properties_genai_openai' - Connectors_secrets_properties_genai: - title: Connector secrets properties for an OpenAI connector - description: Defines secrets for connectors when type is `.gen-ai`. - type: object - properties: - apiKey: - type: string - description: The OpenAI API key. - Connectors_config_properties_index: - title: Connector request properties for an index connector - required: - - index - description: Defines properties for connectors when type is `.index`. - type: object - properties: - executionTimeField: - description: A field that indicates when the document was indexed. - default: null - type: string - nullable: true - index: - description: The Elasticsearch index to be written to. - type: string - refresh: - description: > - The refresh policy for the write request, which affects when changes - are made visible to search. Refer to the refresh setting for - Elasticsearch document APIs. - default: false - type: boolean - Connectors_config_properties_jira: - title: Connector request properties for a Jira connector - required: - - apiUrl - - projectKey - description: Defines properties for connectors when type is `.jira`. - type: object - properties: - apiUrl: - description: The Jira instance URL. - type: string - projectKey: - description: The Jira project key. - type: string - Connectors_secrets_properties_jira: - title: Connector secrets properties for a Jira connector - required: - - apiToken - - email - description: Defines secrets for connectors when type is `.jira`. - type: object - properties: - apiToken: - description: The Jira API authentication token for HTTP basic authentication. - type: string - email: - description: The account email for HTTP Basic authentication. - type: string - Connectors_config_properties_opsgenie: - title: Connector request properties for an Opsgenie connector - required: - - apiUrl - description: Defines properties for connectors when type is `.opsgenie`. - type: object - properties: - apiUrl: - description: > - The Opsgenie URL. For example, `https://api.opsgenie.com` or - `https://api.eu.opsgenie.com`. If you are using the - `xpack.actions.allowedHosts` setting, add the hostname to the - allowed hosts. - type: string - Connectors_secrets_properties_opsgenie: - title: Connector secrets properties for an Opsgenie connector - required: - - apiKey - description: Defines secrets for connectors when type is `.opsgenie`. - type: object - properties: - apiKey: - description: The Opsgenie API authentication key for HTTP Basic authentication. - type: string - Connectors_config_properties_pagerduty: - title: Connector request properties for a PagerDuty connector - description: Defines properties for connectors when type is `.pagerduty`. - type: object - properties: - apiUrl: - description: The PagerDuty event URL. - type: string - nullable: true - example: https://events.pagerduty.com/v2/enqueue - Connectors_secrets_properties_pagerduty: - title: Connector secrets properties for a PagerDuty connector - description: Defines secrets for connectors when type is `.pagerduty`. - type: object - required: - - routingKey - properties: - routingKey: - description: > - A 32 character PagerDuty Integration Key for an integration on a - service. - type: string - Connectors_config_properties_resilient: - title: Connector request properties for a IBM Resilient connector - required: - - apiUrl - - orgId - description: Defines properties for connectors when type is `.resilient`. - type: object - properties: - apiUrl: - description: The IBM Resilient instance URL. - type: string - orgId: - description: The IBM Resilient organization ID. - type: string - Connectors_secrets_properties_resilient: - title: Connector secrets properties for IBM Resilient connector - required: - - apiKeyId - - apiKeySecret - description: Defines secrets for connectors when type is `.resilient`. - type: object - properties: - apiKeyId: - type: string - description: The authentication key ID for HTTP Basic authentication. - apiKeySecret: - type: string - description: The authentication key secret for HTTP Basic authentication. - Connectors_config_properties_sentinelone: - title: Connector request properties for a SentinelOne connector - required: - - url - description: Defines properties for connectors when type is `.sentinelone`. - type: object - properties: - url: - description: > - The SentinelOne tenant URL. If you are using the - `xpack.actions.allowedHosts` setting, add the hostname to the - allowed hosts. - type: string - Connectors_secrets_properties_sentinelone: - title: Connector secrets properties for a SentinelOne connector - description: Defines secrets for connectors when type is `.sentinelone`. - type: object - required: - - token - properties: - token: - description: The A SentinelOne API token. - type: string - Connectors_config_properties_servicenow: - title: Connector request properties for a ServiceNow ITSM connector - required: - - apiUrl - description: Defines properties for connectors when type is `.servicenow`. - type: object - properties: - apiUrl: - type: string - description: The ServiceNow instance URL. - clientId: - description: > - The client ID assigned to your OAuth application. This property is - required when `isOAuth` is `true`. - type: string - isOAuth: - description: > - The type of authentication to use. The default value is false, which - means basic authentication is used instead of open authorization - (OAuth). - default: false - type: boolean - jwtKeyId: - description: > - The key identifier assigned to the JWT verifier map of your OAuth - application. This property is required when `isOAuth` is `true`. - type: string - userIdentifierValue: - description: > - The identifier to use for OAuth authentication. This identifier - should be the user field you selected when you created an OAuth JWT - API endpoint for external clients in your ServiceNow instance. For - example, if the selected user field is `Email`, the user identifier - should be the user's email address. This property is required when - `isOAuth` is `true`. - type: string - usesTableApi: - description: > - Determines whether the connector uses the Table API or the Import - Set API. This property is supported only for ServiceNow ITSM and - ServiceNow SecOps connectors. NOTE: If this property is set to - `false`, the Elastic application should be installed in ServiceNow. - default: true - type: boolean - Connectors_secrets_properties_servicenow: - title: >- - Connector secrets properties for ServiceNow ITOM, ServiceNow ITSM, and - ServiceNow SecOps connectors - description: >- - Defines secrets for connectors when type is `.servicenow`, - `.servicenow-sir`, or `.servicenow-itom`. - type: object - properties: - clientSecret: - type: string - description: >- - The client secret assigned to your OAuth application. This property - is required when `isOAuth` is `true`. - password: - type: string - description: >- - The password for HTTP basic authentication. This property is - required when `isOAuth` is `false`. - privateKey: - type: string - description: >- - The RSA private key that you created for use in ServiceNow. This - property is required when `isOAuth` is `true`. - privateKeyPassword: - type: string - description: >- - The password for the RSA private key. This property is required when - `isOAuth` is `true` and you set a password on your private key. - username: - type: string - description: >- - The username for HTTP basic authentication. This property is - required when `isOAuth` is `false`. - Connectors_config_properties_servicenow_itom: - title: Connector request properties for a ServiceNow ITSM connector - required: - - apiUrl - description: Defines properties for connectors when type is `.servicenow`. - type: object - properties: - apiUrl: - type: string - description: The ServiceNow instance URL. - clientId: - description: > - The client ID assigned to your OAuth application. This property is - required when `isOAuth` is `true`. - type: string - isOAuth: - description: > - The type of authentication to use. The default value is false, which - means basic authentication is used instead of open authorization - (OAuth). - default: false - type: boolean - jwtKeyId: - description: > - The key identifier assigned to the JWT verifier map of your OAuth - application. This property is required when `isOAuth` is `true`. - type: string - userIdentifierValue: - description: > - The identifier to use for OAuth authentication. This identifier - should be the user field you selected when you created an OAuth JWT - API endpoint for external clients in your ServiceNow instance. For - example, if the selected user field is `Email`, the user identifier - should be the user's email address. This property is required when - `isOAuth` is `true`. - type: string - Connectors_config_properties_slack_api: - title: Connector request properties for a Slack connector - description: Defines properties for connectors when type is `.slack_api`. - type: object - properties: - allowedChannels: - type: array - description: A list of valid Slack channels. - items: - type: object - required: - - id - - name - maxItems: 25 - properties: - id: - type: string - description: The Slack channel ID. - example: C123ABC456 - minLength: 1 - name: - type: string - description: The Slack channel name. - minLength: 1 - Connectors_secrets_properties_slack_api: - title: Connector secrets properties for a Web API Slack connector - description: Defines secrets for connectors when type is `.slack`. - required: - - token - type: object - properties: - token: - type: string - description: Slack bot user OAuth token. - Connectors_secrets_properties_slack_webhook: - title: Connector secrets properties for a Webhook Slack connector - description: Defines secrets for connectors when type is `.slack`. - required: - - webhookUrl - type: object - properties: - webhookUrl: - type: string - description: Slack webhook url. - Connectors_config_properties_swimlane: - title: Connector request properties for a Swimlane connector - required: - - apiUrl - - appId - - connectorType - description: Defines properties for connectors when type is `.swimlane`. - type: object - properties: - apiUrl: - description: The Swimlane instance URL. - type: string - appId: - description: The Swimlane application ID. - type: string - connectorType: - description: >- - The type of connector. Valid values are `all`, `alerts`, and - `cases`. - type: string - enum: - - all - - alerts - - cases - mappings: - title: Connector mappings properties for a Swimlane connector - description: The field mapping. - type: object - properties: - alertIdConfig: - title: Alert identifier mapping - description: Mapping for the alert ID. - type: object - required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - caseIdConfig: - title: Case identifier mapping - description: Mapping for the case ID. - type: object - required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - caseNameConfig: - title: Case name mapping - description: Mapping for the case name. - type: object - required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - commentsConfig: - title: Case comment mapping - description: Mapping for the case comments. - type: object - required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - descriptionConfig: - title: Case description mapping - description: Mapping for the case description. - type: object - required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - ruleNameConfig: - title: Rule name mapping - description: Mapping for the name of the alert's rule. - type: object - required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - severityConfig: - title: Severity mapping - description: Mapping for the severity. - type: object - required: - - fieldType - - id - - key - - name - properties: - fieldType: - type: string - description: The type of field in Swimlane. - id: - type: string - description: The identifier for the field in Swimlane. - key: - type: string - description: The key for the field in Swimlane. - name: - type: string - description: The name of the field in Swimlane. - Connectors_secrets_properties_swimlane: - title: Connector secrets properties for a Swimlane connector - description: Defines secrets for connectors when type is `.swimlane`. - type: object - properties: - apiToken: - description: Swimlane API authentication token. - type: string - Connectors_secrets_properties_teams: - title: Connector secrets properties for a Microsoft Teams connector - description: Defines secrets for connectors when type is `.teams`. - type: object - required: - - webhookUrl - properties: - webhookUrl: - type: string - description: > - The URL of the incoming webhook. If you are using the - `xpack.actions.allowedHosts` setting, add the hostname to the - allowed hosts. - Connectors_config_properties_tines: - title: Connector request properties for a Tines connector - description: Defines properties for connectors when type is `.tines`. - type: object - required: - - url - properties: - url: - description: > - The Tines tenant URL. If you are using the - `xpack.actions.allowedHosts` setting, make sure this hostname is - added to the allowed hosts. - type: string - Connectors_secrets_properties_tines: - title: Connector secrets properties for a Tines connector - description: Defines secrets for connectors when type is `.tines`. - type: object - required: - - email - - token - properties: - email: - description: The email used to sign in to Tines. - type: string - token: - description: The Tines API token. - type: string - Connectors_config_properties_torq: - title: Connector request properties for a Torq connector - description: Defines properties for connectors when type is `.torq`. - type: object - required: - - webhookIntegrationUrl - properties: - webhookIntegrationUrl: - description: The endpoint URL of the Elastic Security integration in Torq. - type: string - Connectors_secrets_properties_torq: - title: Connector secrets properties for a Torq connector - description: Defines secrets for connectors when type is `.torq`. - type: object - required: - - token - properties: - token: - description: The secret of the webhook authentication header. - type: string - Connectors_config_properties_webhook: - title: Connector request properties for a Webhook connector - description: Defines properties for connectors when type is `.webhook`. - type: object - properties: - authType: - type: string - nullable: true - enum: - - webhook-authentication-basic - - webhook-authentication-ssl - description: | - The type of authentication to use: basic, SSL, or none. - ca: - type: string - description: > - A base64 encoded version of the certificate authority file that the - connector can trust to sign and validate certificates. This option - is available for all authentication types. - certType: - type: string - description: > - If the `authType` is `webhook-authentication-ssl`, specifies whether - the certificate authentication data is in a CRT and key file format - or a PFX file format. - enum: - - ssl-crt-key - - ssl-pfx - hasAuth: - type: boolean - description: > - If `true`, a user name and password must be provided for login type - authentication. - headers: - type: object - nullable: true - description: A set of key-value pairs sent as headers with the request. - method: - type: string - default: post - enum: - - post - - put - description: | - The HTTP request method, either `post` or `put`. - url: - type: string - description: > - The request URL. If you are using the `xpack.actions.allowedHosts` - setting, add the hostname to the allowed hosts. - verificationMode: - type: string - enum: - - certificate - - full - - none - default: full - description: > - Controls the verification of certificates. Use `full` to validate - that the certificate has an issue date within the `not_before` and - `not_after` dates, chains to a trusted certificate authority (CA), - and has a hostname or IP address that matches the names within the - certificate. Use `certificate` to validate the certificate and - verify that it is signed by a trusted authority; this option does - not check the certificate hostname. Use `none` to skip certificate - validation. - Connectors_secrets_properties_webhook: - title: Connector secrets properties for a Webhook connector - description: Defines secrets for connectors when type is `.webhook`. - type: object - properties: - crt: - type: string - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT - file. - key: - type: string - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-crt-key`, it is a base64 encoded version of the KEY file. - pfx: - type: string - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. - password: - type: string - description: > - The password for HTTP basic authentication or the passphrase for the - SSL certificate files. If `hasAuth` is set to `true` and `authType` - is `webhook-authentication-basic`, this property is required. - user: - type: string - description: > - The username for HTTP basic authentication. If `hasAuth` is set to - `true` and `authType` is `webhook-authentication-basic`, this - property is required. - Connectors_config_properties_xmatters: - title: Connector request properties for an xMatters connector - description: Defines properties for connectors when type is `.xmatters`. - type: object - properties: - configUrl: - description: > - The request URL for the Elastic Alerts trigger in xMatters. It is - applicable only when `usesBasic` is `true`. - type: string - nullable: true - usesBasic: - description: >- - Specifies whether the connector uses HTTP basic authentication - (`true`) or URL authentication (`false`). - type: boolean - default: true - Connectors_secrets_properties_xmatters: - title: Connector secrets properties for an xMatters connector - description: Defines secrets for connectors when type is `.xmatters`. - type: object - properties: - password: - description: > - A user name for HTTP basic authentication. It is applicable only - when `usesBasic` is `true`. - type: string - secretsUrl: - description: > - The request URL for the Elastic Alerts trigger in xMatters with the - API key included in the URL. It is applicable only when `usesBasic` - is `false`. - type: string - user: - description: > - A password for HTTP basic authentication. It is applicable only when - `usesBasic` is `true`. - type: string - Connectors_create_connector_request: - title: Create connector request body properties - description: The properties vary depending on the connector type. - oneOf: - - $ref: '#/components/schemas/Connectors_create_connector_request_bedrock' - - $ref: '#/components/schemas/Connectors_create_connector_request_gemini' - - $ref: >- - #/components/schemas/Connectors_create_connector_request_cases_webhook - - $ref: '#/components/schemas/Connectors_create_connector_request_d3security' - - $ref: '#/components/schemas/Connectors_create_connector_request_email' - - $ref: '#/components/schemas/Connectors_create_connector_request_genai' - - $ref: '#/components/schemas/Connectors_create_connector_request_index' - - $ref: '#/components/schemas/Connectors_create_connector_request_jira' - - $ref: '#/components/schemas/Connectors_create_connector_request_opsgenie' - - $ref: '#/components/schemas/Connectors_create_connector_request_pagerduty' - - $ref: '#/components/schemas/Connectors_create_connector_request_resilient' - - $ref: '#/components/schemas/Connectors_create_connector_request_sentinelone' - - $ref: '#/components/schemas/Connectors_create_connector_request_serverlog' - - $ref: '#/components/schemas/Connectors_create_connector_request_servicenow' - - $ref: >- - #/components/schemas/Connectors_create_connector_request_servicenow_itom - - $ref: >- - #/components/schemas/Connectors_create_connector_request_servicenow_sir - - $ref: '#/components/schemas/Connectors_create_connector_request_slack_api' - - $ref: >- - #/components/schemas/Connectors_create_connector_request_slack_webhook - - $ref: '#/components/schemas/Connectors_create_connector_request_swimlane' - - $ref: '#/components/schemas/Connectors_create_connector_request_teams' - - $ref: '#/components/schemas/Connectors_create_connector_request_tines' - - $ref: '#/components/schemas/Connectors_create_connector_request_torq' - - $ref: '#/components/schemas/Connectors_create_connector_request_webhook' - - $ref: '#/components/schemas/Connectors_create_connector_request_xmatters' - discriminator: - propertyName: connector_type_id - mapping: - .bedrock: '#/components/schemas/Connectors_create_connector_request_bedrock' - .gemini: '#/components/schemas/Connectors_create_connector_request_gemini' - .cases-webhook: >- - #/components/schemas/Connectors_create_connector_request_cases_webhook - .d3security: '#/components/schemas/Connectors_create_connector_request_d3security' - .email: '#/components/schemas/Connectors_create_connector_request_email' - .gen-ai: '#/components/schemas/Connectors_create_connector_request_genai' - .index: '#/components/schemas/Connectors_create_connector_request_index' - .jira: '#/components/schemas/Connectors_create_connector_request_jira' - .opsgenie: '#/components/schemas/Connectors_create_connector_request_opsgenie' - .pagerduty: '#/components/schemas/Connectors_create_connector_request_pagerduty' - .resilient: '#/components/schemas/Connectors_create_connector_request_resilient' - .sentinelone: '#/components/schemas/Connectors_create_connector_request_sentinelone' - .server-log: '#/components/schemas/Connectors_create_connector_request_serverlog' - .servicenow: '#/components/schemas/Connectors_create_connector_request_servicenow' - .servicenow-itom: >- - #/components/schemas/Connectors_create_connector_request_servicenow_itom - .servicenow-sir: >- - #/components/schemas/Connectors_create_connector_request_servicenow_sir - .slack_api: '#/components/schemas/Connectors_create_connector_request_slack_api' - .slack: >- - #/components/schemas/Connectors_create_connector_request_slack_webhook - .swimlane: '#/components/schemas/Connectors_create_connector_request_swimlane' - .teams: '#/components/schemas/Connectors_create_connector_request_teams' - .tines: '#/components/schemas/Connectors_create_connector_request_tines' - .torq: '#/components/schemas/Connectors_create_connector_request_torq' - .webhook: '#/components/schemas/Connectors_create_connector_request_webhook' - .xmatters: '#/components/schemas/Connectors_create_connector_request_xmatters' - Connectors_connector_response_properties_bedrock: - title: Connector response properties for an Amazon Bedrock connector - type: object - required: - - config - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_bedrock' - connector_type_id: - type: string - description: The type of connector. - enum: - - .bedrock - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - Connectors_connector_response_properties_gemini: - title: Connector response properties for a Google Gemini connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_gemini' - connector_type_id: - type: string - description: The type of connector. - enum: - - .gemini - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_cases_webhook: - title: Connector request properties for a Webhook - Case Management connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' - connector_type_id: - description: The type of connector. - type: string - enum: - - .cases-webhook - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_d3security: - title: Connector response properties for a D3 Security connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_d3security' - connector_type_id: - type: string - description: The type of connector. - enum: - - .d3security - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_email: - title: Connector response properties for an email connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_email' - connector_type_id: - type: string - description: The type of connector. - enum: - - .email - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_genai: - title: Connector response properties for an OpenAI connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_genai' - connector_type_id: - type: string - description: The type of connector. - enum: - - .gen-ai - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_index: - title: Connector response properties for an index connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_index' - connector_type_id: - type: string - description: The type of connector. - enum: - - .index - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_jira: - title: Connector response properties for a Jira connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_jira' - connector_type_id: - type: string - description: The type of connector. - enum: - - .jira - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_opsgenie: - title: Connector response properties for an Opsgenie connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_opsgenie' - connector_type_id: - type: string - description: The type of connector. - enum: - - .opsgenie - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_pagerduty: - title: Connector response properties for a PagerDuty connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_pagerduty' - connector_type_id: - type: string - description: The type of connector. - enum: - - .pagerduty - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_resilient: - title: Connector response properties for a IBM Resilient connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_resilient' - connector_type_id: - type: string - description: The type of connector. - enum: - - .resilient - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_sentinelone: - title: Connector response properties for a SentinelOne connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_sentinelone' - connector_type_id: - type: string - description: The type of connector. - enum: - - .sentinelone - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_serverlog: - title: Connector response properties for a server log connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - type: object - nullable: true - connector_type_id: - type: string - description: The type of connector. - enum: - - .server-log - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_servicenow: - title: Connector response properties for a ServiceNow ITSM connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_servicenow_itom: - title: Connector response properties for a ServiceNow ITOM connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow-itom - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_servicenow_sir: - title: Connector response properties for a ServiceNow SecOps connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - connector_type_id: - type: string - description: The type of connector. - enum: - - .servicenow-sir - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_slack_api: - title: Connector response properties for a Slack connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_slack_api' - connector_type_id: - type: string - description: The type of connector. - enum: - - .slack_api - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_slack_webhook: - title: Connector response properties for a Slack connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - connector_type_id: - type: string - description: The type of connector. - enum: - - .slack - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_swimlane: - title: Connector response properties for a Swimlane connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_swimlane' - connector_type_id: - type: string - description: The type of connector. - enum: - - .swimlane - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_teams: - title: Connector response properties for a Microsoft Teams connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - type: object - connector_type_id: - type: string - description: The type of connector. - enum: - - .teams - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_tines: - title: Connector response properties for a Tines connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_tines' - connector_type_id: - type: string - description: The type of connector. - enum: - - .tines - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_torq: - title: Connector response properties for a Torq connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_torq' - connector_type_id: - type: string - description: The type of connector. - enum: - - .torq - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_webhook: - title: Connector response properties for a Webhook connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_webhook' - connector_type_id: - type: string - description: The type of connector. - enum: - - .webhook - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_connector_response_properties_xmatters: - title: Connector response properties for an xMatters connector - type: object - required: - - connector_type_id - - id - - is_deprecated - - is_preconfigured - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_xmatters' - connector_type_id: - type: string - description: The type of connector. - enum: - - .xmatters - id: - type: string - description: The identifier for the connector. - is_deprecated: - $ref: '#/components/schemas/Connectors_is_deprecated' - is_missing_secrets: - $ref: '#/components/schemas/Connectors_is_missing_secrets' - is_preconfigured: - $ref: '#/components/schemas/Connectors_is_preconfigured' - is_system_action: - $ref: '#/components/schemas/Connectors_is_system_action' - name: - type: string - description: The display name for the connector. - referenced_by_count: - $ref: '#/components/schemas/Connectors_referenced_by_count' - Connectors_is_deprecated: - type: boolean - description: Indicates whether the connector type is deprecated. - example: false - Connectors_is_missing_secrets: - type: boolean - description: >- - Indicates whether secrets are missing for the connector. Secrets - configuration properties vary depending on the connector type. - example: false - Connectors_is_preconfigured: - type: boolean - description: > - Indicates whether it is a preconfigured connector. If true, the `config` - and `is_missing_secrets` properties are omitted from the response. - example: false - Connectors_is_system_action: - type: boolean - description: Indicates whether the connector is used for system actions. - example: false - Connectors_referenced_by_count: - type: integer - description: > - Indicates the number of saved objects that reference the connector. If - `is_preconfigured` is true, this value is not calculated. This property - is returned only by the get all connectors API. - example: 2 - Connectors_connector_response_properties: - title: Connector response properties - description: The properties vary depending on the connector type. - oneOf: - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_bedrock - - $ref: '#/components/schemas/Connectors_connector_response_properties_gemini' - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_cases_webhook - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_d3security - - $ref: '#/components/schemas/Connectors_connector_response_properties_email' - - $ref: '#/components/schemas/Connectors_connector_response_properties_genai' - - $ref: '#/components/schemas/Connectors_connector_response_properties_index' - - $ref: '#/components/schemas/Connectors_connector_response_properties_jira' - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_opsgenie - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_pagerduty - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_resilient - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_sentinelone - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_serverlog - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_servicenow - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_servicenow_itom - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_servicenow_sir - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_slack_api - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_slack_webhook - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_swimlane - - $ref: '#/components/schemas/Connectors_connector_response_properties_teams' - - $ref: '#/components/schemas/Connectors_connector_response_properties_tines' - - $ref: '#/components/schemas/Connectors_connector_response_properties_torq' - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_webhook - - $ref: >- - #/components/schemas/Connectors_connector_response_properties_xmatters - discriminator: - propertyName: connector_type_id - mapping: - .bedrock: >- - #/components/schemas/Connectors_connector_response_properties_bedrock - .gemini: '#/components/schemas/Connectors_connector_response_properties_gemini' - .cases-webhook: >- - #/components/schemas/Connectors_connector_response_properties_cases_webhook - .d3security: >- - #/components/schemas/Connectors_connector_response_properties_d3security - .email: '#/components/schemas/Connectors_connector_response_properties_email' - .gen-ai: '#/components/schemas/Connectors_connector_response_properties_genai' - .index: '#/components/schemas/Connectors_connector_response_properties_index' - .jira: '#/components/schemas/Connectors_connector_response_properties_jira' - .opsgenie: >- - #/components/schemas/Connectors_connector_response_properties_opsgenie - .pagerduty: >- - #/components/schemas/Connectors_connector_response_properties_pagerduty - .resilient: >- - #/components/schemas/Connectors_connector_response_properties_resilient - .sentinelone: >- - #/components/schemas/Connectors_connector_response_properties_sentinelone - .server-log: >- - #/components/schemas/Connectors_connector_response_properties_serverlog - .servicenow: >- - #/components/schemas/Connectors_connector_response_properties_servicenow - .servicenow-itom: >- - #/components/schemas/Connectors_connector_response_properties_servicenow_itom - .servicenow-sir: >- - #/components/schemas/Connectors_connector_response_properties_servicenow_sir - .slack_api: >- - #/components/schemas/Connectors_connector_response_properties_slack_api - .slack: >- - #/components/schemas/Connectors_connector_response_properties_slack_webhook - .swimlane: >- - #/components/schemas/Connectors_connector_response_properties_swimlane - .teams: '#/components/schemas/Connectors_connector_response_properties_teams' - .tines: '#/components/schemas/Connectors_connector_response_properties_tines' - .torq: '#/components/schemas/Connectors_connector_response_properties_torq' - .webhook: >- - #/components/schemas/Connectors_connector_response_properties_webhook - .xmatters: >- - #/components/schemas/Connectors_connector_response_properties_xmatters - Connectors_update_connector_request_bedrock: - title: Update Amazon Bedrock connector request - type: object - required: - - config - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_bedrock' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_bedrock' - Connectors_update_connector_request_gemini: - title: Update Google Gemini connector request - type: object - required: - - config - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_gemini' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_gemini' - Connectors_update_connector_request_cases_webhook: - title: Update Webhook - Case Managment connector request - type: object - required: - - config - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_cases_webhook' - Connectors_update_connector_request_d3security: - title: Update D3 Security connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_d3security' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_d3security' - Connectors_update_connector_request_email: - title: Update email connector request - type: object - required: - - config - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_email' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_email' - Connectors_update_connector_request_index: - title: Update index connector request - type: object - required: - - config - - name - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_index' - name: - type: string - description: The display name for the connector. - Connectors_update_connector_request_jira: - title: Update Jira connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_jira' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_jira' - Connectors_update_connector_request_opsgenie: - title: Update Opsgenie connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_opsgenie' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_opsgenie' - Connectors_update_connector_request_pagerduty: - title: Update PagerDuty connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_pagerduty' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_pagerduty' - Connectors_update_connector_request_resilient: - title: Update IBM Resilient connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_resilient' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_resilient' - Connectors_update_connector_request_sentinelone: - title: Update SentinelOne connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_sentinelone' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_sentinelone' - Connectors_update_connector_request_serverlog: - title: Update server log connector request - type: object - required: - - name - properties: - name: - type: string - description: The display name for the connector. - Connectors_update_connector_request_servicenow: - title: Update ServiceNow ITSM connector or ServiceNow SecOps request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_update_connector_request_servicenow_itom: - title: Create ServiceNow ITOM connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' - Connectors_update_connector_request_slack_api: - title: Update Slack connector request - type: object - required: - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_slack_api' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_slack_api' - Connectors_update_connector_request_slack_webhook: - title: Update Slack connector request - type: object - required: - - name - - secrets - properties: - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_slack_webhook' - Connectors_update_connector_request_swimlane: - title: Update Swimlane connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_swimlane' - name: - type: string - description: The display name for the connector. - example: my-connector - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_swimlane' - Connectors_update_connector_request_teams: - title: Update Microsoft Teams connector request - type: object - required: - - name - - secrets - properties: - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_teams' - Connectors_update_connector_request_tines: - title: Update Tines connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_tines' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_tines' - Connectors_update_connector_request_torq: - title: Update Torq connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_torq' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_torq' - Connectors_update_connector_request_webhook: - title: Update Webhook connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_webhook' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_webhook' - Connectors_update_connector_request_xmatters: - title: Update xMatters connector request - type: object - required: - - config - - name - - secrets - properties: - config: - $ref: '#/components/schemas/Connectors_config_properties_xmatters' - name: - type: string - description: The display name for the connector. - secrets: - $ref: '#/components/schemas/Connectors_secrets_properties_xmatters' - Connectors_update_connector_request: - title: Update connector request body properties - description: The properties vary depending on the connector type. - oneOf: - - $ref: '#/components/schemas/Connectors_update_connector_request_bedrock' - - $ref: '#/components/schemas/Connectors_update_connector_request_gemini' - - $ref: >- - #/components/schemas/Connectors_update_connector_request_cases_webhook - - $ref: '#/components/schemas/Connectors_update_connector_request_d3security' - - $ref: '#/components/schemas/Connectors_update_connector_request_email' - - $ref: '#/components/schemas/Connectors_create_connector_request_genai' - - $ref: '#/components/schemas/Connectors_update_connector_request_index' - - $ref: '#/components/schemas/Connectors_update_connector_request_jira' - - $ref: '#/components/schemas/Connectors_update_connector_request_opsgenie' - - $ref: '#/components/schemas/Connectors_update_connector_request_pagerduty' - - $ref: '#/components/schemas/Connectors_update_connector_request_resilient' - - $ref: '#/components/schemas/Connectors_update_connector_request_sentinelone' - - $ref: '#/components/schemas/Connectors_update_connector_request_serverlog' - - $ref: '#/components/schemas/Connectors_update_connector_request_servicenow' - - $ref: >- - #/components/schemas/Connectors_update_connector_request_servicenow_itom - - $ref: '#/components/schemas/Connectors_update_connector_request_slack_api' - - $ref: >- - #/components/schemas/Connectors_update_connector_request_slack_webhook - - $ref: '#/components/schemas/Connectors_update_connector_request_swimlane' - - $ref: '#/components/schemas/Connectors_update_connector_request_teams' - - $ref: '#/components/schemas/Connectors_update_connector_request_tines' - - $ref: '#/components/schemas/Connectors_update_connector_request_torq' - - $ref: '#/components/schemas/Connectors_update_connector_request_webhook' - - $ref: '#/components/schemas/Connectors_update_connector_request_xmatters' - Connectors_run_connector_params_acknowledge_resolve_pagerduty: - title: PagerDuty connector parameters - description: Test an action that acknowledges or resolves a PagerDuty alert. - type: object - required: - - dedupKey - - eventAction - properties: - dedupKey: - description: The deduplication key for the PagerDuty alert. - type: string - maxLength: 255 - eventAction: - description: The type of event. - type: string - enum: - - acknowledge - - resolve - Connectors_run_connector_params_documents: - title: Index connector parameters - description: Test an action that indexes a document into Elasticsearch. - type: object - required: - - documents - properties: - documents: - type: array - description: The documents in JSON format for index connectors. - items: - type: object - additionalProperties: true - Connectors_run_connector_params_message_email: - title: Email connector parameters - description: > - Test an action that sends an email message. There must be at least one - recipient in `to`, `cc`, or `bcc`. - type: object - anyOf: - - required: - - bcc - - message - - subject - - required: - - cc - - message - - subject - - required: - - to - - message - - subject - properties: - bcc: - type: array - items: + operationId: EndpointUnisolateRedirect + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + '308': + description: Permanent Redirect + headers: + Location: + description: Permanently redirects to "/api/endpoint/action/unisolate" + schema: + example: /api/endpoint/action/unisolate + type: string + summary: Permanently redirects to a new location + tags: + - Security Solution Endpoint Management API + /api/exception_lists: + delete: + operationId: DeleteExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Deletes an exception list + tags: + - Security Solution Exceptions API + get: + operationId: ReadExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Retrieves an exception list using its `id` or `list_id` field + tags: + - Security Solution Exceptions API + post: + operationId: CreateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + default: 1 + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Creates an exception list + tags: + - Security Solution Exceptions API + put: + operationId: UpdateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Updates an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_duplicate: + post: + operationId: DuplicateExceptionList + parameters: + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' type: string - description: > - A list of "blind carbon copy" email addresses. Addresses can be - specified in `user@host-name` format or in name `` - format - cc: - type: array - items: + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list to duplicate not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Duplicates an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_export: + post: + description: Exports an exception list and its associated items to an .ndjson file + operationId: ExportExceptionList + parameters: + - description: Exception list's identifier + in: query + name: id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' type: string - description: > - A list of "carbon copy" email addresses. Addresses can be specified - in `user@host-name` format or in name `` format - message: - type: string - description: The email message text. Markdown format is supported. - subject: - type: string - description: The subject line of the email. - to: - type: array - description: > - A list of email addresses. Addresses can be specified in - `user@host-name` format or in name `` format. - items: + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: >- + A `.ndjson` file containing specified exception list and its + items + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Exports an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_find: + get: + operationId: FindExceptionLists + parameters: + - description: > + Filters the returned results according to the value of the specified + field. + + + Uses the `so type.field name:field` value syntax, where `so type` + can be: + + + - `exception-list`: Specify a space-aware exception list. + + - `exception-list-agnostic`: Specify an exception list that is + shared across spaces. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListsFilter + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of exception lists to return per page + in: query + name: per_page + required: false + schema: + minimum: 1 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + type: string + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Finds exception lists + tags: + - Security Solution Exceptions API + /api/exception_lists/_import: + post: + description: Imports an exception list and associated items + operationId: ImportExceptionList + parameters: + - description: > + Determines whether existing exception lists with the same `list_id` + are overwritten. + + If any exception items have the same `item_id`, those are also + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: > + Determines whether the list being imported will have a new `list_id` + generated. + + Additional `item_id`'s are generated for each exception item. Both + the exception + + list and its items are overwritten. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: A `.ndjson` file containing the exception list + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + errors: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray + success: + type: boolean + success_count: + minimum: 0 + type: integer + success_count_exception_list_items: + minimum: 0 + type: integer + success_count_exception_lists: + minimum: 0 + type: integer + success_exception_list_items: + type: boolean + success_exception_lists: + type: boolean + required: + - errors + - success + - success_count + - success_exception_lists + - success_count_exception_lists + - success_exception_list_items + - success_count_exception_list_items + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Imports an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/items: + delete: + operationId: DeleteExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Deletes an exception list item + tags: + - Security Solution Exceptions API + get: + operationId: ReadExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Gets an exception list item + tags: + - Security Solution Exceptions API + post: + operationId: CreateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - list_id + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Creates an exception list item + tags: + - Security Solution Exceptions API + put: + operationId: UpdateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Updates an exception list item + tags: + - Security Solution Exceptions API + /api/exception_lists/items/_find: + get: + operationId: FindExceptionListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + type: array + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + default: [] + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListItemsFilter + type: array + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - in: query + name: search + required: false + schema: type: string - Connectors_run_connector_params_message_serverlog: - title: Server log connector parameters - description: Test an action that writes an entry to the Kibana server log. - type: object - required: - - message - properties: - level: - type: string - description: The log level of the message for server log connectors. - enum: - - debug - - error - - fatal - - info - - trace - - warn - default: info - message: - type: string - description: The message for server log connectors. - Connectors_run_connector_params_message_slack: - title: Slack connector parameters - description: > - Test an action that sends a message to Slack. It is applicable only when - the connector type is `.slack`. - type: object - required: - - message - properties: - message: - type: string - description: >- - The Slack message text, which cannot contain Markdown, images, or - other advanced formatting. - Connectors_run_connector_params_trigger_pagerduty: - title: PagerDuty connector parameters - description: Test an action that triggers a PagerDuty alert. - type: object - required: - - eventAction - properties: - class: - description: The class or type of the event. - type: string - example: cpu load - component: - description: >- - The component of the source machine that is responsible for the - event. - type: string - example: eth0 - customDetails: - description: Additional details to add to the event. - type: object - dedupKey: - description: > - All actions sharing this key will be associated with the same - PagerDuty alert. This value is used to correlate trigger and - resolution. - type: string - maxLength: 255 - eventAction: - description: The type of event. - type: string - enum: - - trigger - group: - description: The logical grouping of components of a service. - type: string - example: app-stack - links: - description: A list of links to add to the event. - type: array - items: - type: object - properties: - href: - description: The URL for the link. - type: string - text: - description: A plain text description of the purpose of the link. - type: string - severity: - description: The severity of the event on the affected system. - type: string - enum: - - critical - - error - - info - - warning - default: info - source: - description: > - The affected system, such as a hostname or fully qualified domain - name. Defaults to the Kibana saved object id of the action. - type: string - summary: - description: A summery of the event. - type: string - maxLength: 1024 - timestamp: - description: >- - An ISO-8601 timestamp that indicates when the event was detected or - generated. - type: string - format: date-time - Connectors_run_connector_subaction_addevent: - title: The addEvent subaction - type: object - required: - - subAction - description: The `addEvent` subaction for ServiceNow ITOM connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - addEvent - subActionParams: - type: object - description: The set of configuration properties for the action. - properties: - additional_info: - type: string - description: Additional information about the event. - description: - type: string - description: The details about the event. - event_class: - type: string - description: A specific instance of the source. - message_key: - type: string - description: >- - All actions sharing this key are associated with the same - ServiceNow alert. The default value is `:`. - metric_name: - type: string - description: The name of the metric. - node: - type: string - description: The host that the event was triggered for. - resource: - type: string - description: The name of the resource. - severity: - type: string - description: The severity of the event. - source: - type: string - description: The name of the event source type. - time_of_event: - type: string - description: The time of the event. - type: - type: string - description: The type of event. - Connectors_run_connector_subaction_closealert: - title: The closeAlert subaction - type: object - required: - - subAction - - subActionParams - description: The `closeAlert` subaction for Opsgenie connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - closeAlert - subActionParams: - type: object - required: - - alias - properties: - alias: - type: string - description: >- - The unique identifier used for alert deduplication in Opsgenie. - The alias must match the value used when creating the alert. - note: - type: string - description: Additional information for the alert. - source: - type: string - description: The display name for the source of the alert. - user: - type: string - description: The display name for the owner. - Connectors_run_connector_subaction_closeincident: - title: The closeIncident subaction - type: object - required: - - subAction - - subActionParams - description: The `closeIncident` subaction for ServiceNow ITSM connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - closeIncident - subActionParams: - type: object - required: - - incident - properties: - incident: + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Finds exception list items + tags: + - Security Solution Exceptions API + /api/exception_lists/summary: + get: + operationId: ReadExceptionListSummary + parameters: + - description: Exception list's identifier generated upon creation + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human readable identifier + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + - description: Search filter clause + in: query + name: filter + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + linux: + minimum: 0 + type: integer + macos: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + windows: + minimum: 0 + type: integer + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Retrieves an exception list summary + tags: + - Security Solution Exceptions API + /api/exceptions/shared: + post: + operationId: CreateSharedExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + required: + - name + - description + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Creates a shared exception list + tags: + - Security Solution Exceptions API + /api/lists: + delete: + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Deletes a list + tags: + - Security Solution Lists API + get: + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Retrieves a list using its id field + tags: + - Security Solution Lists API + patch: + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patches a list + tags: + - Security Solution Lists API + post: + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - anyOf: - - required: - - correlation_id - - required: - - externalId properties: - correlation_id: + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + deserializer: type: string - nullable: true - description: > - An identifier that is assigned to the incident when it is - created by the connector. NOTE: If you use the default value - and the rule generates multiple alerts that use the same - alert IDs, the latest open incident for this correlation ID - is closed unless you specify the external ID. - maxLength: 100 - default: '{{rule.id}}:{{alert.id}}' - externalId: + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: type: string - nullable: true - description: >- - The unique identifier (`incidentId`) for the incident in - ServiceNow. - Connectors_run_connector_subaction_createalert: - title: The createAlert subaction - type: object - required: - - subAction - - subActionParams - description: The `createAlert` subaction for Opsgenie connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - createAlert - subActionParams: - type: object - required: - - message - properties: - actions: - type: array - description: The custom actions available to the alert. - items: - type: string - alias: - type: string - description: The unique identifier used for alert deduplication in Opsgenie. - description: - type: string - description: >- - A description that provides detailed information about the - alert. - details: + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Creates a list + tags: + - Security Solution Lists API + put: + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - description: The custom properties of the alert. - additionalProperties: true - example: - key1: value1 - key2: value2 - entity: - type: string - description: >- - The domain of the alert. For example, the application or server - name. - message: - type: string - description: The alert message. - note: - type: string - description: Additional information for the alert. - priority: - type: string - description: The priority level for the alert. - enum: - - P1 - - P2 - - P3 - - P4 - - P5 - responders: - type: array - description: > - The entities to receive notifications about the alert. If `type` - is `user`, either `id` or `username` is required. If `type` is - `team`, either `id` or `name` is required. - items: - type: object - properties: - id: - type: string - description: The identifier for the entity. - name: - type: string - description: The name of the entity. - type: - type: string - description: The type of responders, in this case `escalation`. - enum: - - escalation - - schedule - - team - - user - username: - type: string - description: A valid email address for the user. - source: - type: string - description: The display name for the source of the alert. - tags: - type: array - description: The tags for the alert. - items: - type: string - user: - type: string - description: The display name for the owner. - visibleTo: - type: array - description: >- - The teams and users that the alert will be visible to without - sending a notification. Only one of `id`, `name`, or `username` - is required. - items: + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Updates a list + tags: + - Security Solution Lists API + /api/lists/_find: + get: + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListsCursor + data: + items: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer required: - - type + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Finds lists + tags: + - Security Solution Lists API + /api/lists/index: + delete: + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object properties: - id: - type: string - description: The identifier for the entity. - name: - type: string - description: The name of the entity. - type: - type: string - description: Valid values are `team` and `user`. - enum: - - team - - user - username: - type: string - description: >- - The user name. This property is required only when the - `type` is `user`. - Connectors_run_connector_subaction_fieldsbyissuetype: - title: The fieldsByIssueType subaction - type: object - required: - - subAction - - subActionParams - description: The `fieldsByIssueType` subaction for Jira connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - fieldsByIssueType - subActionParams: - type: object - required: - - id - properties: - id: - type: string - description: The Jira issue type identifier. - example: 10024 - Connectors_run_connector_subaction_getchoices: - title: The getChoices subaction - type: object - required: - - subAction - - subActionParams - description: >- - The `getChoices` subaction for ServiceNow ITOM, ServiceNow ITSM, and - ServiceNow SecOps connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - getChoices - subActionParams: - type: object - description: The set of configuration properties for the action. - required: - - fields - properties: - fields: - type: array - description: An array of fields. - items: - type: string - Connectors_run_connector_subaction_getfields: - title: The getFields subaction - type: object - required: - - subAction - description: >- - The `getFields` subaction for Jira, ServiceNow ITSM, and ServiceNow - SecOps connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - getFields - Connectors_run_connector_subaction_getincident: - title: The getIncident subaction - type: object - description: >- - The `getIncident` subaction for Jira, ServiceNow ITSM, and ServiceNow - SecOps connectors. - required: - - subAction - - subActionParams - properties: - subAction: - type: string - description: The action to test. - enum: - - getIncident - subActionParams: - type: object - required: - - externalId - properties: - externalId: - type: string - description: >- - The Jira, ServiceNow ITSM, or ServiceNow SecOps issue - identifier. - example: 71778 - Connectors_run_connector_subaction_issue: - title: The issue subaction - type: object - required: - - subAction - description: The `issue` subaction for Jira connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - issue - subActionParams: - type: object - required: - - id - properties: - id: - type: string - description: The Jira issue identifier. - example: 71778 - Connectors_run_connector_subaction_issues: - title: The issues subaction - type: object - required: - - subAction - - subActionParams - description: The `issues` subaction for Jira connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - issues - subActionParams: - type: object - required: - - title - properties: - title: - type: string - description: The title of the Jira issue. - Connectors_run_connector_subaction_issuetypes: - title: The issueTypes subaction - type: object - required: - - subAction - description: The `issueTypes` subaction for Jira connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - issueTypes - Connectors_run_connector_subaction_pushtoservice: - title: The pushToService subaction - type: object - required: - - subAction - - subActionParams - description: >- - The `pushToService` subaction for Jira, ServiceNow ITSM, ServiceNow - SecOps, Swimlane, and Webhook - Case Management connectors. - properties: - subAction: - type: string - description: The action to test. - enum: - - pushToService - subActionParams: - type: object - description: The set of configuration properties for the action. - properties: - comments: - type: array - description: >- - Additional information that is sent to Jira, ServiceNow ITSM, - ServiceNow SecOps, or Swimlane. - items: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Deletes list data streams + tags: + - Security Solution Lists API + get: + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object properties: - comment: - type: string - description: >- - A comment related to the incident. For example, describe - how to troubleshoot the issue. - commentId: - type: integer - description: A unique identifier for the comment. - incident: - type: object - description: >- - Information necessary to create or update a Jira, ServiceNow - ITSM, ServiveNow SecOps, or Swimlane incident. - properties: - alertId: - type: string - description: The alert identifier for Swimlane connectors. - caseId: - type: string - description: >- - The case identifier for the incident for Swimlane - connectors. - caseName: - type: string - description: The case name for the incident for Swimlane connectors. - category: - type: string - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - correlation_display: - type: string - description: >- - A descriptive label of the alert for correlation purposes - for ServiceNow ITSM and ServiceNow SecOps connectors. - correlation_id: - type: string - description: > - The correlation identifier for the security incident for - ServiceNow ITSM and ServiveNow SecOps connectors. Connectors - using the same correlation ID are associated with the same - ServiceNow incident. This value determines whether a new - ServiceNow incident is created or an existing one is - updated. Modifying this value is optional; if not modified, - the rule ID and alert ID are combined as `{{ruleID}}:{{alert - ID}}` to form the correlation ID value in ServiceNow. The - maximum character length for this value is 100 characters. - NOTE: Using the default configuration of `{{ruleID}}:{{alert - ID}}` ensures that ServiceNow creates a separate incident - record for every generated alert that uses a unique alert - ID. If the rule generates multiple alerts that use the same - alert IDs, ServiceNow creates and continually updates a - single incident record for the alert. - description: - type: string - description: >- - The description of the incident for Jira, ServiceNow ITSM, - ServiceNow SecOps, Swimlane, and Webhook - Case Management - connectors. - dest_ip: - description: > - A list of destination IP addresses related to the security - incident for ServiceNow SecOps connectors. The IPs are added - as observables to the security incident. - oneOf: - - type: string - - type: array - items: - type: string - externalId: - type: string - description: > - The Jira, ServiceNow ITSM, or ServiceNow SecOps issue - identifier. If present, the incident is updated. Otherwise, - a new incident is created. - id: - type: string - description: >- - The external case identifier for Webhook - Case Management - connectors. - impact: - type: string - description: The impact of the incident for ServiceNow ITSM connectors. - issueType: - type: integer - description: >- - The type of incident for Jira connectors. For example, - 10006. To obtain the list of valid values, set `subAction` - to `issueTypes`. - labels: - type: array - items: - type: string - description: > - The labels for the incident for Jira connectors. NOTE: - Labels cannot contain spaces. - malware_hash: - description: >- - A list of malware hashes related to the security incident - for ServiceNow SecOps connectors. The hashes are added as - observables to the security incident. - oneOf: - - type: string - - type: array - items: - type: string - malware_url: - type: string - description: >- - A list of malware URLs related to the security incident for - ServiceNow SecOps connectors. The URLs are added as - observables to the security incident. - oneOf: - - type: string - - type: array - items: - type: string - otherFields: - type: object - additionalProperties: true - maxProperties: 20 - description: > - Custom field identifiers and their values for Jira - connectors. - parent: - type: string - description: >- - The ID or key of the parent issue for Jira connectors. - Applies only to `Sub-task` types of issues. - priority: - type: string - description: >- - The priority of the incident in Jira and ServiceNow SecOps - connectors. - ruleName: - type: string - description: The rule name for Swimlane connectors. - severity: - type: string - description: >- - The severity of the incident for ServiceNow ITSM and - Swimlane connectors. - short_description: - type: string - description: > - A short description of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. It is used for searching the - contents of the knowledge base. - source_ip: - description: >- - A list of source IP addresses related to the security - incident for ServiceNow SecOps connectors. The IPs are added - as observables to the security incident. - oneOf: - - type: string - - type: array - items: - type: string - status: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list data stream existence status + tags: + - Security Solution Lists API + post: + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Creates necessary list data streams + tags: + - Security Solution Lists API + /api/lists/items: + delete: + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Deletes a list item + tags: + - Security Solution Lists API + get: + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Gets a list item + tags: + - Security Solution Lists API + patch: + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: description: >- - The status of the incident for Webhook - Case Management - connectors. - subcategory: + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patches a list item + tags: + - Security Solution Lists API + post: + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: description: >- - The subcategory of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - summary: - type: string - description: A summary of the incident for Jira connectors. - tags: - type: array - items: - type: string - description: A list of tags for Webhook - Case Management connectors. - title: + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for type: string - description: > - A title for the incident for Jira and Webhook - Case - Management connectors. It is used for searching the contents - of the knowledge base. - urgency: + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Creates a list item + tags: + - Security Solution Lists API + put: + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: type: string - description: The urgency of the incident for ServiceNow ITSM connectors. - Connectors_run_connector_subaction_postmessage: - title: The postMessage subaction - type: object - description: > - Test an action that sends a message to Slack. It is applicable only when - the connector type is `.slack_api`. - required: - - subAction - - subActionParams - properties: - subAction: - type: string - description: The action to test. - enum: - - postMessage - subActionParams: - type: object - description: The set of configuration properties for the action. - properties: - channelIds: - type: array - maxItems: 1 - description: > - The Slack channel identifier, which must be one of the - `allowedChannels` in the connector configuration. - items: - type: string - channels: - type: array - deprecated: true - description: | - The name of a channel that your Slack app has access to. - maxItems: 1 - items: + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Updates a list item + tags: + - Security Solution Lists API + /api/lists/items/_export: + post: + description: Exports list item values from the specified list + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary type: string - text: - type: string - description: > - The Slack message text. If it is a Slack webhook connector, the - text cannot contain Markdown, images, or other advanced - formatting. If it is a Slack web API connector, it can contain - either plain text or block kit messages. - minLength: 1 - Connectors_run_connector_subaction_validchannelid: - title: The validChannelId subaction - type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Exports list items + tags: + - Security Solution Lists API + /api/lists/items/_find: + get: + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: 'Determines the sort order, which can be `desc` or `asc`' + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsFilter + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Finds list items + tags: + - Security Solution Lists API + /api/lists/items/_import: + post: description: > - Retrieves information about a valid Slack channel identifier. It is - applicable only when the connector type is `.slack_api`. - required: - - subAction - - subActionParams - properties: - subAction: - type: string - description: The action to test. - enum: - - validChannelId - subActionParams: - type: object - required: - - channelId - properties: - channelId: - type: string - description: The Slack channel identifier. - example: C123ABC456 - Connectors_run_connector_request: - title: Run connector request body properties - description: The properties vary depending on the connector type. - type: object - required: - - params - properties: - params: - oneOf: - - $ref: >- - #/components/schemas/Connectors_run_connector_params_acknowledge_resolve_pagerduty - - $ref: '#/components/schemas/Connectors_run_connector_params_documents' - - $ref: >- - #/components/schemas/Connectors_run_connector_params_message_email - - $ref: >- - #/components/schemas/Connectors_run_connector_params_message_serverlog - - $ref: >- - #/components/schemas/Connectors_run_connector_params_message_slack - - $ref: >- - #/components/schemas/Connectors_run_connector_params_trigger_pagerduty - - title: Subaction parameters - description: Test an action that involves a subaction. + Imports a list of items from a `.txt` or `.csv` file. The maximum file + size is 9 million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Imports list items + tags: + - Security Solution Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemPrivileges + lists: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListPrivileges + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Gets list privileges + tags: + - Security Solution Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models in the default space. You must have `all` privileges for the + **Machine Learning** feature in the **Analytics** section of the Kibana + feature privileges. This API runs automatically when you start Kibana + and periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync saved objects in the default space + tags: + - ml + /api/note: + delete: + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: oneOf: - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_addevent - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_closealert - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_closeincident - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_createalert - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_fieldsbyissuetype - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_getchoices - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_getfields - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_getincident - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_issue - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_issues - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_issuetypes - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_postmessage - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_pushtoservice - - $ref: >- - #/components/schemas/Connectors_run_connector_subaction_validchannelid - discriminator: - propertyName: subAction - mapping: - addEvent: >- - #/components/schemas/Connectors_run_connector_subaction_addevent - closeAlert: >- - #/components/schemas/Connectors_run_connector_subaction_closealert - closeIncident: >- - #/components/schemas/Connectors_run_connector_subaction_closeincident - createAlert: >- - #/components/schemas/Connectors_run_connector_subaction_createalert - fieldsByIssueType: >- - #/components/schemas/Connectors_run_connector_subaction_fieldsbyissuetype - getChoices: >- - #/components/schemas/Connectors_run_connector_subaction_getchoices - getFields: >- - #/components/schemas/Connectors_run_connector_subaction_getfields - getIncident: >- - #/components/schemas/Connectors_run_connector_subaction_getincident - issue: >- - #/components/schemas/Connectors_run_connector_subaction_issue - issues: >- - #/components/schemas/Connectors_run_connector_subaction_issues - issueTypes: >- - #/components/schemas/Connectors_run_connector_subaction_issuetypes - pushToService: >- - #/components/schemas/Connectors_run_connector_subaction_pushtoservice - Connectors_features: - type: string - description: | - The feature that uses the connector. - enum: - - alerting - - cases - - generativeAIForSecurity - - generativeAIForObservability - - generativeAIForSearchPlayground - - siem - - uptime - Connectors_connector_types: - title: Connector types - type: string - description: >- - The type of connector. For example, `.email`, `.index`, `.jira`, - `.opsgenie`, or `.server-log`. - enum: - - .bedrock - - .gemini - - .cases-webhook - - .d3security - - .email - - .gen-ai - - .index - - .jira - - .opsgenie - - .pagerduty - - .resilient - - .sentinelone - - .servicenow - - .servicenow-itom - - .servicenow-sir - - .server-log - - .slack - - .slack_api - - .swimlane - - .teams - - .tines - - .torq - - .webhook - - .xmatters - example: .server-log - Connectors_action_response_properties: - title: Action response properties - description: The properties vary depending on the action type. - type: object - properties: - actionTypeId: - type: string - config: - type: object - id: - type: string - isDeprecated: - type: boolean - description: Indicates whether the action type is deprecated. - isMissingSecrets: - type: boolean - description: Indicates whether secrets are missing for the action. - isPreconfigured: - type: boolean - description: Indicates whether it is a preconfigured action. - name: - type: string - Data_views_400_response: - title: Bad request - type: object - required: - - statusCode - - error - - message - properties: - statusCode: - type: number - example: 400 - error: - type: string - example: Bad Request - message: - type: string - Data_views_allownoindex: - type: boolean - description: Allows the data view saved object to exist before the data is available. - Data_views_fieldattrs: - type: object - description: A map of field attributes by field name. - properties: - count: - type: integer - description: Popularity count for the field. - customDescription: - type: string - description: Custom description for the field. - maxLength: 300 - customLabel: - type: string - description: Custom label for the field. - Data_views_fieldformats: - type: object - description: A map of field formats by field name. - Data_views_namespaces: - type: array - description: >- - An array of space identifiers for sharing the data view between multiple - spaces. - items: - type: string - default: default - Data_views_runtimefieldmap: - type: object - description: A map of runtime field definitions by field name. - required: - - script - - type - properties: - script: - type: object - properties: - source: - type: string - description: Script for the runtime field. - type: - type: string - description: Mapping type of the runtime field. - Data_views_sourcefilters: - type: array - description: The array of field names you want to filter out in Discover. - items: - type: object - required: - - value - properties: - value: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The id of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Deletes a note from a timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + get: + description: Gets notes + operationId: GetNotes + parameters: + - in: query + name: documentIds + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DocumentIds' + - in: query + name: page + schema: + nullable: true + type: number + - in: query + name: perPage + schema: + nullable: true + type: number + - in: query + name: search + schema: + nullable: true type: string - Data_views_timefieldname: - type: string - description: The timestamp field name, which you use for time-based data views. - Data_views_title: - type: string - description: >- - Comma-separated list of data streams, indices, and aliases that you want - to search. Supports wildcards (`*`). - Data_views_type: - type: string - description: When set to `rollup`, identifies the rollup data views. - Data_views_typemeta: - type: object - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - required: - - aggs - - params - properties: - aggs: - type: object - description: A map of rollup restrictions by aggregation type and field name. - params: - type: object - description: Properties for retrieving rollup fields. - Data_views_create_data_view_request_object: - title: Create data view request - type: object - required: - - data_view - properties: - data_view: - type: object - required: - - title - description: The data view object. - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - type: string - name: - type: string - description: The data view name. - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + description: Indicates the requested notes were returned. + summary: Get all notes for a given document. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + patch: + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - version: - type: string - override: - type: boolean - description: >- - Override an existing data view if a data view with the provided - title already exists. - default: false - Data_views_typemeta_response: - type: object - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - nullable: true - properties: - aggs: - type: object - description: A map of rollup restrictions by aggregation type and field name. - params: - type: object - description: Properties for retrieving rollup fields. - Data_views_data_view_response_object: - title: Data view response properties - type: object - properties: - data_view: - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to persist or update along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + type: object + properties: + code: + type: number + message: + type: string + note: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Note + required: + - code + - message + - note + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Persists a note to a timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/osquery/live_queries: + get: + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Find live queries + tags: + - Security Solution Osquery API + post: + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Solution Osquery API + '/api/osquery/live_queries/{id}': + get: + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Solution Osquery API + '/api/osquery/live_queries/{id}/results/{actionId}': + get: + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Solution Osquery API + /api/osquery/packs: + get: + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindPacksRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Find packs + tags: + - Security Solution Osquery API + post: + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a packs + tags: + - Security Solution Osquery API + '/api/osquery/packs/{id}': + delete: + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete packs + tags: + - Security Solution Osquery API + get: + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs details + tags: + - Security Solution Osquery API + put: + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update packs + tags: + - Security Solution Osquery API + /api/osquery/saved_queries: + get: + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Find saved queries + tags: + - Security Solution Osquery API + post: + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Solution Osquery API + '/api/osquery/saved_queries/{id}': + delete: + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete saved query + tags: + - Security Solution Osquery API + get: + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Solution Osquery API + put: + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update saved query + tags: + - Security Solution Osquery API + /api/pinned_event: + patch: + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to persist or update along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + - type: object + properties: + code: + type: number + message: + type: string + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicate the event was successfully pinned in the timeline. + summary: Persists a pinned event to a timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/saved_objects/_bulk_create: + post: + deprecated: true + operationId: bulkCreateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: 'When true, overwrites the document with the same identifier.' + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Create saved objects + tags: + - saved objects + /api/saved_objects/_bulk_delete: + post: + deprecated: true + description: | + WARNING: When you delete a saved object, it cannot be recovered. + operationId: bulkDeleteSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + When true, force delete objects that exist in multiple namespaces. + Note that the option applies to the whole request. Use the delete + object API to specify per-object deletion behavior. TIP: Use this if + you attempted to delete objects and received an HTTP 400 error with + the following message: "Unable to delete saved object that exists in + multiple namespaces, use the force option to delete it anyway". + WARNING: When you bulk delete objects that exist in multiple + namespaces, the API also deletes legacy url aliases that reference + the object. These requests are batched to minimise the impact but + they can place a heavy load on Kibana. Make sure you limit the + number of objects that exist in multiple namespaces in a single bulk + delete operation. + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Delete saved objects + tags: + - saved objects + /api/saved_objects/_bulk_get: + post: + deprecated: true + operationId: bulkGetSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Get saved objects + tags: + - saved objects + /api/saved_objects/_bulk_resolve: + post: + deprecated: true + description: > + Retrieve multiple Kibana saved objects by identifier using any legacy + URL aliases if they exist. Under certain circumstances when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved by the bulk resolve API + using either its new ID or its old ID. + operationId: bulkResolveSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Resolve saved objects + tags: + - saved objects + /api/saved_objects/_bulk_update: + post: + deprecated: true + description: Update the attributes for multiple Kibana saved objects. + operationId: bulkUpdateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Update saved objects + tags: + - saved objects + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: '#/components/examples/Saved_objects_export_objects_request' + schema: type: object - id: - type: string - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: - type: string - description: The data view name. - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: '#/components/examples/Saved_objects_export_objects_response' + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_find: + get: + deprecated: true + description: Retrieve a paginated set of Kibana saved objects. + operationId: findSavedObjects + parameters: + - description: > + An aggregation structure, serialized as a string. The field format + is similar to filter, meaning that to use a saved object type + attribute in the aggregation, the `savedObjectType.attributes.title: + "myTitle"` format must be used. For root fields, the syntax is + `savedObjectType.rootField`. NOTE: As objects change in Kibana, the + results on each page of the response also change. Use the find API + for traditional paginated results, but avoid using it to export + large amounts of data. + in: query + name: aggs + schema: + type: string + - description: The default operator to use for the `simple_query_string`. + in: query + name: default_search_operator + schema: + type: string + - description: The fields to return in the attributes key of the response. + in: query + name: fields + schema: + oneOf: + - type: string + - type: array + - description: > + The filter is a KQL string with the caveat that if you filter with + an attribute from your saved object type, it should look like that: + `savedObjectType.attributes.title: "myTitle"`. However, if you use a + root attribute of a saved object such as `updated_at`, you will have + to define your filter like that: `savedObjectType.updated_at > + 2018-12-22`. + in: query + name: filter + schema: + type: string + - description: >- + Filters to objects that do not have a relationship with the type and + identifier combination. + in: query + name: has_no_reference + schema: + type: object + - description: >- + The operator to use for the `has_no_reference` parameter. Either + `OR` or `AND`. Defaults to `OR`. + in: query + name: has_no_reference_operator + schema: + type: string + - description: >- + Filters to objects that have a relationship with the type and ID + combination. + in: query + name: has_reference + schema: + type: object + - description: >- + The operator to use for the `has_reference` parameter. Either `OR` + or `AND`. Defaults to `OR`. + in: query + name: has_reference_operator + schema: + type: string + - description: The page of objects to return. + in: query + name: page + schema: + type: integer + - description: The number of objects to return per page. + in: query + name: per_page + schema: + type: integer + - description: >- + An Elasticsearch `simple_query_string` query that filters the + objects in the response. + in: query + name: search + schema: + type: string + - description: >- + The fields to perform the `simple_query_string` parsed query + against. + in: query + name: search_fields + schema: + oneOf: + - type: string + - type: array + - description: > + Sorts the response. Includes "root" and "type" fields. "root" fields + exist for all saved objects, such as "updated_at". "type" fields are + specific to an object type, such as fields returned in the + attributes key of the response. When a single type is defined in the + type parameter, the "root" and "type" fields are allowed, and + validity checks are made in that order. When multiple types are + defined in the type parameter, only "root" fields are allowed. + in: query + name: sort_field + schema: + type: string + - description: The saved object types to include. + in: query + name: type + required: true + schema: + oneOf: + - type: string + - type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Search for saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: '#/components/examples/Saved_objects_import_objects_request' + schema: type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta_response' - version: - type: string - example: WzQ2LDJd - Data_views_404_response: - type: object - properties: - error: - type: string - example: Not Found - enum: - - Not Found - message: - type: string - example: >- - Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] - not found - statusCode: - type: integer - example: 404 - enum: - - 404 - Data_views_update_data_view_request_object: - title: Update data view request - type: object - required: - - data_view - properties: - data_view: - type: object - description: > - The data view properties you want to update. Only the specified - properties are updated in the data view. Unspecified fields stay as - they are persisted. - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: '#/components/examples/Saved_objects_import_objects_response' + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + /api/saved_objects/_resolve_import_errors: + post: + description: > + To resolve errors from the Import objects API, you can: + + + * Retry certain saved objects + + * Overwrite specific saved objects + + * Change references to different saved objects + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: resolveImportErrors + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. When enabled during the initial import, also enable when + resolving import errors. This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + - description: > + Creates copies of the saved objects, regenerates each object ID, and + resets the origin. When enabled during the initial import, also + enable when resolving import errors. + in: query + name: createNewCopies + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsRequest: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_request + schema: type: object - name: - type: string - runtimeFieldMap: + properties: + file: + description: The same file given to the import API. + format: binary + type: string + retries: + description: >- + The retry operations, which can specify how to resolve + different types of errors. + items: + type: object + properties: + destinationId: + description: >- + Specifies the destination ID that the imported object + should have, if different from the current ID. + type: string + id: + description: The saved object ID. + type: string + ignoreMissingReferences: + description: >- + When set to `true`, ignores missing reference errors. + When set to `false`, does nothing. + type: boolean + overwrite: + description: >- + When set to `true`, the source object overwrites the + conflicting destination object. When set to `false`, + does nothing. + type: boolean + replaceReferences: + description: >- + A list of `type`, `from`, and `to` used to change the + object references. + items: + type: object + properties: + from: + type: string + to: + type: string + type: + type: string + type: array + type: + description: The saved object type. + type: string + required: + - type + - id + type: array + required: + - retries + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsResponse: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_response + schema: + type: object + properties: + errors: + description: > + Specifies the objects that failed to resolve. + + + NOTE: One object can result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and a `conflict` error. + items: + type: object + type: array + success: + description: > + Indicates a successful import. When set to `false`, some + objects may not have been created. For additional + information, refer to the `errors` and `successResults` + properties. + type: boolean + successCount: + description: | + Indicates the number of successfully resolved records. + type: number + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are only created when all resolvable errors + are addressed, including conflict and missing references. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve import errors + tags: + - saved objects + '/api/saved_objects/{type}': + post: + deprecated: true + description: Create a Kibana saved object with a randomly generated identifier. + operationId: createSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: 'If true, overwrites the document with the same identifier.' + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - type: boolean - description: Reloads the data view fields after the data view is updated. - default: false - Data_views_swap_data_view_request_object: - title: Data view reference swap request - type: object - required: - - fromId - - toId - properties: - delete: - type: boolean - description: Deletes referenced saved object if all references are removed. - forId: - oneOf: - - type: string - - type: array - items: - type: string - description: Limit the affected saved objects to one or more by identifier. - forType: - type: string - description: Limit the affected saved objects by type. - fromId: - type: string - description: The saved object reference to change. - fromType: - type: string - description: > - Specify the type of the saved object reference to alter. The default - value is `index-pattern` for data views. - toId: - type: string - description: New saved object reference value to replace the old value. - Machine_learning_APIs_mlSyncResponseSuccess: - type: boolean - description: The success or failure of the synchronization. - Machine_learning_APIs_mlSyncResponseAnomalyDetectors: - type: object - title: Sync API response for anomaly detection jobs - description: >- - The sync machine learning saved objects API response contains this - object when there are anomaly detection jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - Machine_learning_APIs_mlSyncResponseDatafeeds: - type: object - title: Sync API response for datafeeds - description: >- - The sync machine learning saved objects API response contains this - object when there are datafeeds affected by the synchronization. There - is an object for each relevant datafeed, which contains the - synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: - type: object - title: Sync API response for data frame analytics jobs + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_references' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + '/api/saved_objects/{type}/{id}': + get: + deprecated: true + description: Retrieve a single Kibana saved object by identifier. + operationId: getSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Get a saved object + tags: + - saved objects + post: + deprecated: true description: >- - The sync machine learning saved objects API response contains this - object when there are data frame analytics jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: - type: object - title: Sync API response for created saved objects + Create a Kibana saved object and specify its identifier instead of using + a randomly generated ID. + operationId: createSavedObjectId + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: 'If true, overwrites the document with the same identifier.' + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + put: + deprecated: true + description: Update the attributes for Kibana saved objects. + operationId: updateSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates the object was not found. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Update a saved object + tags: + - saved objects + '/api/saved_objects/resolve/{type}/{id}': + get: + deprecated: true + description: > + Retrieve a single Kibana saved object by identifier using any legacy URL + alias if it exists. Under certain circumstances, when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved using either its new ID or + its old ID. + operationId: resolveSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve a saved object + tags: + - saved objects + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: description: >- - If saved objects are missing for machine learning jobs or trained - models, they are created when you run the sync machine learning saved - objects API. - properties: - anomaly-detector: - type: object - description: >- - If saved objects are missing for anomaly detection jobs, they are - created. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - data-frame-analytics: - type: object - description: >- - If saved objects are missing for data frame analytics jobs, they are - created. - additionalProperties: + The bulk action is applied to all anonymization fields that match the + filter or to the list of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Applies a bulk action to multiple anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Finds anonymization fields that match the given query. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - trained-model: - type: object - description: If saved objects are missing for trained models, they are created. - additionalProperties: + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Finds anonymization fields that match the given query. + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Creates a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Creates a model response for the given chat conversation. + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a conversation + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Finds conversations that match the given query. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: - type: object - title: Sync API response for deleted saved objects + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Finds conversations that match the given query. + tags: + - Security AI Assistant API + - Conversations API + '/api/security_ai_assistant/current_user/conversations/{id}': + delete: + description: Deletes a single conversation using the `id` field. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Deletes a single conversation using the `id` field. + tags: + - Security AI Assistant API + - Conversation API + get: + description: Read a single conversation + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Read a single conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update a single conversation + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: description: >- - If saved objects exist for machine learning jobs or trained models that - no longer exist, they are deleted when you run the sync machine learning - saved objects API. - properties: - anomaly-detector: - type: object - description: >- - If there are saved objects exist for nonexistent anomaly detection - jobs, they are deleted. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - data-frame-analytics: - type: object - description: >- - If there are saved objects exist for nonexistent data frame - analytics jobs, they are deleted. - additionalProperties: + The bulk action is applied to all prompts that match the filter or to + the list of prompts by their IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Applies a bulk action to multiple prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Finds prompts that match the given query. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - trained-model: - type: object + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Finds prompts that match the given query. + tags: + - Security AI Assistant API + - Prompts API + /api/status: + get: + operationId: /api/status#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. description: >- - If there are saved objects exist for nonexistent trained models, - they are deleted. - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - Machine_learning_APIs_mlSyncResponseTrainedModels: - type: object - title: Sync API response for trained models + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The ids of the timelines or timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the timeline was successfully deleted. + summary: Deletes one or more timelines or timeline templates. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + get: + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to retrieve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: Indicates that the (template) timeline was found and returned. + summary: >- + Get an existing saved timeline or timeline template. This API is used to + retrieve an existing saved timeline or timeline template. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + patch: description: >- - The sync machine learning saved objects API response contains this - object when there are trained models affected by the synchronization. - There is an object for each relevant trained model, which contains the - synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - Machine_learning_APIs_mlSync200Response: - type: object - title: Successful sync API response - properties: - datafeedsAdded: - type: object + Updates an existing timeline. This API is used to update the title, + description, date range, pinned events, pinned queries, and/or pinned + saved queries of an existing timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The timeline updates along with the timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data description: >- - If a saved object for an anomaly detection job is missing a datafeed - identifier, it is added when you run the sync machine learning saved - objects API. - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - datafeedsRemoved: - type: object + Indicates that the draft timeline was successfully created. In the + event the user already has a draft timeline, the existing draft + timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number description: >- - If a saved object for an anomaly detection job references a datafeed - that no longer exists, it is deleted when you run the sync machine - learning saved objects API. - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - savedObjectsCreated: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated - savedObjectsDeleted: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted - Machine_learning_APIs_mlSync4xxResponse: - type: object - title: Unsuccessful sync API response - properties: - error: - type: string - example: Unauthorized - message: - type: string - statusCode: - type: integer - example: 401 - Saved_objects_400_response: - title: Bad request - type: object - required: - - error - - message - - statusCode - properties: - error: - type: string - enum: - - Bad Request - message: - type: string - statusCode: - type: integer - enum: - - 400 - Saved_objects_attributes: - type: object - description: > - The data that you want to create. WARNING: When you create saved - objects, attributes are not validated, which allows you to pass - arbitrary and ill-formed data into the API that can break Kibana. Make - sure any data that you send to the API is properly formed. - Saved_objects_initial_namespaces: - type: array - description: > - Identifiers for the spaces in which this object is created. If this is - provided, the object is created only in the explicitly defined spaces. - If this is not provided, the object is created in the current space - (default behavior). For shareable object types (registered with - `namespaceType: 'multiple'`), this option can be used to specify one or - more spaces, including the "All spaces" identifier ('*'). For isolated - object types (registered with `namespaceType: 'single'` or - `namespaceType: 'multiple-isolated'`), this option can only be used to - specify a single space, and the "All spaces" identifier ('*') is not - allowed. For global object types (`registered with `namespaceType: - agnostic`), this option cannot be used. - Saved_objects_references: - type: array - description: > - Objects with `name`, `id`, and `type` properties that describe the other - saved objects that this object references. Use `name` in attributes to - refer to the other saved object, but never the `id`, which can update - automatically during migrations or import and export. - Kibana_HTTP_APIs_core_status_redactedResponse: - additionalProperties: false - description: A minimal representation of Kibana's operational status. - properties: - status: - additionalProperties: false - properties: - overall: - additionalProperties: false + Indicates that the user does not have the required access to create + a draft timeline. + summary: Updates an existing timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + post: + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object properties: - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical + status: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineStatus + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + version: + nullable: true type: string required: - - level + - timeline + description: >- + The required timeline fields used to create a new timeline along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - persistTimeline + required: + - data + description: Indicates the timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the timeline creation. + summary: Creates a new timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_draft: + get: + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: Indicates that the draft timeline was successfully retrieved. + '403': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft timeline. + '409': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft timeline was not found and + we attempted to create one, it indicates that there is already a + draft timeline with the given timelineId. + summary: >- + Retrieves the draft timeline for the current user. If the user does not + have a draft timeline, an empty timeline is returned. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + post: + description: > + Retrieves a clean draft timeline. If a draft timeline does not exist, it + is created and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - required: - - overall - type: object - required: - - status - type: object - Kibana_HTTP_APIs_core_status_response: - additionalProperties: false - description: >- - Kibana's operational status as well as a detailed breakdown of plugin - statuses indication of various loads (like event loop utilization and - network traffic) at time of request. - properties: - metrics: - additionalProperties: false - description: Metric groups collected by Kibana. - properties: - collection_interval_in_millis: - description: The interval at which metrics should be collected. - type: number - elasticsearch_client: - additionalProperties: false - description: Current network metrics of Kibana's Elasticsearch client. properties: - totalActiveSockets: - description: Count of network sockets currently in use. - type: number - totalIdleSockets: - description: Count of network sockets currently idle. - type: number - totalQueuedRequests: - description: Count of requests not yet assigned to sockets. - type: number + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType required: - - totalActiveSockets - - totalIdleSockets - - totalQueuedRequests + - timelineType + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft timeline was successfully created. In the + event the user already has a draft timeline, the existing draft + timeline is cleared and returned. + '403': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft timeline. + '409': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft timeline with the given + timelineId. + summary: Retrieves a draft timeline or timeline template. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_export: + post: + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - last_updated: - description: The time metrics were collected. - type: string - required: - - elasticsearch_client - - last_updated - - collection_interval_in_millis - type: object - name: - description: Kibana instance name. - type: string - status: - additionalProperties: false - properties: - core: - additionalProperties: false - description: Statuses of core Kibana services. properties: - elasticsearch: - additionalProperties: false - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - type: object - savedObjects: - additionalProperties: false - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - type: object - required: - - elasticsearch - - savedObjects + ids: + items: + type: string + nullable: true + type: array + description: The ids of the timelines to export + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported timelines + type: string + description: Indicates the timelines were successfully exported + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded + summary: Exports timelines as an NDJSON file + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_favorite: + patch: + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - overall: - additionalProperties: false properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical + templateTimelineId: + nullable: true type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true required: - - level - - summary - - meta + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Persists a given users favorite status of a timeline. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_import: + post: + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: type: object - plugins: - additionalProperties: - additionalProperties: false + properties: + file: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Readable + - type: object + properties: + hapi: + type: object + properties: + filename: + type: string + headers: + type: object + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - filename + - headers + required: + - hapi + description: The timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object properties: - detail: - description: Human readable detail of the service status. + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the import of timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: type: string - documentationUrl: - description: A URL to further documentation regarding this service. + id: type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical + statusCode: + type: number + description: >- + Indicates the import of timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: type: string + statusCode: + type: number + description: Indicates the import of timelines was unsuccessful. + summary: Imports timelines. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/_prepackaged: + post: + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + type: array + timelinesToInstall: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + timelinesToUpdate: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult required: - - level - - summary - - meta + - data + description: Indicates the installation of prepackaged timelines was successful. + '500': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: type: object - description: A dynamic mapping of plugin ID to plugin status. - type: object - required: - - overall - - core - - plugins - type: object - uuid: + properties: + body: + type: string + statusCode: + type: number description: >- - Unique, generated Kibana instance UUID. This UUID should persist - even if the Kibana process restarts. - type: string - version: - additionalProperties: false - properties: - build_date: - description: The date and time of this build. - type: string - build_flavor: - description: >- - The build flavour determines configuration and behavior of - Kibana. On premise users will almost always run the - "traditional" flavour, while other flavours are reserved for - Elastic-specific use cases. - enum: - - serverless - - traditional - type: string - build_hash: - description: >- - A unique hash value representing the git commit of this Kibana - build. - type: string - build_number: - description: >- - A monotonically increasing number, each subsequent build will - have a higher number. - type: number - build_snapshot: - description: Whether this build is a snapshot build. - type: boolean - number: - description: A semantic version number. - type: string - required: - - number - - build_hash - - build_number - - build_snapshot - - build_flavor - - build_date - type: object - required: - - name - - uuid - - version - - status - - metrics - type: object + Indicates the installation of prepackaged timelines was + unsuccessful. + summary: Installs prepackaged timelines. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: The (template) timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) timeline was not found + summary: Get an existing saved timeline or timeline template. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + /api/timelines: + get: + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SortFieldTimeline + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timelines + - totalCount + - defaultTimelineCount + - templateTimelineCount + - favoriteCount + - elasticTemplateTimelineCount + - customTemplateTimelineCount + required: + - data + description: Indicates that the (template) timelines were found and returned. + '400': + content: + 'application:json; Elastic-Api-Version=2023-10-31': + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: >- + This API is used to retrieve a list of existing saved timelines or + timeline templates. + tags: + - Security Solution Timeline API + - 'access:securitySolution' + '/s/{spaceId}/api/observability/slos': + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: 'The page to use for pagination, must be greater or equal than 1' + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + summary: Create an SLO + tags: + - slo + '/s/{spaceId}/api/observability/slos/_delete_instances': + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + summary: Batch delete rollup and summary data + tags: + - slo + '/s/{spaceId}/api/observability/slos/{sloId}': + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + '/s/{spaceId}/api/observability/slos/{sloId}/_reset': + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + '/s/{spaceId}/api/observability/slos/{sloId}/disable': + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + '/s/{spaceId}/api/observability/slos/{sloId}/enable': + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: examples: - Alerting_create_es_query_esql_rule_request: - summary: >- - Create an Elasticsearch query rule that uses Elasticsearch Query - Language (ES|QL). - value: - name: my Elasticsearch query ESQL rule - params: - searchType: esqlQuery - esqlQuery: - esql: >- - FROM kibana_sample_data_logs | KEEP bytes, clientip, host, - geo.dest | where geo.dest != "GB" | STATS sumbytes = sum(bytes) by - clientip, host | WHERE sumbytes > 5000 | SORT sumbytes desc | - LIMIT 10 - timeField: '@timestamp' - timeWindowSize: 1 - timeWindowUnit: d - size: 0 - thresholdComparator: '>' - threshold: - - 0 - consumer: stackAlerts - rule_type_id: .es-query - schedule: - interval: 1d - actions: - - group: query matched - id: d0db1fe0-78d6-11ee-9177-f7d404c8c945 - params: - level: info - message: >- - Elasticsearch query rule '{{rule.name}}' is active: - - - Value: {{context.value}} - Conditions Met: - {{context.conditions}} over - {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} - - Timestamp: {{context.date}} - Link: {{context.link}} - frequency: - summary: false - notify_when: onActiveAlert - Alerting_create_es_query_rule_request: - summary: >- - Create an Elasticsearch query rule that uses Elasticsearch query domain - specific language (DSL) to define its query and a server log connector - to send notifications. - value: - actions: - - group: query matched - params: - level: info - message: >- - The system has detected {{alerts.new.count}} new, - {{alerts.ongoing.count}} ongoing, and {{alerts.recovered.count}} - recovered alerts. - id: fdbece50-406c-11ee-850e-c71febc4ca7f - frequency: - throttle: 1d - summary: true - notify_when: onThrottleInterval - - group: recovered - params: - level: info - message: Recovered - id: fdbece50-406c-11ee-850e-c71febc4ca7f - frequency: - summary: false - notify_when: onActionGroupChange - consumer: alerts - name: my Elasticsearch query rule - params: - esQuery: '"""{"query":{"match_all" : {}}}"""' - index: - - kibana_sample_data_logs - size: 100 - threshold: - - 100 - thresholdComparator: '>' - timeField: '@timestamp' - timeWindowSize: 1 - timeWindowUnit: d - rule_type_id: .es-query - schedule: - interval: 1d - Alerting_create_es_query_kql_rule_request: - summary: >- - Create an Elasticsearch query rule that uses Kibana query language - (KQL). - value: - consumer: alerts - name: my Elasticsearch query KQL rule - params: - aggType: count - excludeHitsFromPreviousRun: true - groupBy: all - searchConfiguration: - query: - query: '""geo.src : "US" ""' - language: kuery - index: 90943e30-9a47-11e8-b64d-95841ca0b247 - searchType: searchSource - size: 100 - threshold: - - 1000 - thresholdComparator: '>' - timeWindowSize: 5 - timeWindowUnit: m - rule_type_id: .es-query - schedule: - interval: 1m - Alerting_create_index_threshold_rule_request: - summary: Create an index threshold rule. - value: - actions: - - id: 48de3460-f401-11ed-9f8e-399c75a2deeb - frequency: - notify_when: onActionGroupChange - summary: false - group: threshold met - params: - level: info - message: >- - Rule '{{rule.name}}' is active for group '{{context.group}}': - - - - Value: {{context.value}} - - - Conditions Met: {{context.conditions}} over - {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} - - - Timestamp: {{context.date}} - alert_delay: - active: 3 - consumer: alerts - name: my rule - params: - aggType: avg - termSize: 6 - thresholdComparator: '>' - timeWindowSize: 5 - timeWindowUnit: m - groupBy: top - threshold: - - 1000 - index: - - .test-index - timeField: '@timestamp' - aggField: sheet.version - termField: name.keyword - rule_type_id: .index-threshold - schedule: - interval: 1m - tags: - - cpu - Alerting_create_tracking_containment_rule_request: - summary: Create a tracking containment rule. - value: - consumer: alerts - name: my tracking rule - params: - index: kibana_sample_data_logs - dateField": '@timestamp' - geoField: geo.coordinates - entity: agent.keyword - boundaryType: entireIndex - boundaryIndexTitle: boundary* - boundaryGeoField: location - boundaryNameField: name - indexId: 90943e30-9a47-11e8-b64d-95841ca0b247 - boundaryIndexId: 0cd90abf-abe7-44c7-909a-f621bbbcfefc - rule_type_id: .geo-containment - schedule: - interval: 1h - Alerting_create_es_query_esql_rule_response: - summary: >- - The create rule API returns a JSON object that contains details about - the rule. - value: - id: e0d62360-78e8-11ee-9177-f7d404c8c945 - enabled: true - name: my Elasticsearch query ESQL rule - tags: [] - rule_type_id: .es-query - consumer: stackAlerts - schedule: - interval: 1d - actions: - - group: query matched - id: d0db1fe0-78d6-11ee-9177-f7d404c8c945 - params: - level: info - message: >- - Elasticsearch query rule '{{rule.name}}' is active: - - - Value: {{context.value}} - Conditions Met: - {{context.conditions}} over - {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} - - Timestamp: {{context.date}} - Link: {{context.link}} - connector_type_id: .server-log - frequency: - summary: false - notify_when: onActiveAlert - throttle: null - uuid: bfe370a3-531b-4855-bbe6-ad739f578844 - params: - searchType: esqlQuery - esqlQuery: - esql: >- - FROM kibana_sample_data_logs | keep bytes, clientip, host, - geo.dest | WHERE geo.dest != "GB" | stats sumbytes = sum(bytes) by - clientip, host | WHERE sumbytes > 5000 | sort sumbytes desc | - limit 10 - timeField: '@timestamp' - timeWindowSize: 1 - timeWindowUnit: d - size: 0 - thresholdComparator: '>' - threshold: - - 0 - excludeHitsFromPreviousRun": true, - aggType: count - groupBy: all - scheduled_task_id: e0d62360-78e8-11ee-9177-f7d404c8c945 - created_by: elastic - updated_by: elastic", - created_at: '2023-11-01T19:00:10.453Z' - updated_at: '2023-11-01T19:00:10.453Z' - api_key_owner: elastic - api_key_created_by_user: false - throttle: null - mute_all: false - notify_when: null - muted_alert_ids: [] - execution_status: - status: pending - last_execution_date: '2023-11-01T19:00:10.453Z' - revision: 0 - running: false - Alerting_create_es_query_rule_response: - summary: >- - The create rule API returns a JSON object that contains details about - the rule. - value: - id: 58148c70-407f-11ee-850e-c71febc4ca7f - enabled: true - name: my Elasticsearch query rule - tags: [] - rule_type_id: .es-query - consumer: alerts - schedule: - interval: 1d - actions: - - group: query matched - id: fdbece50-406c-11ee-850e-c71febc4ca7f - params: - level: info - message: >- - The system has detected {{alerts.new.count}} new, - {{alerts.ongoing.count}} ongoing, and {{alerts.recovered.count}} - recovered alerts. - connector_type_id: .server-log - frequency: - summary: true - notify_when: onThrottleInterval - throttle: 1d - uuid: 53f3c2a3-e5d0-4cfa-af3b-6f0881385e78 - - group: recovered - id: fdbece50-406c-11ee-850e-c71febc4ca7f - params: - level: info - message: Recovered - connector_type_id: .server-log - frequency: - summary: false - notify_when: onActionGroupChange - throttle: null - uuid: 2324e45b-c0df-45c7-9d70-4993e30be758 - params: - thresholdComparator: '>' - timeWindowSize: 1 - timeWindowUnit: d - threshold: - - 100 - size: 100 - timeField: '@timestamp' - index: - - kibana_sample_data_logs - esQuery: '"""{"query":{"match_all" : {}}}"""' - excludeHitsFromPreviousRun: true - aggType: count - groupBy: all - searchType: esQuery - scheduled_task_id: 58148c70-407f-11ee-850e-c71febc4ca7f - created_by: elastic - updated_by: elastic - created_at: '2023-08-22T00:03:38.263Z' - updated_at: '2023-08-22T00:03:38.263Z' - api_key_owner: elastic - api_key_created_by_user: false - throttle: null - mute_all: false - notify_when: null - muted_alert_ids: [] - execution_status: - status: pending - last_execution_date: '2023-08-22T00:03:38.263Z' - revision: 0 - running: false - Alerting_create_es_query_kql_rule_response: - summary: >- - The create rule API returns a JSON object that contains details about - the rule. - value: - id: 7bd506d0-2284-11ee-8fad-6101956ced88 - enabled: true - name: my Elasticsearch query KQL rule" - tags: [] - rule_type_id: .es-query - consumer: alerts - schedule: - interval: 1m - actions: [] - params: - searchConfiguration: - query: - query: '""geo.src : "US" ""' - language: kuery - index: 90943e30-9a47-11e8-b64d-95841ca0b247 - searchType: searchSource - timeWindowSize: 5 - timeWindowUnit: m - threshold: - - 1000 - thresholdComparator: '>' - size: 100 - aggType: count - groupBy: all - excludeHitsFromPreviousRun: true - created_by: elastic - updated_by: elastic - created_at: '2023-07-14T20:24:50.729Z' - updated_at: '2023-07-14T20:24:50.729Z' - api_key_owner: elastic - api_key_created_by_user: false - throttle: null - notify_when: null - mute_all: false - muted_alert_ids: [] - scheduled_task_id: 7bd506d0-2284-11ee-8fad-6101956ced88 - execution_status: - status: pending - last_execution_date: '2023-07-14T20:24:50.729Z' - revision: 0 - running: false - Alerting_create_index_threshold_rule_response: - summary: >- - The create rule API returns a JSON object that contains details about - the rule. - value: - actions: - - group: threshold met - id: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 - uuid: 07aef2a0-9eed-4ef9-94ec-39ba58eb609d - connector_type_id: .server-log - frequency: - notify_when: onActionGroupChange - summary: false - throttle: null - params: - level: info - message: >- - Rule {{rule.name}} is active for group {{context.group} : - - - - Value: {{context.value}} - - - Conditions Met: {{context.conditions}} over - {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} - - - Timestamp: {{context.date}} - alert_delay: - active: 3 - api_key_created_by_user: false - api_key_owner: elastic - consumer: alerts - created_at: '2022-06-08T17:20:31.632Z' - created_by: elastic - enabled: true - execution_status: - last_execution_date: '2022-06-08T17:20:31.632Z' - status: pending - id: 41893910-6bca-11eb-9e0d-85d233e3ee35 - muted_alert_ids: [] - mute_all: false - name: my rule - notify_when: null - params: - aggType: avg - termSize: 6 - thresholdComparator: '>' - timeWindowSize: 5 - timeWindowUnit: m - groupBy: top - threshold: - - 1000 - index: - - .test-index - timeField: '@timestamp' - aggField: sheet.version - termField: name.keyword - revision: 0 - rule_type_id: .index-threshold - running: false - schedule: - interval: 1m - scheduled_task_id: 425b0800-6bca-11eb-9e0d-85d233e3ee35 - tags: - - cpu - throttle: null - updated_at: '2022-06-08T17:20:31.632Z' - updated_by: elastic - Alerting_create_tracking_containment_rule_response: - summary: >- - The create rule API returns a JSON object that contains details about - the rule. - value: - id: b6883f9d-5f70-4758-a66e-369d7c26012f - name: my tracking rule - tags: [] - enabled: true - consumer: alerts - throttle: null - revision: 1 - running: false - schedule: - interval: 1h - params: - index: kibana_sample_data_logs - dateField: '@timestamp' - geoField: geo.coordinates - entity: agent.keyword - boundaryType: entireIndex - boundaryIndexTitle: boundary* - boundaryGeoField: location - boundaryNameField: name - indexId: 90943e30-9a47-11e8-b64d-95841ca0b247 - boundaryIndexId: 0cd90abf-abe7-44c7-909a-f621bbbcfefc - rule_type_id: .geo-containment - created_by: elastic - updated_by: elastic - created_at: '2024-02-14T19:52:55.920Z' - updated_at: '2024-02-15T03:24:32.574Z' - api_key_owner: elastic - notify_when: null - mute_all: false - muted_alert_ids: [] - scheduled_task_id: b6883f9d-5f70-4758-a66e-369d7c26012f - execution_status: - status: ok - last_execution_date: '2024-02-15T03:25:38.125Z' - last_duration: 74 - actions: [] - last_run: - alerts_count: - active: 0 - new: 0 - recovered: 0 - ignored: 0 - outcome_msg: null - outcome_order: 0 - outcome: succeeded - warning: null - next_run: '2024-02-15T03:26:38.033Z' - api_key_created_by_user: false - Alerting_get_rule_response: - summary: >- - The get rule API returns a JSON object that contains details about the - rule. - value: - id: 31697a40-7b36-11ed-aa79-f742c05329b2 - consumer: alerts - tags: - - cpu - name: my alert - enabled: true - throttle: null - schedule: - interval: 1m - params: - aggType: avg - termSize: 6 - thresholdComparator: '>' - timeWindowSize: 5 - timeWindowUnit: m - groupBy: top - threshold: - - 1000 - index: - - test-index - timeField: '@timestamp' - aggField: sheet.version - termField: name.keyword - revision: 1 - rule_type_id: .index-threshold - created_by: elastic - updated_by: elastic - created_at: '2022-12-13T22:33:41.163Z' - updated_at: '2022-12-13T22:33:41.163Z' - api_key_owner: elastic - notify_when: null - muted_alert_ids: [] - mute_all: false - scheduled_task_id: 31697a40-7b36-11ed-aa79-f742c05329b2 - execution_status: - status: ok - last_execution_date: '2022-12-13T22:33:44.388Z' - last_duration: 83 - actions: - - group: threshold met - id: 1007a0c0-7a6e-11ed-89d5-abec321c0def - uuid: 1c7a1280-f28c-4e06-96b2-e4e5f05d1d61 - params: - level: info - message: >- - Rule {{rule.name}} is active for group {{context.group}}: - - - - Value: {{context.value}} - - - Conditions Met: {{context.conditions}} over - {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} - - - Timestamp: {{context.date} - connector_type_id: .server-log - connector_type_id: .server-log - frequency: - throttle: null - summary: false - notify_when: onActionGroupChange - last_run: - alerts_count: - new: 0 - ignored: 0 - recovered: 0 - active: 0 - outcome_msg: null - warning: null - outcome: succeeded - next_run: '2022-12-13T22:34:44.314Z' - api_key_created_by_user: false - Alerting_update_rule_request: - summary: Update an index threshold rule. - value: - actions: - - frequency: - summary: false - notify_when: onActionGroupChange - group: threshold met - id: 96b668d0-a1b6-11ed-afdf-d39a49596974 - params: - level: info - message: >- - Rule {{rule.name}} is active for group {{context.group}}: - - - - Value: {{context.value}} - - - Conditions Met: {{context.conditions}} over - {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} - - - Timestamp: {{context.date}} - params: - aggField: sheet.version - aggType: avg - index: - - .updated-index - groupBy: top - termField: name.keyword - termSize: 6 - threshold: - - 1000 - thresholdComparator: '>' - timeField: '@timestamp' - timeWindowSize: 5 - timeWindowUnit: m - name: new name - schedule: - interval: 1m - tags: [] - Alerting_update_rule_response: - summary: >- - The update rule API returns a JSON object that contains details about - the rule. - value: - id: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74 - consumer: alerts - tags: [] - name: new name - enabled: true - throttle: null - revision: 1 - running: false - schedule: - interval: 1m - params: - index: - - .updated-index - timeField: '@timestamp' - groupBy: top - aggType: avg - timeWindowSize: 5 - timeWindowUnit: m - thresholdComparator: '>' - threshold: - - 1000 - aggField: sheet.version - termField: name.keyword - termSize: 6 - api_key_owner: elastic - created_by: elastic - updated_by: elastic - rule_type_id: .index-threshold - scheduled_task_id: 4c5eda00-e74f-11ec-b72f-5b18752ff9ea - created_at: '2024-03-26T23:13:20.985Z' - updated_at: '2024-03-26T23:22:59.949Z' - mute_all: false - muted_alert_ids: [] - execution_status: - status: ok - last_execution_date: '2024-03-26T23:22:51.390Z' - last_duration: 52 - actions: - - group: threshold met - params: - level: info - message: >- - Rule {{rule.name}} is active for group {{context.group}}: - - - - Value: {{context.value}} - - - Conditions Met: {{context.conditions}} over - {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} - - - Timestamp: {{context.date} - id: 96b668d0-a1b6-11ed-afdf-d39a49596974 - uuid: 07aef2a0-9eed-4ef9-94ec-39ba58eb609d - connector_type_id: .server-log - frequency: - summary: false - throttle: null - notify_when: onActionGroupChange - last_run: - alerts_count: - new: 0 - ignored: 0 - recovered: 0 - active: 0 - outcome_msg: null - warning: null - outcome: succeeded - next_run: '2024-03-26T23:23:51.316Z' - api_key_created_by_user: false - Alerting_find_rules_response: - summary: Retrieve information about a rule. - value: - page: 1 - total: 1 - per_page: 10 - data: - - id: 3583a470-74f6-11ed-9801-35303b735aef - consumer: alerts - tags: - - cpu - name: my alert - enabled: true - throttle: null - schedule: - interval: 1m - params: - aggType: avg - termSize: 6 - thresholdComparator: '>' - timeWindowSize: 5 - timeWindowUnit: m - groupBy: top - threshold: - - 1000 - index: - - test-index - timeField: '@timestamp' - aggField: sheet.version - termField: name.keyword - revision: 1 - rule_type_id: .index-threshold - created_by: elastic - updated_by: elastic - created_at: '2022-12-05T23:40:33.132Z' - updated_at: '2022-12-05T23:40:33.132Z' - api_key_owner: elastic - mute_all: false - muted_alert_ids: [] - scheduled_task_id: 3583a470-74f6-11ed-9801-35303b735aef - execution_status: - status: ok - last_execution_date: '2022-12-06T01:44:23.983Z' - last_duration: 48 - actions: - - id: 9dca3e00-74f5-11ed-9801-35303b735aef - group: threshold met - uuid: 1c7a1280-f28c-4e06-96b2-e4e5f05d1d61 - params: - level: info - message: >- - Rule {{rule.name}} is active for group {{context.group}}: - - - - Value: {{context.value}} - - - Conditions Met: {{context.conditions}} over - {{rule.params.timeWindowSize}}{{rule.params.timeWindowUnit}} - - - Timestamp: {{context.date}} - connector_type_id: .server-log - frequency: - summary: false - notify_when: onActionGroupChange - throttle: null - last_run: - alerts_count: - new: 0 - ignored: 0 - recovered: 0 - active: 0 - outcome_msg: null - warning: null - outcome: succeeded - next_run: '2022-12-06T01:45:23.912Z' - api_key_created_by_user: false - Alerting_find_rules_response_conditional_action: - summary: Retrieve information about a rule that has conditional actions. - value: - page: 1 - total: 1 - per_page: 10 - data: - - id: 6107a8f0-f401-11ed-9f8e-399c75a2deeb - name: security_rule - consumer: siem - enabled: true - tags: [] - throttle: null - revision: 1 - running: false - schedule: - interval: 1m - params: - author: [] - description: A security threshold rule. - ruleId: an_internal_rule_id - falsePositives: [] - from: now-3660s - immutable: false - license: '' - outputIndex: '' - meta: - from: 1h - kibana_siem_app_url: https://localhost:5601/app/security - maxSignals: 100 - riskScore: 21 - riskScoreMapping: [] - severity: low - severityMapping: [] - threat: [] - to: now - references: [] - version: 1 - exceptionsList: [] - type: threshold - language: kuery - index: - - kibana_sample_data_logs - query: '*' - filters: [] - threshold: - field: - - bytes - value: 1 - cardinality: [] - rule_type_id: siem.thresholdRule - created_by: elastic - updated_by: elastic - created_at: '2023-05-16T15:50:28.358Z' - updated_at: '2023-05-16T20:25:42.559Z' - api_key_owner: elastic - notify_when: null - mute_all: false - muted_alert_ids: [] - scheduled_task_id: 6107a8f0-f401-11ed-9f8e-399c75a2deeb - execution_status: - status: ok - last_execution_date: '2023-05-16T20:26:49.590Z' - last_duration: 166 - actions: - - group: default - id: 49eae970-f401-11ed-9f8e-399c75a2deeb - params: - documents: - - rule_id: - '[object Object]': null - rule_name: - '[object Object]': null - alert_id: - '[object Object]': null - context_message: - '[object Object]': null - connector_type_id: .index - frequency: - summary: true - notify_when: onActiveAlert - throttle: null - uuid: 1c7a1280-f28c-4e06-96b2-e4e5f05d1d61 - alerts_filter: - timeframe: - days: - - 7 - timezone: UTC - hours: - start: '08:00' - end: '17:00' - query: - kql: '' - filters: - - meta: - disabled: false - negate: false - alias: null - index: c4bdca79-e69e-4d80-82a1-e5192c621bea - key: client.geo.region_iso_code - field: client.geo.region_iso_code - params: - query: CA-QC - type: phrase - $state: - store: appState - query: - match_phrase: - client.geo.region_iso_code: CA-QC - last_run: - alerts_count: - new: 0 - ignored: 0 - recovered: 0 - active: 0 - outcome_msg: - - Rule execution completed successfully - outcome_order: 0 - warning: null - outcome: succeeded - next_run: '2023-05-16T20:27:49.507Z' - api_key_created_by_user: false - Alerting_get_health_response: - summary: Retrieve information about the health of the alerting framework. - value: - is_sufficiently_secure: true - has_permanent_encryption_key: true - alerting_framework_health: - decryption_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - execution_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - read_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - Alerting_get_rule_types_response: - summary: Retrieve rule types associated with Kibana machine learning features - value: - - id: xpack.ml.anomaly_detection_alert - name: Anomaly detection alert - category: management - producer: ml - alerts: - context: ml.anomaly-detection - mappings: - fieldMap: - kibana.alert.job_id: - type: keyword - array: false - required: true - kibana.alert.anomaly_score: - type: double - array: false - required: false - kibana.alert.is_interim: - type: boolean - array: false - required: false - kibana.alert.anomaly_timestamp: - type: date - array: false - required: false - kibana.alert.top_records: - type: object - array: true - required: false - dynamic: false - properties: - job_id: - type: keyword - record_score: - type: double - initial_record_score: - type: double - detector_index: - type: integer - is_interim: - type: boolean - timestamp: - type: date - partition_field_name: - type: keyword - partition_field_value: - type: keyword - over_field_name: - type: keyword - over_field_value: - type: keyword - by_field_name: - type: keyword - by_field_value: - type: keyword - function: - type: keyword - typical: - type: double - actual: - type: double - field_name: - type: keyword - kibana.alert.top_influencers: - type: object - array: true - required: false - dynamic: false - properties: - job_id: - type: keyword - influencer_field_name: - type: keyword - influencer_field_value: - type: keyword - influencer_score: - type: double - initial_influencer_score: - type: double - is_interim: - type: boolean - timestamp: - type: date - shouldWrite: true - enabled_in_license: true - recovery_action_group: - id: recovered - name: Recovered - action_groups: - - id: anomaly_score_match - name: Anomaly score matched the condition - - id: recovered - name: Recovered - default_action_group_id: anomaly_score_match - minimum_license_required: platinum - is_exportable: true - rule_task_timeout: 5m - action_variables: - context: - - name: timestamp - description: The bucket timestamp of the anomaly - - name: timestampIso8601 - description: The bucket time of the anomaly in ISO8601 format - - name: jobIds - description: List of job IDs that triggered the alert - - name: message - description: Alert info message - - name: isInterim - description: Indicate if top hits contain interim results - - name: score - description: Anomaly score at the time of the notification action - - name: topRecords - description: Top records - - name: topInfluencers - description: Top influencers - - name: anomalyExplorerUrl - description: URL to open in the Anomaly Explorer - useWithTripleBracesInTemplates: true - state: [] - params: [] - authorized_consumers: - alerts: - read: true - all: true - stackAlerts: - read: true - all: true - slo: - read: true - all: true - ml: - read: true - all: true - uptime: - read: true - all: true - infrastructure: - read: true - all: true - logs: - read: true - all: true - monitoring: - read: true - all: true - siem: - read: true - all: true - apm: - read: true - all: true - discover: - read: true - all: true - does_set_recovery_context: true - has_alerts_mappings: true - has_fields_for_a_a_d: false - - id: xpack.ml.anomaly_detection_jobs_health - name: Anomaly detection jobs health - category: management - producer: ml - enabled_in_license: true - recovery_action_group: - id: recovered - name: Recovered - action_groups: - - id: anomaly_detection_realtime_issue - name: Issue detected - - id: recovered - name: Recovered - default_action_group_id: anomaly_detection_realtime_issue - minimum_license_required: platinum - is_exportable: true - rule_task_timeout: 5m - action_variables: - context: - - name: results - description: Results of the rule execution - - name: message - description: Alert info message - state: [] - params: [] - authorized_consumers: - alerts: - read: true - all: true - stackAlerts: - read: true - all: true - slo: - read: true - all: true - ml: - read: true - all: true - uptime: - read: true - all: true - infrastructure: - read: true - all: true - logs: - read: true - all: true - monitoring: - read: true - all: true - siem: - read: true - all: true - apm: - read: true - all: true - discover: - read: true - all: true - does_set_recovery_context: true - has_alerts_mappings: false - has_fields_for_a_a_d: false - Cases_create_case_request: - summary: Create a security case that uses a Jira connector. - value: - description: A case description. - title: Case title 1 - tags: - - tag-1 - connector: - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - fields: - issueType: '10006' - priority: High - parent: null - settings: - syncAlerts: true - owner: cases - customFields: - - type: text - key: d312efda-ec2b-42ec-9e2c-84981795c581 - value: My field value - Cases_create_case_response: - summary: >- - The create case API returns a JSON object that contains details about - the case. - value: - comments: [] - totalAlerts: 0 - id: 66b9aa00-94fa-11ea-9f74-e7e108796192 - version: WzUzMiwxXQ== - totalComment: 0 - title: Case title 1 - tags: - - tag 1 - assignees: [] - description: A case description. - settings: - syncAlerts: true - owner: cases - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - duration: null - severity: low - closed_at: null - closed_by: null - created_at: '2022-10-13T15:33:50.604Z' - created_by: - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - status: open - updated_at: null - updated_by: null - connector: - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - fields: - issueType: '10006' - parent: null - priority: High - external_service: null - Cases_update_case_request: - summary: Update the case description, tags, and connector. - value: - cases: - - id: a18b38a0-71b0-11ea-a0b2-c51ea50a58e2 - version: WzIzLDFd - connector: - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - fields: - issueType: '10006' - priority: null - parent: null - description: A case description. - tags: - - tag-1 - settings: - syncAlerts: true - customFields: - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - Cases_update_case_response: - summary: >- - This is an example response when the case description, tags, and - connector were updated. - value: - - id: 66b9aa00-94fa-11ea-9f74-e7e108796192 - version: WzU0OCwxXQ== - comments: [] - totalComment: 0 - totalAlerts: 0 - title: Case title 1 - tags: - - tag-1 - settings: - syncAlerts: true - owner: cases - description: A case description. - duration: null - severity: low - closed_at: null - closed_by: null - created_at: '2023-10-13T09:16:17.416Z' - created_by: - email: null - full_name: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - status: open - updated_at: '2023-10-13T09:48:33.043Z' - updated_by: - email: null - full_name: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - assignees: [] - category: null - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - connector: - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - fields: - issueType: '10006' - parent: null - priority: null - external_service: - external_title: IS-4 - pushed_by: - full_name: null - email: null - username: elastic - external_url: https://hms.atlassian.net/browse/IS-4 - pushed_at: '2023-10-13T09:20:40.672Z' - connector_id: 05da469f-1fde-4058-99a3-91e4807e2de8 - external_id: '10003' - connector_name: Jira - Cases_find_case_response: - summary: >- - Retrieve the first five cases with the `tag-1` tag, in ascending order - by last update time. - value: - page: 1 - per_page: 5 - total: 1 - cases: - - id: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 - version: WzExMCwxXQ== - comments: [] - totalComment: 1 - totalAlerts: 0 - title: Case title - tags: - - tag-1 - description: Case description - settings: - syncAlerts: true - owner: cases - customFields: - - type: text - key: d312efda-ec2b-42ec-9e2c-84981795c581 - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - duration: null - severity: low - closed_at: null - closed_by: null - created_at: '2023-10-12T00:16:36.371Z' - created_by: - email: null - full_name: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - status: open - updated_at: '2023-10-12T00:27:58.162Z' - updated_by: - email: null - full_name: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - assignees: [] - category: null - connector: - id: none - name: none - type: .none - fields: null - external_service: null - count_open_cases: 1 - count_in_progress_cases: 0 - count_closed_cases: 0 - Cases_get_case_configuration_response: - summary: Get the case configuration. - value: - - id: 856ee650-6c82-11ee-a20a-6164169afa58 - closure_type: close-by-user - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - defaultValue: Custom text field value. - label: my-text-field - required: false - type: text - owner: cases - created_at: '2024-07-01T17:07:17.767Z' - created_by: - username: elastic - email: null - full_name: null - updated_at: null - updated_by: null - connector: - id: none - name: none - type: .none - fields: null - mappings: [] - version: WzEyLDNd - error: null - templates: - - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - caseFields: - title: Default case title - tags: - - Default case tag - category: Default-category - description: A default description for cases. - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - connector: - id: none - type: .none - fields: null - name: none - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - value: Default text field value. - type: text - settings: - syncAlerts: false - description: A description of the template. - tags: - - Template tag 1 - Cases_set_case_configuration_request: - summary: >- - Set the closure type, custom fields, and default connector for Stack - Management cases. - value: - owner: cases - connector: - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - fields: null - closure_type: close-by-user - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - required: false - type: text - defaultValue: My custom field default value. - templates: - - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - caseFields: - title: Default case title - tags: - - Default case tag - category: Default-category - description: A default description for cases. - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: A text field value for the template. - description: A description of the template. - tags: - - Template tag 1 - Cases_set_case_configuration_response: - summary: This is an example response for case settings. - value: - closure_type: close-by-user - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - required: false - type: text - defaultValue: My custom field default value. - templates: - - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - caseFields: - title: Default case title - tags: - - Default case tag - category: Default-category - description: A default description for cases. - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: A text field value for the template. - description: A description of the template. - tags: - - Template tag 1 - owner: cases - created_at: '2024-07-01T17:07:17.767Z' - created_by: - username: elastic - email: null, - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - updated_at: null - updated_by: null - connector: - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - fields: null - mappings: - - source: title - target: summary - action_type: overwrite - - source: description - target: description - action_type: overwrite - - source: comments - target: comments - action_type: append - - source: tags - target: labels - action_type: overwrite - version: WzIwNzMsMV0= - error: null - id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - Cases_update_case_configuration_request: - summary: Update the case settings. - value: - version: WzExOSw0XQ== - connector: - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - fields: null - closure_type: close-by-user - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - required: true - type: text - defaultValue: A new default value. - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - label: my-toggle - required: false - type: toggle - Cases_update_case_configuration_response: - summary: This is an example response when the case configuration was updated. - value: - closure_type: close-by-user - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - required: true - type: text - defaultValue: A new default value. - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - label: my-toggle - required: false - type: toggle - owner: cases - created_at: '2024-07-01T17:07:17.767Z' - created_by: - username: elastic - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - updated_at: '2024-07-19T00:52:42.401Z' - updated_by: - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - connector: - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - fields: null - mappings: - - source: title - target: summary - action_type: overwrite - - source: description - target: description - action_type: overwrite - - source: tags - target: labels - action_type: overwrite - - source: comments - target: comments - action_type: append - version: WzI2LDNd - error: null - id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - templates: [] - Cases_get_reporters_response: - summary: A list of two users that opened cases - value: - - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - - username: jdoe - full_name: Jane Doe - email: jdoe@example.com - profile_uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - Cases_get_tags_response: - summary: A list of tags that are used in cases - value: - - observability - - security - - tag 1 - - tag 2 - Cases_get_case_response: - summary: Retrieves information about a case including its comments. - value: - id: 31cdada0-02c1-11ed-85f2-4f7c222ca2fa - version: WzM2LDFd - comments: - - id: 2134c1d0-02c2-11ed-85f2-4f7c222ca2fa - version: WzM3LDFd - type: user - owner: cases - comment: A new comment - created_at: '2023-10-13T15:40:32.335Z' - created_by: - email: null - full_name: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - pushed_at: null - pushed_by: null - updated_at: null - updated_by: null - totalComment: 1 - totalAlerts: 0 - title: Case title 1 - tags: - - tag 1 - settings: - syncAlerts: true - owner: cases - category: null - customFields: - - type: text - key: d312efda-ec2b-42ec-9e2c-84981795c581 - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: A case description - duration: null - severity: low - closed_at: null - closed_by: null - created_at: '2023-10-13T15:33:50.604Z' - created_by: - username: elastic - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - status: open - updated_at: '2023-10-13T15:40:32.335Z' - updated_by: - full_name: null - email: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - connector: - id: none - name: none - type: .none - fields: null - external_service: null - Cases_get_case_observability_response: - summary: >- - Retrieves information about an Observability case including its alerts - and comments. - value: - description: An Observability case description. - owner: observability - settings: - syncAlerts: false - tags: - - observability - - tag 1 - title: Observability case title 1 - category: null - customFields: [] - assignees: - - uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - connector: - id: none - type: .none - fields: null - name: none - severity: low - status: in-progress - duration: null - closed_at: null - closed_by: null - created_at: '2023-11-06T19:29:04.086Z' - created_by: - username: elastic - full_name: null - email: null - updated_at: '2023-11-06T19:47:55.662Z' - updated_by: - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - external_service: null - id: c3ff7550-def1-4e90-b6bc-c9969a4a09b1 - version: WzI0NywyXQ== - totalComment: 1 - totalAlerts: 1 - comments: - - alertId: - - a6e12ac4-7bce-457b-84f6-d7ce8deb8446 - index: - - .internal.alerts-observability.logs.alerts-default-000001 - type: alert - rule: - id: 03e4eb87-62ca-4e5d-9570-3d7625e9669d - name: Observability rule - owner: observability - created_at: '2023-11-06T19:29:38.424Z' - created_by: - email: null - full_name: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - pushed_at: null - pushed_by: null - updated_at: null - updated_by: null - id: 59d438d0-79a9-4864-8d4b-e63adacebf6e - version: WzY3LDJd - - comment: The first comment. - type: user - owner: observability - created_at: '2023-11-06T19:29:57.812Z' - created_by: - email: null - full_name: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - pushed_at: null - pushed_by: null - updated_at: null - updated_by: null - id: d99342d3-3aa3-4b80-90ec-a702607604f5 - version: WzcyLDJd - Cases_get_case_alerts_response: - summary: Retrieves all alerts attached to a case - value: - - id: f6a7d0c3-d52d-432c-b2e6-447cd7fce04d - index: .alerts-observability.logs.alerts-default - attached_at: '2022-07-25T20:09:40.963Z' - Cases_add_comment_request: - summary: Adds a comment to a case. - value: - type: user - comment: A new comment. - owner: cases - Cases_add_comment_response: - summary: >- - The add comment to case API returns a JSON object that contains details - about the case and its comments. - value: - comments: - - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - version: WzIwNDMxLDFd - type: user - owner: cases - comment: A new comment. - created_at: '2022-10-02T00:49:47.716Z' - created_by: - username: elastic - email: null - full_name: null - totalAlerts: 0 - id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 - version: WzIzMzgsMV0= - totalComment: 1 - title: Case title 1 - tags: - - tag 1 - description: A case description. - category: null - assignees: [] - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: Field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: true - settings: - syncAlerts: false - owner: cases - duration: null - severity: low - closed_at: null - closed_by: null - created_at: '2022-03-24T00:37:03.906Z' - created_by: - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - status: open - updated_at: '2022-06-03T00:49:47.716Z' - updated_by: - username: elastic - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - connector: - id: none - name: none - type: .none - fields: null - external_service: null - Cases_update_comment_request: - summary: Updates a comment of a case. - value: - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - version: Wzk1LDFd - type: user - comment: An updated comment. - owner: cases - Cases_update_comment_response: - summary: >- - The add comment to case API returns a JSON object that contains details - about the case and its comments. - value: - comments: - - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - version: WzIwNjM3LDFd - comment: An updated comment. - type: user - owner: cases - created_at: '2023-10-24T00:37:10.832Z' - created_by: - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - pushed_at: null - pushed_by: null - updated_at: '2023-10-24T01:27:06.210Z' - updated_by: - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - totalAlerts: 0 - id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 - version: WzIwNjM2LDFd - totalComment: 1 - title: Case title 1 - tags: - - tag 1 - description: A case description. - settings: - syncAlerts: false - owner: cases - category: null - assignees: [] - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - duration: null - severity: low - closed_at: null - closed_by: null - created_at: '2023-10-24T00:37:03.906Z' - created_by: - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - status: open - updated_at: '2023-10-24T01:27:06.210Z' - updated_by: - username: elastic - full_name: null - email: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - connector: - id: none - name: none - type: .none - fields: null - external_service: null - Cases_get_comment_response: - summary: A single user comment retrieved from a case - value: - id: 8048b460-fe2b-11ec-b15d-779a7c8bbcc3 - version: WzIzLDFd - type: user - owner: cases - comment: A new comment - created_at: '2023-10-07T19:32:13.104Z' - created_by: - email: null - full_name: null - username: elastic - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - pushed_at: null - pushed_by: null - updated_at: null - updated_by: null - Cases_push_case_response: - summary: >- - The push case API returns a JSON object with details about the case and - the external service. - value: - id: b917f300-0ed9-11ed-bd18-65557fe66949 - version: WzE3NjgsM10= - comments: [] - totalComment: 0 - totalAlerts: 0 - description: A case description. - title: Case title 1 - tags: - - tag 1 - settings: - syncAlerts: true - owner: cases - duration: null - severity: low - closed_at: null - closed_by: null - created_at: '2022-07-29T00:59:39.444Z' - created_by: - username: elastic - email: null - full_name: null - status: open - updated_at: '2022-07-29T01:20:58.436Z' - updated_by: - username: elastic - full_name: null - email: null - connector: - id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 - name: My connector - type: .jira - fields: - issueType: '10006' - parent: null - priority: Low - external_service: - pushed_at: '2022-07-29T01:20:58.436Z' - pushed_by: - username: elastic - full_name: null - email: null - connector_name: My connector - external_id: '71926' - external_title: ES-554 - external_url: https://cases.jira.com - connector_id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 - Cases_find_case_activity_response: - summary: Retrieves all activity for a case - value: - page: 1 - perPage: 20 - total: 3 - userActions: - - id: b4cd0770-07c9-11ed-a5fd-47154cb8767e - action: create - comment_id: null - created_at: '2023-10-20T01:17:22.150Z' - created_by: - username: elastic - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - owner: cases - payload: - assignees: [] - connector: - name: none - type: .none - fields: null - id: none - description: A case description. - tags: - - tag 1 - title: Case title 1 - owner: cases - settings: - syncAlerts: false - severity: low - status: open - category: null - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - version: WzM1ODg4LDFd - type: create_case - - id: 57af14a0-03b1-11ed-920c-974bfa104448 - action: create - comment_id: 578608d0-03b1-11ed-920c-974bfa104448 - created_at: '2023-10-14T20:12:53.354Z' - created_by: - username: elastic - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - owner: cases - payload: - comment: A new comment - owner: cases - type: user - version: WzM1ODg4LDFa - type: comment - - id: 573c6980-6123-11ed-aa41-81a0a61fe447 - action: add - comment_id: null - created_at: '2023-10-20T01:10:28.238Z' - created_by: - username: elastic - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - owner: cases - payload: - assignees: - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - version: WzM1ODg4LDFb - type: assignees - Cases_find_connector_response: - summary: Retrieve information about the connectors and their settings. - value: - - id: 61787f53-4eee-4741-8df6-8fe84fa616f7 - actionTypeId: .jira - name: my-Jira - isMissingSecrets: false - config: - apiUrl: https://elastic.atlassian.net/ - projectKey: ES - isPreconfigured: false - isDeprecated: false - referencedByCount: 0 Connectors_create_email_connector_request: summary: Create an email connector. - value: - name: email-connector-1 - connector_type_id: .email - config: - from: tester@example.com - hasAuth: true - host: https://example.com - port: 1025 - secure: false - service: other - secrets: - user: username - password: password - Connectors_create_index_connector_request: - summary: Create an index connector. - value: - name: my-connector - connector_type_id: .index - config: - index: test-index - Connectors_create_webhook_connector_request: - summary: Create a webhook connector with SSL authentication. - value: - name: my-webhook-connector - connector_type_id: .webhook - config: - method: post - url: https://example.com - authType: webhook-authentication-ssl - certType: ssl-crt-key - secrets: - crt: QmFnIEF0dH... - key: LS0tLS1CRUdJ... - password: my-passphrase - Connectors_create_xmatters_connector_request: - summary: Create an xMatters connector with URL authentication. - value: - name: my-xmatters-connector - connector_type_id: .xmatters + value: config: - usesBasic: false + from: tester@example.com + hasAuth: true + host: 'https://example.com' + port: 1025 + secure: false + service: other + connector_type_id: .email + name: email-connector-1 secrets: - secretsUrl: https://example.com?apiKey=xxxxx + password: password + user: username Connectors_create_email_connector_response: summary: A new email connector. value: - id: 90a82c60-478f-11ee-a343-f98a117c727f - connector_type_id: .email - name: email-connector-1 config: + clientId: null from: tester@example.com - service: other - host: https://example.com + hasAuth: true + host: 'https://example.com' + oauthTokenUrl: null port: 1025 secure: false - hasAuth: true + service: other tenantId: null - clientId: null - oauthTokenUrl: null - is_preconfigured: false + connector_type_id: .email + id: 90a82c60-478f-11ee-a343-f98a117c727f is_deprecated: false is_missing_secrets: false + is_preconfigured: false is_system_action: false - Connectors_create_index_connector_response: - summary: A new index connector. + name: email-connector-1 + Connectors_create_index_connector_request: + summary: Create an index connector. value: - id: c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad + config: + index: test-index connector_type_id: .index name: my-connector + Connectors_create_index_connector_response: + summary: A new index connector. + value: config: + executionTimeField: null index: test-index refresh: false - executionTimeField: null - is_preconfigured: false + connector_type_id: .index + id: c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad is_deprecated: false is_missing_secrets: false + is_preconfigured: false is_system_action: false + name: my-connector + Connectors_create_webhook_connector_request: + summary: Create a webhook connector with SSL authentication. + value: + config: + authType: webhook-authentication-ssl + certType: ssl-crt-key + method: post + url: 'https://example.com' + connector_type_id: .webhook + name: my-webhook-connector + secrets: + crt: QmFnIEF0dH... + key: LS0tLS1CRUdJ... + password: my-passphrase Connectors_create_webhook_connector_response: summary: A new webhook connector. value: - id: 900eb010-3b9d-11ee-a642-8ffbb94e38bd - name: my-webhook-connector config: - method: post - url: https://example.com authType: webhook-authentication-ssl certType: ssl-crt-key - verificationMode: full - headers: null hasAuth: true + headers: null + method: post + url: 'https://example.com' + verificationMode: full connector_type_id: .webhook - is_preconfigured: false + id: 900eb010-3b9d-11ee-a642-8ffbb94e38bd is_deprecated: false is_missing_secrets: false + is_preconfigured: false is_system_action: false + name: my-webhook-connector + Connectors_create_xmatters_connector_request: + summary: Create an xMatters connector with URL authentication. + value: + config: + usesBasic: false + connector_type_id: .xmatters + name: my-xmatters-connector + secrets: + secretsUrl: 'https://example.com?apiKey=xxxxx' Connectors_create_xmatters_connector_response: summary: A new xMatters connector. value: - id: 4d2d8da0-4d1f-11ee-9367-577408be4681 - name: my-xmatters-connector config: - usesBasic: false configUrl: null + usesBasic: false connector_type_id: .xmatters - is_preconfigured: false + id: 4d2d8da0-4d1f-11ee-9367-577408be4681 is_deprecated: false is_missing_secrets: false + is_preconfigured: false is_system_action: false + name: my-xmatters-connector Connectors_get_connector_response: summary: Get connector details. value: - id: df770e30-8b8b-11ed-a780-3b746c987a81 - name: my_server_log_connector config: {} connector_type_id: .server-log - is_preconfigured: false + id: df770e30-8b8b-11ed-a780-3b746c987a81 is_deprecated: false is_missing_secrets: false + is_preconfigured: false is_system_action: false - Connectors_update_index_connector_request: - summary: Update an index connector. + name: my_server_log_connector + Connectors_get_connector_types_generativeai_response: + summary: A list of connector types for the `generativeAI` feature. value: - name: updated-connector - config: - index: updated-index + - enabled: true + enabled_in_config: true + enabled_in_license: true + id: .gen-ai + is_system_action_type: false + minimum_license_required: enterprise + name: OpenAI + supported_feature_ids: + - generativeAIForSecurity + - generativeAIForObservability + - generativeAIForSearchPlayground + - enabled: true + enabled_in_config: true + enabled_in_license: true + id: .bedrock + is_system_action_type: false + minimum_license_required: enterprise + name: AWS Bedrock + supported_feature_ids: + - generativeAIForSecurity + - generativeAIForObservability + - generativeAIForSearchPlayground + - enabled: true + enabled_in_config: true + enabled_in_license: true + id: .gemini + is_system_action_type: false + minimum_license_required: enterprise + name: Google Gemini + supported_feature_ids: + - generativeAIForSecurity + Connectors_get_connectors_response: + summary: A list of connectors + value: + - connector_type_id: .email + id: preconfigured-email-connector + is_deprecated: false + is_preconfigured: true + is_system_action: false + name: my-preconfigured-email-notification + referenced_by_count: 0 + - config: + executionTimeField: null + index: test-index + refresh: false + connector_type_id: .index + id: e07d0c80-8b8b-11ed-a780-3b746c987a81 + is_deprecated: false + is_missing_secrets: false + is_preconfigured: false + is_system_action: false + name: my-index-connector + referenced_by_count: 2 Connectors_run_cases_webhook_connector_request: summary: Run a Webhook - Case Management connector to create a case. value: @@ -18418,17 +10685,32 @@ components: subAction: pushToService subActionParams: comments: - - commentId: 1 - comment: A comment about the incident. + - comment: A comment about the incident. + commentId: 1 incident: - title: Case title description: Description of the incident. + id: caseID + severity: low + status: open tags: - tag1 - tag2 - severity: low - status: open - id: caseID + title: Case title + Connectors_run_cases_webhook_connector_response: + summary: >- + Response from a pushToService action for a Webhook - Case Management + connector. + value: + connector_id: 1824b5b8-c005-4dcc-adac-57f92db46459 + data: + comments: + - commentId: 1 + pushedDate: '2023-12-05T19:43:36.360Z' + id: 100665 + pushedDate: '2023-12-05T19:43:36.360Z' + title: TEST-29034 + url: 'https://example.com/browse/TEST-29034' + status: ok Connectors_run_email_connector_request: summary: Send an email message from an email connector. value: @@ -18442,36 +10724,113 @@ components: subject: Test message subject to: - user4@example.com + Connectors_run_email_connector_response: + summary: Response for sending a message from an email connector. + value: + connector_id: 7fc7b9a0-ecc9-11ec-8736-e7d63118c907 + data: + accepted: + - user1@example.com + - user2@example.com + - user3@example.com + - user4@example.com + envelope: + from: tester@example.com + to: + - user1@example.com + - user2@example.com + - user3@example.com + - user4@example.com + envelopeTime: 8 + messageId: <08a92d29-642a-0706-750c-de5996bd5cf3@example.com> + messageSize: 729 + messageTime: 3 + rejected: [] + response: 250 Message queued as QzEXKcGJ + status: ok Connectors_run_index_connector_request: summary: Run an index connector. value: params: documents: - id: my_doc_id + message: 'hello, world' name: my_doc_name - message: hello, world + Connectors_run_index_connector_response: + summary: Response from running an index connector. + value: + connector_id: fd38c600-96a5-11ed-bb79-353b74189cba + data: + errors: false + items: + - create: + _id: 4JtvwYUBrcyxt2NnfW3y + _index: my-index + _primary_term: 1 + _seq_no: 0 + _shards: + failed: 0 + successful: 1 + total: 2 + _version: 1 + result: created + status: 201 + took: 135 + status: ok Connectors_run_jira_connector_request: summary: Run a Jira connector to retrieve the list of issue types. value: params: subAction: issueTypes + Connectors_run_jira_connector_response: + summary: Response from retrieving the list of issue types for a Jira connector. + value: + connector_id: b3aad810-edbe-11ec-82d1-11348ecbf4a6 + data: + - id: 10024 + name: Improvement + - id: 10006 + name: Task + - id: 10007 + name: Sub-task + - id: 10025 + name: New Feature + - id: 10023 + name: Bug + - id: 10000 + name: Epic + status: ok Connectors_run_pagerduty_connector_request: summary: Run a PagerDuty connector to trigger an alert. value: params: + customDetails: + my_data_1: test data eventAction: trigger - summary: A brief event summary links: - - href: http://example.com/pagerduty + - href: 'http://example.com/pagerduty' text: An example link - customDetails: - my_data_1: test data + summary: A brief event summary + Connectors_run_pagerduty_connector_response: + summary: Response from running a PagerDuty connector. + value: + connector_id: 45de9f70-954f-4608-b12a-db7cf808e49d + data: + dedup_key: 5115e138b26b484a81eaea779faa6016 + message: Event processed + status: success + status: ok Connectors_run_server_log_connector_request: summary: Run a server log connector. value: params: level: warn message: Test warning message. + Connectors_run_server_log_connector_response: + summary: Response from running a server log connector. + value: + connector_id: 7fc7b9a0-ecc9-11ec-8736-e7d63118c907 + status: ok Connectors_run_servicenow_itom_connector_request: summary: Run a ServiceNow ITOM connector to retrieve the list of choices. value: @@ -18481,6 +10840,50 @@ components: fields: - severity - urgency + Connectors_run_servicenow_itom_connector_response: + summary: >- + Response from retrieving the list of choices for a ServiceNow ITOM + connector. + value: + connector_id: 9d9be270-2fd2-11ed-b0e0-87533c532698 + data: + - dependent_value: '' + element: severity + label: Critical + value: 1 + - dependent_value: '' + element: severity + label: Major + value: 2 + - dependent_value: '' + element: severity + label: Minor + value: 3 + - dependent_value: '' + element: severity + label: Warning + value: 4 + - dependent_value: '' + element: severity + label: OK + value: 5 + - dependent_value: '' + element: severity + label: Clear + value: 0 + - dependent_value: '' + element: urgency + label: 1 - High + value: 1 + - dependent_value: '' + element: urgency + label: 2 - Medium + value: 2 + - dependent_value: '' + element: urgency + label: 3 - Low + value: 3 + status: ok Connectors_run_slack_api_connector_request: summary: >- Run a Slack connector that uses the web API method to post a message on @@ -18492,6 +10895,40 @@ components: channelIds: - C123ABC456 text: A test message. + Connectors_run_slack_api_connector_response: + summary: Response from posting a message with a Slack connector. + value: + connector_id: .slack_api + data: + channel: C123ABC456 + message: + app_id: A01BC2D34EF + blocks: + - block_id: /NXe + elements: + - elements: + - text: A test message. + type: text + type: rich_text_section + type: rich_text + bot_id: B12BCDEFGHI + bot_profile: + app_id: A01BC2D34EF + deleted: false + icons: + image_36: 'https://a.slack-edge.com/80588/img/plugins/app/bot_36.png' + id: B12BCDEFGHI + name: test + team_id: T01ABCDE2F + updated: 1672169705 + team: T01ABCDE2F + text: A test message + ts: '1234567890.123456' + type: message + user: U12A345BC6D + ok: true + ts: '1234567890.123456' + status: ok Connectors_run_swimlane_connector_request: summary: Run a Swimlane connector to create an incident. value: @@ -18499,1973 +10936,18145 @@ components: subAction: pushToService subActionParams: comments: - - commentId: 1 - comment: A comment about the incident. + - comment: A comment about the incident. + commentId: 1 incident: caseId: '1000' caseName: Case name description: Description of the incident. - Connectors_run_cases_webhook_connector_response: - summary: >- - Response from a pushToService action for a Webhook - Case Management - connector. + Connectors_run_swimlane_connector_response: + summary: Response from creating a Swimlane incident. value: - connector_id: 1824b5b8-c005-4dcc-adac-57f92db46459 + connector_id: a4746470-2f94-11ed-b0e0-87533c532698 data: - id: 100665 - title: TEST-29034 - url: https://example.com/browse/TEST-29034 - pushedDate: '2023-12-05T19:43:36.360Z' comments: - commentId: 1 - pushedDate: '2023-12-05T19:43:36.360Z' + pushedDate: '2022-09-08T16:52:27.865Z' + id: aKPmBHWzmdRQtx6Mx + pushedDate: '2022-09-08T16:52:27.866Z' + title: TEST-457 + url: >- + https://elastic.swimlane.url.us/record/aNcL2xniGHGpa2AHb/aKPmBHWzmdRQtx6Mx status: ok - Connectors_run_email_connector_response: - summary: Response for sending a message from an email connector. + Connectors_update_index_connector_request: + summary: Update an index connector. value: - connector_id: 7fc7b9a0-ecc9-11ec-8736-e7d63118c907 - data: - accepted: - - user1@example.com - - user2@example.com - - user3@example.com - - user4@example.com - envelope: - from: tester@example.com - to: - - user1@example.com - - user2@example.com - - user3@example.com - - user4@example.com - envelopeTime: 8 - messageTime: 3 - messageSize: 729 - response: 250 Message queued as QzEXKcGJ - messageId: <08a92d29-642a-0706-750c-de5996bd5cf3@example.com> - rejected: [] - status: ok - Connectors_run_index_connector_response: - summary: Response from running an index connector. + config: + index: updated-index + name: updated-connector + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. + value: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: 'emit(doc[''shape_name''].value)' + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: 'emit(doc["foo"].value)' + type: long + Data_views_get_data_view_response: + summary: >- + The get data view API returns a JSON object that contains information + about the data view. + value: + data_view: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: '$0,0.00' + products.base_unit_price: + id: number + params: + pattern: '$0,0.00' + products.min_price: + id: number + params: + pattern: '$0,0.00' + products.price: + id: number + params: + pattern: '$0,0.00' + products.taxful_price: + id: number + params: + pattern: '$0,0.00' + products.taxless_price: + id: number + params: + pattern: '$0,0.00' + taxful_total_price: + id: number + params: + pattern: '$0,0.[00]' + taxless_total_price: + id: number + params: + pattern: '$0,0.00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category + type: string + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name + type: string + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name + type: string + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name + type: string + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + email: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer + type: string + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id + type: string + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category + type: string + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer + type: string + products.min_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.price: + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.product_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.product_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.product_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.product_name + type: string + products.quantity: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: products.quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.tax_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.tax_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxful_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.taxful_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + taxful_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.[00]' + isMapped: true + name: taxful_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + taxless_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: '$0,0.00' + isMapped: true + name: taxless_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_unique_products + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + type: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: type + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + user: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: user + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. value: - connector_id: fd38c600-96a5-11ed-bb79-353b74189cba - data: - errors: false - items: - - create: - _id: 4JtvwYUBrcyxt2NnfW3y - _index: my-index - _primary_term: 1 - _seq_no: 0 - _shards: - failed: 0 - successful: 1 - total: 2 - _version: 1 - result: created - status: 201 - took: 135 - status: ok - Connectors_run_jira_connector_response: - summary: Response from retrieving the list of issue types for a Jira connector. + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. value: - connector_id: b3aad810-edbe-11ec-82d1-11348ecbf4a6 - data: - - id: 10024 - name: Improvement - - id: 10006 - name: Task - - id: 10007 - name: Sub-task - - id: 10025 - name: New Feature - - id: 10023 - name: Bug - - id: 10000 - name: Epic - status: ok - Connectors_run_pagerduty_connector_response: - summary: Response from running a PagerDuty connector. + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: '$0,0.[00]' + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: '$0,0.[00]' + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightDelayType + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightNum: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightNum + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeMin: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: 'emit(doc[''timestamp''].value.getHour());' + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Origin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: OriginLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + OriginRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: 'emit(doc[''timestamp''].value.getHour());' + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: 'emit(doc[''timestamp''].value.getHour());' + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". value: - connector_id: 45de9f70-954f-4608-b12a-db7cf808e49d - data: - dedup_key: 5115e138b26b484a81eaea779faa6016 - message: Event processed - status: success - status: ok - Connectors_run_server_log_connector_response: - summary: Response from running a server log connector. + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. value: - connector_id: 7fc7b9a0-ecc9-11ec-8736-e7d63118c907 - status: ok - Connectors_run_servicenow_itom_connector_response: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: summary: >- - Response from retrieving the list of choices for a ServiceNow ITOM - connector. + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. value: - connector_id: 9d9be270-2fd2-11ed-b0e0-87533c532698 - data: - - dependent_value: '' - element: severity - label: Critical - value: 1 - - dependent_value: '' - element: severity - label: Major - value: 2 - - dependent_value: '' - element: severity - label: Minor - value: 3 - - dependent_value: '' - element: severity - label: Warning - value: 4 - - dependent_value: '' - element: severity - label: OK - value: 5 - - dependent_value: '' - element: severity - label: Clear - value: 0 - - dependent_value: '' - element: urgency - label: 1 - High - value: 1 - - dependent_value: '' - element: urgency - label: 2 - Medium - value: 2 - - dependent_value: '' - element: urgency - label: 3 - Low - value: 3 - status: ok - Connectors_run_slack_api_connector_response: - summary: Response from posting a message with a Slack connector. + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. value: - status: ok - data: - ok: true - channel: C123ABC456 - ts: '1234567890.123456' - message: - bot_id: B12BCDEFGHI - type: message - text: A test message - user: U12A345BC6D - ts: '1234567890.123456' - app_id: A01BC2D34EF - blocks: - - type: rich_text - block_id: /NXe - elements: - - type: rich_text_section - elements: - - type: text - text: A test message. - team: T01ABCDE2F - bot_profile: - id: B12BCDEFGHI - app_id: A01BC2D34EF - name: test - icons: - image_36: https://a.slack-edge.com/80588/img/plugins/app/bot_36.png - deleted: false - updated: 1672169705 - team_id: T01ABCDE2F - connector_id: .slack_api - Connectors_run_swimlane_connector_response: - summary: Response from creating a Swimlane incident. + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. value: - connector_id: a4746470-2f94-11ed-b0e0-87533c532698 - data: - id: aKPmBHWzmdRQtx6Mx - title: TEST-457 - url: >- - https://elastic.swimlane.url.us/record/aNcL2xniGHGpa2AHb/aKPmBHWzmdRQtx6Mx - pushedDate: '2022-09-08T16:52:27.866Z' - comments: - - commentId: 1 - pushedDate: '2022-09-08T16:52:27.865Z' - status: ok - Connectors_get_connectors_response: - summary: A list of connectors + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. value: - - id: preconfigured-email-connector - name: my-preconfigured-email-notification - connector_type_id: .email - is_preconfigured: true - is_deprecated: false - referenced_by_count: 0 - is_system_action: false - - id: e07d0c80-8b8b-11ed-a780-3b746c987a81 - name: my-index-connector - config: - index: test-index - refresh: false - executionTimeField: null - connector_type_id: .index - is_preconfigured: false - is_deprecated: false - referenced_by_count: 2 - is_missing_secrets: false - is_system_action: false - Connectors_get_connector_types_generativeai_response: - summary: A list of connector types for the `generativeAI` feature. + runtimeField: + script: + source: 'emit(doc["bar"].value)' + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. value: - - id: .gen-ai - name: OpenAI - enabled: true - enabled_in_config: true - enabled_in_license: true - minimum_license_required: enterprise - supported_feature_ids: - - generativeAIForSecurity - - generativeAIForObservability - - generativeAIForSearchPlayground - is_system_action_type: false - - id: .bedrock - name: AWS Bedrock - enabled: true - enabled_in_config: true - enabled_in_license: true - minimum_license_required: enterprise - supported_feature_ids: - - generativeAIForSecurity - - generativeAIForObservability - - generativeAIForSearchPlayground - is_system_action_type: false - - id: .gemini - name: Google Gemini - enabled: true - enabled_in_config: true - enabled_in_license: true - minimum_license_required: enterprise - supported_feature_ids: - - generativeAIForSecurity - is_system_action_type: false - Data_views_get_data_views_response: - summary: The get all data views API returns a list of data views. + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Saved_objects_export_objects_request: + summary: Export a specific saved object. value: - data_view: - - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - namespaces: - - default - title: kibana_sample_data_ecommerce - typeMeta: {} - name: Kibana Sample Data eCommerce - - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - namespaces: - - default - title: kibana_sample_data_flights - name: Kibana Sample Data Flights + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - namespaces: - - default - title: kibana_sample_data_logs - name: Kibana Sample Data Logs - Data_views_create_data_view_request: - summary: Create a data view with runtime fields. + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Saved_objects_import_objects_request: value: - data_view: - title: logstash-* - name: My Logstash data view - runtimeFieldMap: - runtime_shape_name: - type: keyword - script: - source: emit(doc['shape_name'].value) - Data_views_get_data_view_response: + file: file.ndjson + Saved_objects_import_objects_response: summary: >- - The get data view API returns a JSON object that contains information - about the data view. + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. value: - data_view: - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - version: WzUsMV0= - title: kibana_sample_data_ecommerce - timeFieldName: order_date - sourceFilters: [] - fields: - _id: - count: 0 - name: _id + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + Saved_objects_key_rotation_response: + summary: Encryption key rotation using default parameters. + value: + failed: 0 + successful: 300 + total: 1000 + Saved_objects_resolve_missing_reference_request: + value: + file: file.ndjson + retries: + - id: my-pattern + overwrite: true + type: index-pattern + - destinationId: another-vis + id: my-vis + overwrite: true + type: visualization + - destinationId: yet-another-canvas + id: my-canvas + overwrite: true + type: canvas + - id: my-dashboard + type: dashboard + Saved_objects_resolve_missing_reference_response: + summary: Resolve missing reference errors. + value: + success: true + successCount: 3 + successResults: + - id: my-vis + meta: + icon: visualizeApp + title: Look at my visualization + type: visualization + - id: my-search + meta: + icon: searchApp + title: Look at my search + type: search + - id: my-dashboard + meta: + icon: dashboardApp + title: Look at my dashboard + type: dashboard + parameters: + Connectors_action_id: + description: An identifier for the action. + in: path + name: actionId + required: true + schema: + example: c55b6eb0-6bad-11eb-9f3b-611eebc6c3ad + type: string + Connectors_connector_id: + description: An identifier for the connector. + in: path + name: connectorId + required: true + schema: + example: df770e30-8b8b-11ed-a780-3b746c987a81 + type: string + Connectors_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Saved_objects_saved_object_id: + description: An identifier for the saved object. + in: path + name: id + required: true + schema: + type: string + Saved_objects_saved_object_type: + description: >- + Valid options include `visualization`, `dashboard`, `search`, + `index-pattern`, `config`. + in: path + name: type + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + responses: + Connectors_200_actions: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Connectors_action_response_properties' + description: Indicates a successful call. + Connectors_401: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + properties: + error: + enum: + - Unauthorized + example: Unauthorized + type: string + message: + type: string + statusCode: + enum: + - 401 + example: 401 + type: integer + title: Unauthorized response + type: object + description: Authorization information is missing or invalid. + Connectors_404: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [action/baf33fc0-920c-11ed-b36a-874bd1548a00] not + found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + title: Not found response + type: object + description: Object is not found. + schemas: + Connectors_action_response_properties: + description: The properties vary depending on the action type. + properties: + actionTypeId: + type: string + config: + type: object + id: + type: string + isDeprecated: + description: Indicates whether the action type is deprecated. + type: boolean + isMissingSecrets: + description: Indicates whether secrets are missing for the action. + type: boolean + isPreconfigured: + description: Indicates whether it is a preconfigured action. + type: boolean + name: + type: string + title: Action response properties + type: object + Connectors_config_properties_bedrock: + description: Defines properties for connectors when type is `.bedrock`. + properties: + apiUrl: + description: The Amazon Bedrock request URL. + type: string + defaultModel: + default: 'anthropic.claude-3-5-sonnet-20240620-v1:0' + description: > + The generative artificial intelligence model for Amazon Bedrock to + use. Current support is for the Anthropic Claude models. + type: string + required: + - apiUrl + title: Connector request properties for an Amazon Bedrock connector + type: object + Connectors_config_properties_cases_webhook: + description: Defines properties for connectors when type is `.cases-webhook`. + type: object + properties: + createCommentJson: + description: > + A JSON payload sent to the create comment URL to create a case + comment. You can use variables to add Kibana Cases data to the + payload. The required variable is `case.comment`. Due to Mustache + template variables (the text enclosed in triple braces, for example, + `{{{case.title}}}`), the JSON is not validated when you create the + connector. The JSON is validated once the Mustache variables have + been placed when the REST method runs. Manually ensure that the JSON + is valid, disregarding the Mustache variables, so the later + validation will pass. + example: '{"body": {{{case.comment}}}}' + type: string + createCommentMethod: + default: put + description: > + The REST API HTTP request method to create a case comment in the + third-party system. Valid values are `patch`, `post`, and `put`. + enum: + - patch + - post + - put + type: string + createCommentUrl: + description: > + The REST API URL to create a case comment by ID in the third-party + system. You can use a variable to add the external system ID to the + URL. If you are using the `xpack.actions.allowedHosts setting`, add + the hostname to the allowed hosts. + example: 'https://example.com/issue/{{{external.system.id}}}/comment' + type: string + createIncidentJson: + description: > + A JSON payload sent to the create case URL to create a case. You can + use variables to add case data to the payload. Required variables + are `case.title` and `case.description`. Due to Mustache template + variables (which is the text enclosed in triple braces, for example, + `{{{case.title}}}`), the JSON is not validated when you create the + connector. The JSON is validated after the Mustache variables have + been placed when REST method runs. Manually ensure that the JSON is + valid to avoid future validation errors; disregard Mustache + variables during your review. + example: >- + {"fields": {"summary": {{{case.title}}},"description": + {{{case.description}}},"labels": {{{case.tags}}}}} + type: string + createIncidentMethod: + default: post + description: > + The REST API HTTP request method to create a case in the third-party + system. Valid values are `patch`, `post`, and `put`. + enum: + - patch + - post + - put + type: string + createIncidentResponseKey: + description: >- + The JSON key in the create external case response that contains the + case ID. + type: string + createIncidentUrl: + description: > + The REST API URL to create a case in the third-party system. If you + are using the `xpack.actions.allowedHosts` setting, add the hostname + to the allowed hosts. + type: string + getIncidentResponseExternalTitleKey: + description: >- + The JSON key in get external case response that contains the case + title. + type: string + getIncidentUrl: + description: > + The REST API URL to get the case by ID from the third-party system. + If you are using the `xpack.actions.allowedHosts` setting, add the + hostname to the allowed hosts. You can use a variable to add the + external system ID to the URL. Due to Mustache template variables + (the text enclosed in triple braces, for example, + `{{{case.title}}}`), the JSON is not validated when you create the + connector. The JSON is validated after the Mustache variables have + been placed when REST method runs. Manually ensure that the JSON is + valid, disregarding the Mustache variables, so the later validation + will pass. + example: 'https://example.com/issue/{{{external.system.id}}}' + type: string + hasAuth: + default: true + description: >- + If true, a username and password for login type authentication must + be provided. + type: boolean + headers: + description: > + A set of key-value pairs sent as headers with the request URLs for + the create case, update case, get case, and create comment methods. + type: string + updateIncidentJson: + description: > + The JSON payload sent to the update case URL to update the case. You + can use variables to add Kibana Cases data to the payload. Required + variables are `case.title` and `case.description`. Due to Mustache + template variables (which is the text enclosed in triple braces, for + example, `{{{case.title}}}`), the JSON is not validated when you + create the connector. The JSON is validated after the Mustache + variables have been placed when REST method runs. Manually ensure + that the JSON is valid to avoid future validation errors; disregard + Mustache variables during your review. + example: >- + {"fields": {"summary": {{{case.title}}},"description": + {{{case.description}}},"labels": {{{case.tags}}}}} + type: string + updateIncidentMethod: + default: put + description: > + The REST API HTTP request method to update the case in the + third-party system. Valid values are `patch`, `post`, and `put`. + enum: + - patch + - post + - put + type: string + updateIncidentUrl: + description: > + The REST API URL to update the case by ID in the third-party system. + You can use a variable to add the external system ID to the URL. If + you are using the `xpack.actions.allowedHosts` setting, add the + hostname to the allowed hosts. + example: 'https://example.com/issue/{{{external.system.ID}}}' + type: string + viewIncidentUrl: + description: > + The URL to view the case in the external system. You can use + variables to add the external system ID or external system title to + the URL. + example: >- + https://testing-jira.atlassian.net/browse/{{{external.system.title}}} + type: string + required: + - createIncidentJson + - createIncidentResponseKey + - createIncidentUrl + - getIncidentResponseExternalTitleKey + - getIncidentUrl + - updateIncidentJson + - updateIncidentUrl + - viewIncidentUrl + title: Connector request properties for Webhook - Case Management connector + Connectors_config_properties_d3security: + description: Defines properties for connectors when type is `.d3security`. + properties: + url: + description: > + The D3 Security API request URL. If you are using the + `xpack.actions.allowedHosts` setting, add the hostname to the + allowed hosts. + type: string + required: + - url + title: Connector request properties for a D3 Security connector + type: object + Connectors_config_properties_email: + description: Defines properties for connectors when type is `.email`. + type: object + properties: + clientId: + description: > + The client identifier, which is a part of OAuth 2.0 client + credentials authentication, in GUID format. If `service` is + `exchange_server`, this property is required. + nullable: true + type: string + from: + description: > + The from address for all emails sent by the connector. It must be + specified in `user@host-name` format. + type: string + hasAuth: + default: true + description: > + Specifies whether a user and password are required inside the + secrets configuration. + type: boolean + host: + description: > + The host name of the service provider. If the `service` is + `elastic_cloud` (for Elastic Cloud notifications) or one of + Nodemailer's well-known email service providers, this property is + ignored. If `service` is `other`, this property must be defined. + type: string + oauthTokenUrl: + nullable: true + type: string + port: + description: > + The port to connect to on the service provider. If the `service` is + `elastic_cloud` (for Elastic Cloud notifications) or one of + Nodemailer's well-known email service providers, this property is + ignored. If `service` is `other`, this property must be defined. + type: integer + secure: + description: > + Specifies whether the connection to the service provider will use + TLS. If the `service` is `elastic_cloud` (for Elastic Cloud + notifications) or one of Nodemailer's well-known email service + providers, this property is ignored. + type: boolean + service: + description: | + The name of the email service. + enum: + - elastic_cloud + - exchange_server + - gmail + - other + - outlook365 + - ses + type: string + tenantId: + description: > + The tenant identifier, which is part of OAuth 2.0 client credentials + authentication, in GUID format. If `service` is `exchange_server`, + this property is required. + nullable: true + type: string + required: + - from + title: Connector request properties for an email connector + Connectors_config_properties_gemini: + description: Defines properties for connectors when type is `.gemini`. + properties: + apiUrl: + description: The Google Gemini request URL. + type: string + defaultModel: + default: gemini-1.5-pro-001 + description: >- + The generative artificial intelligence model for Google Gemini to + use. + type: string + gcpProjectID: + description: The Google ProjectID that has Vertex AI endpoint enabled. + type: string + gcpRegion: + description: The GCP region where the Vertex AI endpoint enabled. + type: string + required: + - apiUrl + - gcpRegion + - gcpProjectID + title: Connector request properties for an Google Gemini connector + type: object + Connectors_config_properties_genai: + description: Defines properties for connectors when type is `.gen-ai`. + discriminator: + mapping: + Azure OpenAI: '#/components/schemas/Connectors_config_properties_genai_azure' + OpenAI: '#/components/schemas/Connectors_config_properties_genai_openai' + propertyName: apiProvider + oneOf: + - $ref: '#/components/schemas/Connectors_config_properties_genai_azure' + - $ref: '#/components/schemas/Connectors_config_properties_genai_openai' + title: Connector request properties for an OpenAI connector + Connectors_config_properties_genai_azure: + description: > + Defines properties for connectors when type is `.gen-ai` and the API + provider is `Azure OpenAI'. + properties: + apiProvider: + description: The OpenAI API provider. + enum: + - Azure OpenAI + type: string + apiUrl: + description: The OpenAI API endpoint. + type: string + required: + - apiProvider + - apiUrl + title: >- + Connector request properties for an OpenAI connector that uses Azure + OpenAI + type: object + Connectors_config_properties_genai_openai: + description: > + Defines properties for connectors when type is `.gen-ai` and the API + provider is `OpenAI'. + properties: + apiProvider: + description: The OpenAI API provider. + enum: + - OpenAI + type: string + apiUrl: + description: The OpenAI API endpoint. + type: string + defaultModel: + description: The default model to use for requests. + type: string + required: + - apiProvider + - apiUrl + title: Connector request properties for an OpenAI connector + type: object + Connectors_config_properties_index: + description: Defines properties for connectors when type is `.index`. + type: object + properties: + executionTimeField: + default: null + description: A field that indicates when the document was indexed. + nullable: true + type: string + index: + description: The Elasticsearch index to be written to. + type: string + refresh: + default: false + description: > + The refresh policy for the write request, which affects when changes + are made visible to search. Refer to the refresh setting for + Elasticsearch document APIs. + type: boolean + required: + - index + title: Connector request properties for an index connector + Connectors_config_properties_jira: + description: Defines properties for connectors when type is `.jira`. + type: object + properties: + apiUrl: + description: The Jira instance URL. + type: string + projectKey: + description: The Jira project key. + type: string + required: + - apiUrl + - projectKey + title: Connector request properties for a Jira connector + Connectors_config_properties_opsgenie: + description: Defines properties for connectors when type is `.opsgenie`. + type: object + properties: + apiUrl: + description: > + The Opsgenie URL. For example, `https://api.opsgenie.com` or + `https://api.eu.opsgenie.com`. If you are using the + `xpack.actions.allowedHosts` setting, add the hostname to the + allowed hosts. + type: string + required: + - apiUrl + title: Connector request properties for an Opsgenie connector + Connectors_config_properties_pagerduty: + description: Defines properties for connectors when type is `.pagerduty`. + properties: + apiUrl: + description: The PagerDuty event URL. + example: 'https://events.pagerduty.com/v2/enqueue' + nullable: true + type: string + title: Connector request properties for a PagerDuty connector + type: object + Connectors_config_properties_resilient: + description: Defines properties for connectors when type is `.resilient`. + type: object + properties: + apiUrl: + description: The IBM Resilient instance URL. + type: string + orgId: + description: The IBM Resilient organization ID. + type: string + required: + - apiUrl + - orgId + title: Connector request properties for a IBM Resilient connector + Connectors_config_properties_sentinelone: + description: Defines properties for connectors when type is `.sentinelone`. + type: object + properties: + url: + description: > + The SentinelOne tenant URL. If you are using the + `xpack.actions.allowedHosts` setting, add the hostname to the + allowed hosts. + type: string + required: + - url + title: Connector request properties for a SentinelOne connector + Connectors_config_properties_servicenow: + description: Defines properties for connectors when type is `.servicenow`. + type: object + properties: + apiUrl: + description: The ServiceNow instance URL. + type: string + clientId: + description: > + The client ID assigned to your OAuth application. This property is + required when `isOAuth` is `true`. + type: string + isOAuth: + default: false + description: > + The type of authentication to use. The default value is false, which + means basic authentication is used instead of open authorization + (OAuth). + type: boolean + jwtKeyId: + description: > + The key identifier assigned to the JWT verifier map of your OAuth + application. This property is required when `isOAuth` is `true`. + type: string + userIdentifierValue: + description: > + The identifier to use for OAuth authentication. This identifier + should be the user field you selected when you created an OAuth JWT + API endpoint for external clients in your ServiceNow instance. For + example, if the selected user field is `Email`, the user identifier + should be the user's email address. This property is required when + `isOAuth` is `true`. + type: string + usesTableApi: + default: true + description: > + Determines whether the connector uses the Table API or the Import + Set API. This property is supported only for ServiceNow ITSM and + ServiceNow SecOps connectors. NOTE: If this property is set to + `false`, the Elastic application should be installed in ServiceNow. + type: boolean + required: + - apiUrl + title: Connector request properties for a ServiceNow ITSM connector + Connectors_config_properties_servicenow_itom: + description: Defines properties for connectors when type is `.servicenow`. + type: object + properties: + apiUrl: + description: The ServiceNow instance URL. + type: string + clientId: + description: > + The client ID assigned to your OAuth application. This property is + required when `isOAuth` is `true`. + type: string + isOAuth: + default: false + description: > + The type of authentication to use. The default value is false, which + means basic authentication is used instead of open authorization + (OAuth). + type: boolean + jwtKeyId: + description: > + The key identifier assigned to the JWT verifier map of your OAuth + application. This property is required when `isOAuth` is `true`. + type: string + userIdentifierValue: + description: > + The identifier to use for OAuth authentication. This identifier + should be the user field you selected when you created an OAuth JWT + API endpoint for external clients in your ServiceNow instance. For + example, if the selected user field is `Email`, the user identifier + should be the user's email address. This property is required when + `isOAuth` is `true`. + type: string + required: + - apiUrl + title: Connector request properties for a ServiceNow ITSM connector + Connectors_config_properties_slack_api: + description: Defines properties for connectors when type is `.slack_api`. + properties: + allowedChannels: + description: A list of valid Slack channels. + items: + maxItems: 25 + type: object + properties: + id: + description: The Slack channel ID. + example: C123ABC456 + minLength: 1 + type: string + name: + description: The Slack channel name. + minLength: 1 + type: string + required: + - id + - name + type: array + title: Connector request properties for a Slack connector + type: object + Connectors_config_properties_swimlane: + description: Defines properties for connectors when type is `.swimlane`. + type: object + properties: + apiUrl: + description: The Swimlane instance URL. + type: string + appId: + description: The Swimlane application ID. + type: string + connectorType: + description: >- + The type of connector. Valid values are `all`, `alerts`, and + `cases`. + enum: + - all + - alerts + - cases + type: string + mappings: + description: The field mapping. + properties: + alertIdConfig: + description: Mapping for the alert ID. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Alert identifier mapping + type: object + caseIdConfig: + description: Mapping for the case ID. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Case identifier mapping + type: object + caseNameConfig: + description: Mapping for the case name. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Case name mapping + type: object + commentsConfig: + description: Mapping for the case comments. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Case comment mapping + type: object + descriptionConfig: + description: Mapping for the case description. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Case description mapping + type: object + ruleNameConfig: + description: Mapping for the name of the alert's rule. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Rule name mapping + type: object + severityConfig: + description: Mapping for the severity. + properties: + fieldType: + description: The type of field in Swimlane. + type: string + id: + description: The identifier for the field in Swimlane. + type: string + key: + description: The key for the field in Swimlane. + type: string + name: + description: The name of the field in Swimlane. + type: string + required: + - fieldType + - id + - key + - name + title: Severity mapping + type: object + title: Connector mappings properties for a Swimlane connector + type: object + required: + - apiUrl + - appId + - connectorType + title: Connector request properties for a Swimlane connector + Connectors_config_properties_tines: + description: Defines properties for connectors when type is `.tines`. + properties: + url: + description: > + The Tines tenant URL. If you are using the + `xpack.actions.allowedHosts` setting, make sure this hostname is + added to the allowed hosts. + type: string + required: + - url + title: Connector request properties for a Tines connector + type: object + Connectors_config_properties_torq: + description: Defines properties for connectors when type is `.torq`. + properties: + webhookIntegrationUrl: + description: The endpoint URL of the Elastic Security integration in Torq. + type: string + required: + - webhookIntegrationUrl + title: Connector request properties for a Torq connector + type: object + Connectors_config_properties_webhook: + description: Defines properties for connectors when type is `.webhook`. + properties: + authType: + description: | + The type of authentication to use: basic, SSL, or none. + enum: + - webhook-authentication-basic + - webhook-authentication-ssl + nullable: true + type: string + ca: + description: > + A base64 encoded version of the certificate authority file that the + connector can trust to sign and validate certificates. This option + is available for all authentication types. + type: string + certType: + description: > + If the `authType` is `webhook-authentication-ssl`, specifies whether + the certificate authentication data is in a CRT and key file format + or a PFX file format. + enum: + - ssl-crt-key + - ssl-pfx + type: string + hasAuth: + description: > + If `true`, a user name and password must be provided for login type + authentication. + type: boolean + headers: + description: A set of key-value pairs sent as headers with the request. + nullable: true + type: object + method: + default: post + description: | + The HTTP request method, either `post` or `put`. + enum: + - post + - put + type: string + url: + description: > + The request URL. If you are using the `xpack.actions.allowedHosts` + setting, add the hostname to the allowed hosts. + type: string + verificationMode: + default: full + description: > + Controls the verification of certificates. Use `full` to validate + that the certificate has an issue date within the `not_before` and + `not_after` dates, chains to a trusted certificate authority (CA), + and has a hostname or IP address that matches the names within the + certificate. Use `certificate` to validate the certificate and + verify that it is signed by a trusted authority; this option does + not check the certificate hostname. Use `none` to skip certificate + validation. + enum: + - certificate + - full + - none + type: string + title: Connector request properties for a Webhook connector + type: object + Connectors_config_properties_xmatters: + description: Defines properties for connectors when type is `.xmatters`. + properties: + configUrl: + description: > + The request URL for the Elastic Alerts trigger in xMatters. It is + applicable only when `usesBasic` is `true`. + nullable: true + type: string + usesBasic: + default: true + description: >- + Specifies whether the connector uses HTTP basic authentication + (`true`) or URL authentication (`false`). + type: boolean + title: Connector request properties for an xMatters connector + type: object + Connectors_connector_response_properties: + description: The properties vary depending on the connector type. + discriminator: + mapping: + .bedrock: >- + #/components/schemas/Connectors_connector_response_properties_bedrock + .cases-webhook: >- + #/components/schemas/Connectors_connector_response_properties_cases_webhook + .d3security: >- + #/components/schemas/Connectors_connector_response_properties_d3security + .email: '#/components/schemas/Connectors_connector_response_properties_email' + .gemini: '#/components/schemas/Connectors_connector_response_properties_gemini' + .gen-ai: '#/components/schemas/Connectors_connector_response_properties_genai' + .index: '#/components/schemas/Connectors_connector_response_properties_index' + .jira: '#/components/schemas/Connectors_connector_response_properties_jira' + .opsgenie: >- + #/components/schemas/Connectors_connector_response_properties_opsgenie + .pagerduty: >- + #/components/schemas/Connectors_connector_response_properties_pagerduty + .resilient: >- + #/components/schemas/Connectors_connector_response_properties_resilient + .sentinelone: >- + #/components/schemas/Connectors_connector_response_properties_sentinelone + .server-log: >- + #/components/schemas/Connectors_connector_response_properties_serverlog + .servicenow: >- + #/components/schemas/Connectors_connector_response_properties_servicenow + .servicenow-itom: >- + #/components/schemas/Connectors_connector_response_properties_servicenow_itom + .servicenow-sir: >- + #/components/schemas/Connectors_connector_response_properties_servicenow_sir + .slack: >- + #/components/schemas/Connectors_connector_response_properties_slack_webhook + .slack_api: >- + #/components/schemas/Connectors_connector_response_properties_slack_api + .swimlane: >- + #/components/schemas/Connectors_connector_response_properties_swimlane + .teams: '#/components/schemas/Connectors_connector_response_properties_teams' + .tines: '#/components/schemas/Connectors_connector_response_properties_tines' + .torq: '#/components/schemas/Connectors_connector_response_properties_torq' + .webhook: >- + #/components/schemas/Connectors_connector_response_properties_webhook + .xmatters: >- + #/components/schemas/Connectors_connector_response_properties_xmatters + propertyName: connector_type_id + oneOf: + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_bedrock + - $ref: '#/components/schemas/Connectors_connector_response_properties_gemini' + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_cases_webhook + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_d3security + - $ref: '#/components/schemas/Connectors_connector_response_properties_email' + - $ref: '#/components/schemas/Connectors_connector_response_properties_genai' + - $ref: '#/components/schemas/Connectors_connector_response_properties_index' + - $ref: '#/components/schemas/Connectors_connector_response_properties_jira' + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_opsgenie + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_pagerduty + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_resilient + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_sentinelone + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_serverlog + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_servicenow + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_servicenow_itom + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_servicenow_sir + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_slack_api + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_slack_webhook + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_swimlane + - $ref: '#/components/schemas/Connectors_connector_response_properties_teams' + - $ref: '#/components/schemas/Connectors_connector_response_properties_tines' + - $ref: '#/components/schemas/Connectors_connector_response_properties_torq' + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_webhook + - $ref: >- + #/components/schemas/Connectors_connector_response_properties_xmatters + title: Connector response properties + Connectors_connector_response_properties_bedrock: + title: Connector response properties for an Amazon Bedrock connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_bedrock' + connector_type_id: + description: The type of connector. + enum: + - .bedrock + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + required: + - config + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_cases_webhook: + title: Connector request properties for a Webhook - Case Management connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' + connector_type_id: + description: The type of connector. + enum: + - .cases-webhook + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_d3security: + title: Connector response properties for a D3 Security connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_d3security' + connector_type_id: + description: The type of connector. + enum: + - .d3security + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_email: + title: Connector response properties for an email connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_email' + connector_type_id: + description: The type of connector. + enum: + - .email + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_gemini: + title: Connector response properties for a Google Gemini connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_gemini' + connector_type_id: + description: The type of connector. + enum: + - .gemini + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_genai: + title: Connector response properties for an OpenAI connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_genai' + connector_type_id: + description: The type of connector. + enum: + - .gen-ai + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_index: + title: Connector response properties for an index connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_index' + connector_type_id: + description: The type of connector. + enum: + - .index + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_jira: + title: Connector response properties for a Jira connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_jira' + connector_type_id: + description: The type of connector. + enum: + - .jira + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_opsgenie: + title: Connector response properties for an Opsgenie connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_opsgenie' + connector_type_id: + description: The type of connector. + enum: + - .opsgenie + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_pagerduty: + title: Connector response properties for a PagerDuty connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_pagerduty' + connector_type_id: + description: The type of connector. + enum: + - .pagerduty + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_resilient: + title: Connector response properties for a IBM Resilient connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_resilient' + connector_type_id: + description: The type of connector. + enum: + - .resilient + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_sentinelone: + title: Connector response properties for a SentinelOne connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_sentinelone' + connector_type_id: + description: The type of connector. + enum: + - .sentinelone + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_serverlog: + title: Connector response properties for a server log connector + type: object + properties: + config: + nullable: true + type: object + connector_type_id: + description: The type of connector. + enum: + - .server-log + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_servicenow: + title: Connector response properties for a ServiceNow ITSM connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + connector_type_id: + description: The type of connector. + enum: + - .servicenow + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_servicenow_itom: + title: Connector response properties for a ServiceNow ITOM connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' + connector_type_id: + description: The type of connector. + enum: + - .servicenow-itom + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_servicenow_sir: + title: Connector response properties for a ServiceNow SecOps connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + connector_type_id: + description: The type of connector. + enum: + - .servicenow-sir + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_slack_api: + title: Connector response properties for a Slack connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_slack_api' + connector_type_id: + description: The type of connector. + enum: + - .slack_api + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_slack_webhook: + title: Connector response properties for a Slack connector + type: object + properties: + connector_type_id: + description: The type of connector. + enum: + - .slack + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_swimlane: + title: Connector response properties for a Swimlane connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_swimlane' + connector_type_id: + description: The type of connector. + enum: + - .swimlane + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_teams: + title: Connector response properties for a Microsoft Teams connector + type: object + properties: + config: + type: object + connector_type_id: + description: The type of connector. + enum: + - .teams + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_tines: + title: Connector response properties for a Tines connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_tines' + connector_type_id: + description: The type of connector. + enum: + - .tines + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_torq: + title: Connector response properties for a Torq connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_torq' + connector_type_id: + description: The type of connector. + enum: + - .torq + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_webhook: + title: Connector response properties for a Webhook connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_webhook' + connector_type_id: + description: The type of connector. + enum: + - .webhook + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_response_properties_xmatters: + title: Connector response properties for an xMatters connector + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_xmatters' + connector_type_id: + description: The type of connector. + enum: + - .xmatters + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + $ref: '#/components/schemas/Connectors_is_deprecated' + is_missing_secrets: + $ref: '#/components/schemas/Connectors_is_missing_secrets' + is_preconfigured: + $ref: '#/components/schemas/Connectors_is_preconfigured' + is_system_action: + $ref: '#/components/schemas/Connectors_is_system_action' + name: + description: The display name for the connector. + type: string + referenced_by_count: + $ref: '#/components/schemas/Connectors_referenced_by_count' + required: + - connector_type_id + - id + - is_deprecated + - is_preconfigured + - name + Connectors_connector_types: + description: >- + The type of connector. For example, `.email`, `.index`, `.jira`, + `.opsgenie`, or `.server-log`. + enum: + - .bedrock + - .gemini + - .cases-webhook + - .d3security + - .email + - .gen-ai + - .index + - .jira + - .opsgenie + - .pagerduty + - .resilient + - .sentinelone + - .servicenow + - .servicenow-itom + - .servicenow-sir + - .server-log + - .slack + - .slack_api + - .swimlane + - .teams + - .tines + - .torq + - .webhook + - .xmatters + example: .server-log + title: Connector types + type: string + Connectors_create_connector_request: + description: The properties vary depending on the connector type. + discriminator: + mapping: + .bedrock: '#/components/schemas/Connectors_create_connector_request_bedrock' + .cases-webhook: >- + #/components/schemas/Connectors_create_connector_request_cases_webhook + .d3security: '#/components/schemas/Connectors_create_connector_request_d3security' + .email: '#/components/schemas/Connectors_create_connector_request_email' + .gemini: '#/components/schemas/Connectors_create_connector_request_gemini' + .gen-ai: '#/components/schemas/Connectors_create_connector_request_genai' + .index: '#/components/schemas/Connectors_create_connector_request_index' + .jira: '#/components/schemas/Connectors_create_connector_request_jira' + .opsgenie: '#/components/schemas/Connectors_create_connector_request_opsgenie' + .pagerduty: '#/components/schemas/Connectors_create_connector_request_pagerduty' + .resilient: '#/components/schemas/Connectors_create_connector_request_resilient' + .sentinelone: '#/components/schemas/Connectors_create_connector_request_sentinelone' + .server-log: '#/components/schemas/Connectors_create_connector_request_serverlog' + .servicenow: '#/components/schemas/Connectors_create_connector_request_servicenow' + .servicenow-itom: >- + #/components/schemas/Connectors_create_connector_request_servicenow_itom + .servicenow-sir: >- + #/components/schemas/Connectors_create_connector_request_servicenow_sir + .slack: >- + #/components/schemas/Connectors_create_connector_request_slack_webhook + .slack_api: '#/components/schemas/Connectors_create_connector_request_slack_api' + .swimlane: '#/components/schemas/Connectors_create_connector_request_swimlane' + .teams: '#/components/schemas/Connectors_create_connector_request_teams' + .tines: '#/components/schemas/Connectors_create_connector_request_tines' + .torq: '#/components/schemas/Connectors_create_connector_request_torq' + .webhook: '#/components/schemas/Connectors_create_connector_request_webhook' + .xmatters: '#/components/schemas/Connectors_create_connector_request_xmatters' + propertyName: connector_type_id + oneOf: + - $ref: '#/components/schemas/Connectors_create_connector_request_bedrock' + - $ref: '#/components/schemas/Connectors_create_connector_request_gemini' + - $ref: >- + #/components/schemas/Connectors_create_connector_request_cases_webhook + - $ref: '#/components/schemas/Connectors_create_connector_request_d3security' + - $ref: '#/components/schemas/Connectors_create_connector_request_email' + - $ref: '#/components/schemas/Connectors_create_connector_request_genai' + - $ref: '#/components/schemas/Connectors_create_connector_request_index' + - $ref: '#/components/schemas/Connectors_create_connector_request_jira' + - $ref: '#/components/schemas/Connectors_create_connector_request_opsgenie' + - $ref: '#/components/schemas/Connectors_create_connector_request_pagerduty' + - $ref: '#/components/schemas/Connectors_create_connector_request_resilient' + - $ref: '#/components/schemas/Connectors_create_connector_request_sentinelone' + - $ref: '#/components/schemas/Connectors_create_connector_request_serverlog' + - $ref: '#/components/schemas/Connectors_create_connector_request_servicenow' + - $ref: >- + #/components/schemas/Connectors_create_connector_request_servicenow_itom + - $ref: >- + #/components/schemas/Connectors_create_connector_request_servicenow_sir + - $ref: '#/components/schemas/Connectors_create_connector_request_slack_api' + - $ref: >- + #/components/schemas/Connectors_create_connector_request_slack_webhook + - $ref: '#/components/schemas/Connectors_create_connector_request_swimlane' + - $ref: '#/components/schemas/Connectors_create_connector_request_teams' + - $ref: '#/components/schemas/Connectors_create_connector_request_tines' + - $ref: '#/components/schemas/Connectors_create_connector_request_torq' + - $ref: '#/components/schemas/Connectors_create_connector_request_webhook' + - $ref: '#/components/schemas/Connectors_create_connector_request_xmatters' + title: Create connector request body properties + Connectors_create_connector_request_bedrock: + description: >- + The Amazon Bedrock connector uses axios to send a POST request to Amazon + Bedrock. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_bedrock' + connector_type_id: + description: The type of connector. + enum: + - .bedrock + example: .bedrock + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_bedrock' + required: + - config + - connector_type_id + - name + - secrets + title: Create Amazon Bedrock connector request + type: object + Connectors_create_connector_request_cases_webhook: + description: > + The Webhook - Case Management connector uses axios to send POST, PUT, + and GET requests to a case management RESTful API web service. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' + connector_type_id: + description: The type of connector. + enum: + - .cases-webhook + example: .cases-webhook + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_cases_webhook' + required: + - config + - connector_type_id + - name + title: Create Webhook - Case Managment connector request + type: object + Connectors_create_connector_request_d3security: + description: > + The connector uses axios to send a POST request to a D3 Security + endpoint. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_d3security' + connector_type_id: + description: The type of connector. + enum: + - .d3security + example: .d3security + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_d3security' + required: + - config + - connector_type_id + - name + - secrets + title: Create D3 Security connector request + type: object + Connectors_create_connector_request_email: + description: > + The email connector uses the SMTP protocol to send mail messages, using + an integration of Nodemailer. An exception is Microsoft Exchange, which + uses HTTP protocol for sending emails, Send mail. Email message text is + sent as both plain text and html text. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_email' + connector_type_id: + description: The type of connector. + enum: + - .email + example: .email + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_email' + required: + - config + - connector_type_id + - name + - secrets + title: Create email connector request + type: object + Connectors_create_connector_request_gemini: + description: >- + The Google Gemini connector uses axios to send a POST request to Google + Gemini. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_gemini' + connector_type_id: + description: The type of connector. + enum: + - .gemini + example: .gemini + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_gemini' + required: + - config + - connector_type_id + - name + - secrets + title: Create Google Gemini connector request + type: object + Connectors_create_connector_request_genai: + description: > + The OpenAI connector uses axios to send a POST request to either OpenAI + or Azure OpenAPI. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_genai' + connector_type_id: + description: The type of connector. + enum: + - .gen-ai + example: .gen-ai + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_genai' + required: + - config + - connector_type_id + - name + - secrets + title: Create OpenAI connector request + type: object + Connectors_create_connector_request_index: + description: The index connector indexes a document into Elasticsearch. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_index' + connector_type_id: + description: The type of connector. + enum: + - .index + example: .index + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + required: + - config + - connector_type_id + - name + title: Create index connector request + type: object + Connectors_create_connector_request_jira: + description: The Jira connector uses the REST API v2 to create Jira issues. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_jira' + connector_type_id: + description: The type of connector. + enum: + - .jira + example: .jira + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_jira' + required: + - config + - connector_type_id + - name + - secrets + title: Create Jira connector request + type: object + Connectors_create_connector_request_opsgenie: + description: The Opsgenie connector uses the Opsgenie alert API. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_opsgenie' + connector_type_id: + description: The type of connector. + enum: + - .opsgenie + example: .opsgenie + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_opsgenie' + required: + - config + - connector_type_id + - name + - secrets + title: Create Opsgenie connector request + type: object + Connectors_create_connector_request_pagerduty: + description: > + The PagerDuty connector uses the v2 Events API to trigger, acknowledge, + and resolve PagerDuty alerts. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_pagerduty' + connector_type_id: + description: The type of connector. + enum: + - .pagerduty + example: .pagerduty + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_pagerduty' + required: + - config + - connector_type_id + - name + - secrets + title: Create PagerDuty connector request + type: object + Connectors_create_connector_request_resilient: + description: >- + The IBM Resilient connector uses the RESILIENT REST v2 to create IBM + Resilient incidents. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_resilient' + connector_type_id: + description: The type of connector. + enum: + - .resilient + example: .resilient + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_resilient' + required: + - config + - connector_type_id + - name + - secrets + title: Create IBM Resilient connector request + type: object + Connectors_create_connector_request_sentinelone: + description: > + The SentinelOne connector communicates with SentinelOne Management + Console via REST API. This functionality is in technical preview and may + be changed or removed in a future release. Elastic will work to fix any + issues, but features in technical preview are not subject to the support + SLA of official GA features. + title: Create SentinelOne connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_sentinelone' + connector_type_id: + description: The type of connector. + enum: + - .sentinelone + example: .sentinelone + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_sentinelone' + required: + - config + - connector_type_id + - name + - secrets + x-technical-preview: true + Connectors_create_connector_request_serverlog: + description: This connector writes an entry to the Kibana server log. + properties: + connector_type_id: + description: The type of connector. + enum: + - .server-log + example: .server-log + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + required: + - connector_type_id + - name + title: Create server log connector request + type: object + Connectors_create_connector_request_servicenow: + description: > + The ServiceNow ITSM connector uses the import set API to create + ServiceNow incidents. You can use the connector for rule actions and + cases. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + connector_type_id: + description: The type of connector. + enum: + - .servicenow + example: .servicenow + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' + required: + - config + - connector_type_id + - name + - secrets + title: Create ServiceNow ITSM connector request + type: object + Connectors_create_connector_request_servicenow_itom: + description: > + The ServiceNow ITOM connector uses the event API to create ServiceNow + events. You can use the connector for rule actions. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' + connector_type_id: + description: The type of connector. + enum: + - .servicenow-itom + example: .servicenow-itom + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' + required: + - config + - connector_type_id + - name + - secrets + title: Create ServiceNow ITOM connector request + type: object + Connectors_create_connector_request_servicenow_sir: + description: > + The ServiceNow SecOps connector uses the import set API to create + ServiceNow security incidents. You can use the connector for rule + actions and cases. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + connector_type_id: + description: The type of connector. + enum: + - .servicenow-sir + example: .servicenow-sir + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' + required: + - config + - connector_type_id + - name + - secrets + title: Create ServiceNow SecOps connector request + type: object + Connectors_create_connector_request_slack_api: + description: The Slack connector uses an API method to send Slack messages. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_slack_api' + connector_type_id: + description: The type of connector. + enum: + - .slack_api + example: .slack_api + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_slack_api' + required: + - connector_type_id + - name + - secrets + title: Create Slack connector request + type: object + Connectors_create_connector_request_slack_webhook: + description: The Slack connector uses Slack Incoming Webhooks. + properties: + connector_type_id: + description: The type of connector. + enum: + - .slack + example: .slack + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_slack_webhook' + required: + - connector_type_id + - name + - secrets + title: Create Slack connector request + type: object + Connectors_create_connector_request_swimlane: + description: >- + The Swimlane connector uses the Swimlane REST API to create Swimlane + records. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_swimlane' + connector_type_id: + description: The type of connector. + enum: + - .swimlane + example: .swimlane + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_swimlane' + required: + - config + - connector_type_id + - name + - secrets + title: Create Swimlane connector request + type: object + Connectors_create_connector_request_teams: + description: The Microsoft Teams connector uses Incoming Webhooks. + properties: + connector_type_id: + description: The type of connector. + enum: + - .teams + example: .teams + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_teams' + required: + - connector_type_id + - name + - secrets + title: Create Microsoft Teams connector request + type: object + Connectors_create_connector_request_tines: + description: > + The Tines connector uses Tines Webhook actions to send events via POST + request. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_tines' + connector_type_id: + description: The type of connector. + enum: + - .tines + example: .tines + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_tines' + required: + - config + - connector_type_id + - name + - secrets + title: Create Tines connector request + type: object + Connectors_create_connector_request_torq: + description: > + The Torq connector uses a Torq webhook to trigger workflows with Kibana + actions. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_torq' + connector_type_id: + description: The type of connector. + enum: + - .torq + example: .torq + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_torq' + required: + - config + - connector_type_id + - name + - secrets + title: Create Torq connector request + type: object + Connectors_create_connector_request_webhook: + description: > + The Webhook connector uses axios to send a POST or PUT request to a web + service. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_webhook' + connector_type_id: + description: The type of connector. + enum: + - .webhook + example: .webhook + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_webhook' + required: + - config + - connector_type_id + - name + - secrets + title: Create Webhook connector request + type: object + Connectors_create_connector_request_xmatters: + description: > + The xMatters connector uses the xMatters Workflow for Elastic to send + actionable alerts to on-call xMatters resources. + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_xmatters' + connector_type_id: + description: The type of connector. + enum: + - .xmatters + example: .xmatters + type: string + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_xmatters' + required: + - config + - connector_type_id + - name + - secrets + title: Create xMatters connector request + type: object + Connectors_features: + description: | + The feature that uses the connector. + enum: + - alerting + - cases + - generativeAIForSecurity + - generativeAIForObservability + - generativeAIForSearchPlayground + - siem + - uptime + type: string + Connectors_is_deprecated: + description: Indicates whether the connector type is deprecated. + example: false + type: boolean + Connectors_is_missing_secrets: + description: >- + Indicates whether secrets are missing for the connector. Secrets + configuration properties vary depending on the connector type. + example: false + type: boolean + Connectors_is_preconfigured: + description: > + Indicates whether it is a preconfigured connector. If true, the `config` + and `is_missing_secrets` properties are omitted from the response. + example: false + type: boolean + Connectors_is_system_action: + description: Indicates whether the connector is used for system actions. + example: false + type: boolean + Connectors_referenced_by_count: + description: > + Indicates the number of saved objects that reference the connector. If + `is_preconfigured` is true, this value is not calculated. This property + is returned only by the get all connectors API. + example: 2 + type: integer + Connectors_run_connector_params_acknowledge_resolve_pagerduty: + description: Test an action that acknowledges or resolves a PagerDuty alert. + properties: + dedupKey: + description: The deduplication key for the PagerDuty alert. + maxLength: 255 + type: string + eventAction: + description: The type of event. + enum: + - acknowledge + - resolve + type: string + required: + - dedupKey + - eventAction + title: PagerDuty connector parameters + type: object + Connectors_run_connector_params_documents: + description: Test an action that indexes a document into Elasticsearch. + properties: + documents: + description: The documents in JSON format for index connectors. + items: + additionalProperties: true + type: object + type: array + required: + - documents + title: Index connector parameters + type: object + Connectors_run_connector_params_message_email: + anyOf: + - required: + - bcc + - message + - subject + - required: + - cc + - message + - subject + - required: + - to + - message + - subject + description: > + Test an action that sends an email message. There must be at least one + recipient in `to`, `cc`, or `bcc`. + properties: + bcc: + description: > + A list of "blind carbon copy" email addresses. Addresses can be + specified in `user@host-name` format or in name `` + format + items: + type: string + type: array + cc: + description: > + A list of "carbon copy" email addresses. Addresses can be specified + in `user@host-name` format or in name `` format + items: + type: string + type: array + message: + description: The email message text. Markdown format is supported. + type: string + subject: + description: The subject line of the email. + type: string + to: + description: > + A list of email addresses. Addresses can be specified in + `user@host-name` format or in name `` format. + items: + type: string + type: array + title: Email connector parameters + type: object + Connectors_run_connector_params_message_serverlog: + description: Test an action that writes an entry to the Kibana server log. + properties: + level: + default: info + description: The log level of the message for server log connectors. + enum: + - debug + - error + - fatal + - info + - trace + - warn + type: string + message: + description: The message for server log connectors. + type: string + required: + - message + title: Server log connector parameters + type: object + Connectors_run_connector_params_message_slack: + description: > + Test an action that sends a message to Slack. It is applicable only when + the connector type is `.slack`. + properties: + message: + description: >- + The Slack message text, which cannot contain Markdown, images, or + other advanced formatting. + type: string + required: + - message + title: Slack connector parameters + type: object + Connectors_run_connector_params_trigger_pagerduty: + description: Test an action that triggers a PagerDuty alert. + properties: + class: + description: The class or type of the event. + example: cpu load + type: string + component: + description: >- + The component of the source machine that is responsible for the + event. + example: eth0 + type: string + customDetails: + description: Additional details to add to the event. + type: object + dedupKey: + description: > + All actions sharing this key will be associated with the same + PagerDuty alert. This value is used to correlate trigger and + resolution. + maxLength: 255 + type: string + eventAction: + description: The type of event. + enum: + - trigger + type: string + group: + description: The logical grouping of components of a service. + example: app-stack + type: string + links: + description: A list of links to add to the event. + items: + type: object + properties: + href: + description: The URL for the link. + type: string + text: + description: A plain text description of the purpose of the link. + type: string + type: array + severity: + default: info + description: The severity of the event on the affected system. + enum: + - critical + - error + - info + - warning + type: string + source: + description: > + The affected system, such as a hostname or fully qualified domain + name. Defaults to the Kibana saved object id of the action. + type: string + summary: + description: A summery of the event. + maxLength: 1024 + type: string + timestamp: + description: >- + An ISO-8601 timestamp that indicates when the event was detected or + generated. + format: date-time + type: string + required: + - eventAction + title: PagerDuty connector parameters + type: object + Connectors_run_connector_request: + description: The properties vary depending on the connector type. + properties: + params: + oneOf: + - $ref: >- + #/components/schemas/Connectors_run_connector_params_acknowledge_resolve_pagerduty + - $ref: '#/components/schemas/Connectors_run_connector_params_documents' + - $ref: >- + #/components/schemas/Connectors_run_connector_params_message_email + - $ref: >- + #/components/schemas/Connectors_run_connector_params_message_serverlog + - $ref: >- + #/components/schemas/Connectors_run_connector_params_message_slack + - $ref: >- + #/components/schemas/Connectors_run_connector_params_trigger_pagerduty + - description: Test an action that involves a subaction. + discriminator: + mapping: + addEvent: >- + #/components/schemas/Connectors_run_connector_subaction_addevent + closeAlert: >- + #/components/schemas/Connectors_run_connector_subaction_closealert + closeIncident: >- + #/components/schemas/Connectors_run_connector_subaction_closeincident + createAlert: >- + #/components/schemas/Connectors_run_connector_subaction_createalert + fieldsByIssueType: >- + #/components/schemas/Connectors_run_connector_subaction_fieldsbyissuetype + getChoices: >- + #/components/schemas/Connectors_run_connector_subaction_getchoices + getFields: >- + #/components/schemas/Connectors_run_connector_subaction_getfields + getIncident: >- + #/components/schemas/Connectors_run_connector_subaction_getincident + issue: >- + #/components/schemas/Connectors_run_connector_subaction_issue + issues: >- + #/components/schemas/Connectors_run_connector_subaction_issues + issueTypes: >- + #/components/schemas/Connectors_run_connector_subaction_issuetypes + pushToService: >- + #/components/schemas/Connectors_run_connector_subaction_pushtoservice + propertyName: subAction + oneOf: + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_addevent + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_closealert + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_closeincident + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_createalert + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_fieldsbyissuetype + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_getchoices + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_getfields + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_getincident + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_issue + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_issues + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_issuetypes + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_postmessage + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_pushtoservice + - $ref: >- + #/components/schemas/Connectors_run_connector_subaction_validchannelid + title: Subaction parameters + required: + - params + title: Run connector request body properties + type: object + Connectors_run_connector_subaction_addevent: + description: The `addEvent` subaction for ServiceNow ITOM connectors. + title: The addEvent subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - addEvent + type: string + subActionParams: + description: The set of configuration properties for the action. + type: object + properties: + additional_info: + description: Additional information about the event. + type: string + description: + description: The details about the event. + type: string + event_class: + description: A specific instance of the source. + type: string + message_key: + description: >- + All actions sharing this key are associated with the same + ServiceNow alert. The default value is `:`. + type: string + metric_name: + description: The name of the metric. + type: string + node: + description: The host that the event was triggered for. + type: string + resource: + description: The name of the resource. + type: string + severity: + description: The severity of the event. + type: string + source: + description: The name of the event source type. + type: string + time_of_event: + description: The time of the event. + type: string + type: + description: The type of event. + type: string + required: + - subAction + Connectors_run_connector_subaction_closealert: + description: The `closeAlert` subaction for Opsgenie connectors. + title: The closeAlert subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - closeAlert + type: string + subActionParams: + type: object + properties: + alias: + description: >- + The unique identifier used for alert deduplication in Opsgenie. + The alias must match the value used when creating the alert. + type: string + note: + description: Additional information for the alert. + type: string + source: + description: The display name for the source of the alert. + type: string + user: + description: The display name for the owner. + type: string + required: + - alias + required: + - subAction + - subActionParams + Connectors_run_connector_subaction_closeincident: + description: The `closeIncident` subaction for ServiceNow ITSM connectors. + title: The closeIncident subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - closeIncident + type: string + subActionParams: + type: object + properties: + incident: + anyOf: + - required: + - correlation_id + - required: + - externalId + type: object + properties: + correlation_id: + default: '{{rule.id}}:{{alert.id}}' + description: > + An identifier that is assigned to the incident when it is + created by the connector. NOTE: If you use the default value + and the rule generates multiple alerts that use the same + alert IDs, the latest open incident for this correlation ID + is closed unless you specify the external ID. + maxLength: 100 + nullable: true + type: string + externalId: + description: >- + The unique identifier (`incidentId`) for the incident in + ServiceNow. + nullable: true + type: string + required: + - incident + required: + - subAction + - subActionParams + Connectors_run_connector_subaction_createalert: + description: The `createAlert` subaction for Opsgenie connectors. + title: The createAlert subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - createAlert + type: string + subActionParams: + type: object + properties: + actions: + description: The custom actions available to the alert. + items: + type: string + type: array + alias: + description: The unique identifier used for alert deduplication in Opsgenie. + type: string + description: + description: >- + A description that provides detailed information about the + alert. + type: string + details: + additionalProperties: true + description: The custom properties of the alert. + example: + key1: value1 + key2: value2 + type: object + entity: + description: >- + The domain of the alert. For example, the application or server + name. + type: string + message: + description: The alert message. + type: string + note: + description: Additional information for the alert. + type: string + priority: + description: The priority level for the alert. + enum: + - P1 + - P2 + - P3 + - P4 + - P5 + type: string + responders: + description: > + The entities to receive notifications about the alert. If `type` + is `user`, either `id` or `username` is required. If `type` is + `team`, either `id` or `name` is required. + items: + type: object + properties: + id: + description: The identifier for the entity. + type: string + name: + description: The name of the entity. + type: string + type: + description: 'The type of responders, in this case `escalation`.' + enum: + - escalation + - schedule + - team + - user + type: string + username: + description: A valid email address for the user. + type: string + type: array + source: + description: The display name for the source of the alert. + type: string + tags: + description: The tags for the alert. + items: + type: string + type: array + user: + description: The display name for the owner. + type: string + visibleTo: + description: >- + The teams and users that the alert will be visible to without + sending a notification. Only one of `id`, `name`, or `username` + is required. + items: + type: object + properties: + id: + description: The identifier for the entity. + type: string + name: + description: The name of the entity. + type: string + type: + description: Valid values are `team` and `user`. + enum: + - team + - user + type: string + username: + description: >- + The user name. This property is required only when the + `type` is `user`. + type: string + required: + - type + type: array + required: + - message + required: + - subAction + - subActionParams + Connectors_run_connector_subaction_fieldsbyissuetype: + description: The `fieldsByIssueType` subaction for Jira connectors. + title: The fieldsByIssueType subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - fieldsByIssueType + type: string + subActionParams: + type: object + properties: + id: + description: The Jira issue type identifier. + example: 10024 + type: string + required: + - id + required: + - subAction + - subActionParams + Connectors_run_connector_subaction_getchoices: + description: >- + The `getChoices` subaction for ServiceNow ITOM, ServiceNow ITSM, and + ServiceNow SecOps connectors. + title: The getChoices subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - getChoices + type: string + subActionParams: + description: The set of configuration properties for the action. + type: object + properties: + fields: + description: An array of fields. + items: + type: string + type: array + required: + - fields + required: + - subAction + - subActionParams + Connectors_run_connector_subaction_getfields: + description: >- + The `getFields` subaction for Jira, ServiceNow ITSM, and ServiceNow + SecOps connectors. + title: The getFields subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - getFields + type: string + required: + - subAction + Connectors_run_connector_subaction_getincident: + description: >- + The `getIncident` subaction for Jira, ServiceNow ITSM, and ServiceNow + SecOps connectors. + properties: + subAction: + description: The action to test. + enum: + - getIncident + type: string + subActionParams: + type: object + properties: + externalId: + description: >- + The Jira, ServiceNow ITSM, or ServiceNow SecOps issue + identifier. + example: 71778 + type: string + required: + - externalId + required: + - subAction + - subActionParams + title: The getIncident subaction + type: object + Connectors_run_connector_subaction_issue: + description: The `issue` subaction for Jira connectors. + title: The issue subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - issue + type: string + subActionParams: + type: object + properties: + id: + description: The Jira issue identifier. + example: 71778 + type: string + required: + - id + required: + - subAction + Connectors_run_connector_subaction_issues: + description: The `issues` subaction for Jira connectors. + title: The issues subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - issues + type: string + subActionParams: + type: object + properties: + title: + description: The title of the Jira issue. type: string - esTypes: - - _id - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - _index: - count: 0 - name: _index + required: + - title + required: + - subAction + - subActionParams + Connectors_run_connector_subaction_issuetypes: + description: The `issueTypes` subaction for Jira connectors. + title: The issueTypes subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - issueTypes + type: string + required: + - subAction + Connectors_run_connector_subaction_postmessage: + description: > + Test an action that sends a message to Slack. It is applicable only when + the connector type is `.slack_api`. + properties: + subAction: + description: The action to test. + enum: + - postMessage + type: string + subActionParams: + description: The set of configuration properties for the action. + type: object + properties: + channelIds: + description: > + The Slack channel identifier, which must be one of the + `allowedChannels` in the connector configuration. + items: + type: string + maxItems: 1 + type: array + channels: + deprecated: true + description: | + The name of a channel that your Slack app has access to. + items: + type: string + maxItems: 1 + type: array + text: + description: > + The Slack message text. If it is a Slack webhook connector, the + text cannot contain Markdown, images, or other advanced + formatting. If it is a Slack web API connector, it can contain + either plain text or block kit messages. + minLength: 1 type: string - esTypes: - - _index - scripted: false - searchable: true - aggregatable: true - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - _score: - count: 0 - name: _score - type: number - scripted: false - searchable: false - aggregatable: false - readFromDocValues: false - format: - id: number - shortDotsEnable: false - isMapped: true - _source: - count: 0 - name: _source - type: _source - esTypes: - - _source - scripted: false - searchable: false - aggregatable: false - readFromDocValues: false - format: - id: _source - shortDotsEnable: false - isMapped: true - category: - count: 0 - name: category + required: + - subAction + - subActionParams + title: The postMessage subaction + type: object + Connectors_run_connector_subaction_pushtoservice: + description: >- + The `pushToService` subaction for Jira, ServiceNow ITSM, ServiceNow + SecOps, Swimlane, and Webhook - Case Management connectors. + title: The pushToService subaction + type: object + properties: + subAction: + description: The action to test. + enum: + - pushToService + type: string + subActionParams: + description: The set of configuration properties for the action. + type: object + properties: + comments: + description: >- + Additional information that is sent to Jira, ServiceNow ITSM, + ServiceNow SecOps, or Swimlane. + items: + type: object + properties: + comment: + description: >- + A comment related to the incident. For example, describe + how to troubleshoot the issue. + type: string + commentId: + description: A unique identifier for the comment. + type: integer + type: array + incident: + description: >- + Information necessary to create or update a Jira, ServiceNow + ITSM, ServiveNow SecOps, or Swimlane incident. + type: object + properties: + alertId: + description: The alert identifier for Swimlane connectors. + type: string + caseId: + description: >- + The case identifier for the incident for Swimlane + connectors. + type: string + caseName: + description: The case name for the incident for Swimlane connectors. + type: string + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + correlation_display: + description: >- + A descriptive label of the alert for correlation purposes + for ServiceNow ITSM and ServiceNow SecOps connectors. + type: string + correlation_id: + description: > + The correlation identifier for the security incident for + ServiceNow ITSM and ServiveNow SecOps connectors. Connectors + using the same correlation ID are associated with the same + ServiceNow incident. This value determines whether a new + ServiceNow incident is created or an existing one is + updated. Modifying this value is optional; if not modified, + the rule ID and alert ID are combined as `{{ruleID}}:{{alert + ID}}` to form the correlation ID value in ServiceNow. The + maximum character length for this value is 100 characters. + NOTE: Using the default configuration of `{{ruleID}}:{{alert + ID}}` ensures that ServiceNow creates a separate incident + record for every generated alert that uses a unique alert + ID. If the rule generates multiple alerts that use the same + alert IDs, ServiceNow creates and continually updates a + single incident record for the alert. + type: string + description: + description: >- + The description of the incident for Jira, ServiceNow ITSM, + ServiceNow SecOps, Swimlane, and Webhook - Case Management + connectors. + type: string + dest_ip: + description: > + A list of destination IP addresses related to the security + incident for ServiceNow SecOps connectors. The IPs are added + as observables to the security incident. + oneOf: + - type: string + - items: + type: string + type: array + externalId: + description: > + The Jira, ServiceNow ITSM, or ServiceNow SecOps issue + identifier. If present, the incident is updated. Otherwise, + a new incident is created. + type: string + id: + description: >- + The external case identifier for Webhook - Case Management + connectors. + type: string + impact: + description: The impact of the incident for ServiceNow ITSM connectors. + type: string + issueType: + description: >- + The type of incident for Jira connectors. For example, + 10006. To obtain the list of valid values, set `subAction` + to `issueTypes`. + type: integer + labels: + description: > + The labels for the incident for Jira connectors. NOTE: + Labels cannot contain spaces. + items: + type: string + type: array + malware_hash: + description: >- + A list of malware hashes related to the security incident + for ServiceNow SecOps connectors. The hashes are added as + observables to the security incident. + oneOf: + - type: string + - items: + type: string + type: array + malware_url: + description: >- + A list of malware URLs related to the security incident for + ServiceNow SecOps connectors. The URLs are added as + observables to the security incident. + oneOf: + - type: string + - items: + type: string + type: array + type: string + otherFields: + additionalProperties: true + description: > + Custom field identifiers and their values for Jira + connectors. + maxProperties: 20 + type: object + parent: + description: >- + The ID or key of the parent issue for Jira connectors. + Applies only to `Sub-task` types of issues. + type: string + priority: + description: >- + The priority of the incident in Jira and ServiceNow SecOps + connectors. + type: string + ruleName: + description: The rule name for Swimlane connectors. + type: string + severity: + description: >- + The severity of the incident for ServiceNow ITSM and + Swimlane connectors. + type: string + short_description: + description: > + A short description of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. It is used for searching the + contents of the knowledge base. + type: string + source_ip: + description: >- + A list of source IP addresses related to the security + incident for ServiceNow SecOps connectors. The IPs are added + as observables to the security incident. + oneOf: + - type: string + - items: + type: string + type: array + status: + description: >- + The status of the incident for Webhook - Case Management + connectors. + type: string + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + summary: + description: A summary of the incident for Jira connectors. + type: string + tags: + description: A list of tags for Webhook - Case Management connectors. + items: + type: string + type: array + title: + description: > + A title for the incident for Jira and Webhook - Case + Management connectors. It is used for searching the contents + of the knowledge base. + type: string + urgency: + description: The urgency of the incident for ServiceNow ITSM connectors. + type: string + required: + - subAction + - subActionParams + Connectors_run_connector_subaction_validchannelid: + description: > + Retrieves information about a valid Slack channel identifier. It is + applicable only when the connector type is `.slack_api`. + properties: + subAction: + description: The action to test. + enum: + - validChannelId + type: string + subActionParams: + type: object + properties: + channelId: + description: The Slack channel identifier. + example: C123ABC456 type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - category.keyword: - count: 0 - name: category.keyword + required: + - channelId + required: + - subAction + - subActionParams + title: The validChannelId subaction + type: object + Connectors_secrets_properties_bedrock: + description: Defines secrets for connectors when type is `.bedrock`. + properties: + accessKey: + description: The AWS access key for authentication. + type: string + secret: + description: The AWS secret for authentication. + type: string + required: + - accessKey + - secret + title: Connector secrets properties for an Amazon Bedrock connector + type: object + Connectors_secrets_properties_cases_webhook: + title: Connector secrets properties for Webhook - Case Management connector + type: object + properties: + password: + description: >- + The password for HTTP basic authentication. If `hasAuth` is set to + `true`, this property is required. + type: string + user: + description: >- + The username for HTTP basic authentication. If `hasAuth` is set to + `true`, this property is required. + type: string + Connectors_secrets_properties_d3security: + description: Defines secrets for connectors when type is `.d3security`. + type: object + properties: + token: + description: The D3 Security token. + type: string + required: + - token + title: Connector secrets properties for a D3 Security connector + Connectors_secrets_properties_email: + description: Defines secrets for connectors when type is `.email`. + properties: + clientSecret: + description: > + The Microsoft Exchange Client secret for OAuth 2.0 client + credentials authentication. It must be URL-encoded. If `service` is + `exchange_server`, this property is required. + type: string + password: + description: > + The password for HTTP basic authentication. If `hasAuth` is set to + `true`, this property is required. + type: string + user: + description: > + The username for HTTP basic authentication. If `hasAuth` is set to + `true`, this property is required. + type: string + title: Connector secrets properties for an email connector + type: object + Connectors_secrets_properties_gemini: + description: Defines secrets for connectors when type is `.gemini`. + properties: + credentialsJSON: + description: >- + The service account credentials JSON file. The service account + should have Vertex AI user IAM role assigned to it. + type: string + required: + - credentialsJSON + title: Connector secrets properties for a Google Gemini connector + type: object + Connectors_secrets_properties_genai: + description: Defines secrets for connectors when type is `.gen-ai`. + properties: + apiKey: + description: The OpenAI API key. + type: string + title: Connector secrets properties for an OpenAI connector + type: object + Connectors_secrets_properties_jira: + description: Defines secrets for connectors when type is `.jira`. + type: object + properties: + apiToken: + description: The Jira API authentication token for HTTP basic authentication. + type: string + email: + description: The account email for HTTP Basic authentication. + type: string + required: + - apiToken + - email + title: Connector secrets properties for a Jira connector + Connectors_secrets_properties_opsgenie: + description: Defines secrets for connectors when type is `.opsgenie`. + type: object + properties: + apiKey: + description: The Opsgenie API authentication key for HTTP Basic authentication. + type: string + required: + - apiKey + title: Connector secrets properties for an Opsgenie connector + Connectors_secrets_properties_pagerduty: + description: Defines secrets for connectors when type is `.pagerduty`. + properties: + routingKey: + description: > + A 32 character PagerDuty Integration Key for an integration on a + service. + type: string + required: + - routingKey + title: Connector secrets properties for a PagerDuty connector + type: object + Connectors_secrets_properties_resilient: + description: Defines secrets for connectors when type is `.resilient`. + type: object + properties: + apiKeyId: + description: The authentication key ID for HTTP Basic authentication. + type: string + apiKeySecret: + description: The authentication key secret for HTTP Basic authentication. + type: string + required: + - apiKeyId + - apiKeySecret + title: Connector secrets properties for IBM Resilient connector + Connectors_secrets_properties_sentinelone: + description: Defines secrets for connectors when type is `.sentinelone`. + properties: + token: + description: The A SentinelOne API token. + type: string + required: + - token + title: Connector secrets properties for a SentinelOne connector + type: object + Connectors_secrets_properties_servicenow: + description: >- + Defines secrets for connectors when type is `.servicenow`, + `.servicenow-sir`, or `.servicenow-itom`. + properties: + clientSecret: + description: >- + The client secret assigned to your OAuth application. This property + is required when `isOAuth` is `true`. + type: string + password: + description: >- + The password for HTTP basic authentication. This property is + required when `isOAuth` is `false`. + type: string + privateKey: + description: >- + The RSA private key that you created for use in ServiceNow. This + property is required when `isOAuth` is `true`. + type: string + privateKeyPassword: + description: >- + The password for the RSA private key. This property is required when + `isOAuth` is `true` and you set a password on your private key. + type: string + username: + description: >- + The username for HTTP basic authentication. This property is + required when `isOAuth` is `false`. + type: string + title: >- + Connector secrets properties for ServiceNow ITOM, ServiceNow ITSM, and + ServiceNow SecOps connectors + type: object + Connectors_secrets_properties_slack_api: + description: Defines secrets for connectors when type is `.slack`. + type: object + properties: + token: + description: Slack bot user OAuth token. + type: string + required: + - token + title: Connector secrets properties for a Web API Slack connector + Connectors_secrets_properties_slack_webhook: + description: Defines secrets for connectors when type is `.slack`. + type: object + properties: + webhookUrl: + description: Slack webhook url. + type: string + required: + - webhookUrl + title: Connector secrets properties for a Webhook Slack connector + Connectors_secrets_properties_swimlane: + description: Defines secrets for connectors when type is `.swimlane`. + properties: + apiToken: + description: Swimlane API authentication token. + type: string + title: Connector secrets properties for a Swimlane connector + type: object + Connectors_secrets_properties_teams: + description: Defines secrets for connectors when type is `.teams`. + properties: + webhookUrl: + description: > + The URL of the incoming webhook. If you are using the + `xpack.actions.allowedHosts` setting, add the hostname to the + allowed hosts. + type: string + required: + - webhookUrl + title: Connector secrets properties for a Microsoft Teams connector + type: object + Connectors_secrets_properties_tines: + description: Defines secrets for connectors when type is `.tines`. + properties: + email: + description: The email used to sign in to Tines. + type: string + token: + description: The Tines API token. + type: string + required: + - email + - token + title: Connector secrets properties for a Tines connector + type: object + Connectors_secrets_properties_torq: + description: Defines secrets for connectors when type is `.torq`. + properties: + token: + description: The secret of the webhook authentication header. + type: string + required: + - token + title: Connector secrets properties for a Torq connector + type: object + Connectors_secrets_properties_webhook: + description: Defines secrets for connectors when type is `.webhook`. + properties: + crt: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT + file. + type: string + key: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-crt-key`, it is a base64 encoded version of the KEY file. + type: string + password: + description: > + The password for HTTP basic authentication or the passphrase for the + SSL certificate files. If `hasAuth` is set to `true` and `authType` + is `webhook-authentication-basic`, this property is required. + type: string + pfx: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. + type: string + user: + description: > + The username for HTTP basic authentication. If `hasAuth` is set to + `true` and `authType` is `webhook-authentication-basic`, this + property is required. + type: string + title: Connector secrets properties for a Webhook connector + type: object + Connectors_secrets_properties_xmatters: + description: Defines secrets for connectors when type is `.xmatters`. + properties: + password: + description: > + A user name for HTTP basic authentication. It is applicable only + when `usesBasic` is `true`. + type: string + secretsUrl: + description: > + The request URL for the Elastic Alerts trigger in xMatters with the + API key included in the URL. It is applicable only when `usesBasic` + is `false`. + type: string + user: + description: > + A password for HTTP basic authentication. It is applicable only when + `usesBasic` is `true`. + type: string + title: Connector secrets properties for an xMatters connector + type: object + Connectors_update_connector_request: + description: The properties vary depending on the connector type. + oneOf: + - $ref: '#/components/schemas/Connectors_update_connector_request_bedrock' + - $ref: '#/components/schemas/Connectors_update_connector_request_gemini' + - $ref: >- + #/components/schemas/Connectors_update_connector_request_cases_webhook + - $ref: '#/components/schemas/Connectors_update_connector_request_d3security' + - $ref: '#/components/schemas/Connectors_update_connector_request_email' + - $ref: '#/components/schemas/Connectors_create_connector_request_genai' + - $ref: '#/components/schemas/Connectors_update_connector_request_index' + - $ref: '#/components/schemas/Connectors_update_connector_request_jira' + - $ref: '#/components/schemas/Connectors_update_connector_request_opsgenie' + - $ref: '#/components/schemas/Connectors_update_connector_request_pagerduty' + - $ref: '#/components/schemas/Connectors_update_connector_request_resilient' + - $ref: '#/components/schemas/Connectors_update_connector_request_sentinelone' + - $ref: '#/components/schemas/Connectors_update_connector_request_serverlog' + - $ref: '#/components/schemas/Connectors_update_connector_request_servicenow' + - $ref: >- + #/components/schemas/Connectors_update_connector_request_servicenow_itom + - $ref: '#/components/schemas/Connectors_update_connector_request_slack_api' + - $ref: >- + #/components/schemas/Connectors_update_connector_request_slack_webhook + - $ref: '#/components/schemas/Connectors_update_connector_request_swimlane' + - $ref: '#/components/schemas/Connectors_update_connector_request_teams' + - $ref: '#/components/schemas/Connectors_update_connector_request_tines' + - $ref: '#/components/schemas/Connectors_update_connector_request_torq' + - $ref: '#/components/schemas/Connectors_update_connector_request_webhook' + - $ref: '#/components/schemas/Connectors_update_connector_request_xmatters' + title: Update connector request body properties + Connectors_update_connector_request_bedrock: + title: Update Amazon Bedrock connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_bedrock' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_bedrock' + required: + - config + - name + Connectors_update_connector_request_cases_webhook: + title: Update Webhook - Case Managment connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_cases_webhook' + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_cases_webhook' + required: + - config + - name + Connectors_update_connector_request_d3security: + title: Update D3 Security connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_d3security' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_d3security' + required: + - config + - name + - secrets + Connectors_update_connector_request_email: + title: Update email connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_email' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_email' + required: + - config + - name + Connectors_update_connector_request_gemini: + title: Update Google Gemini connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_gemini' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_gemini' + required: + - config + - name + Connectors_update_connector_request_index: + title: Update index connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_index' + name: + description: The display name for the connector. + type: string + required: + - config + - name + Connectors_update_connector_request_jira: + title: Update Jira connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_jira' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_jira' + required: + - config + - name + - secrets + Connectors_update_connector_request_opsgenie: + title: Update Opsgenie connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_opsgenie' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_opsgenie' + required: + - config + - name + - secrets + Connectors_update_connector_request_pagerduty: + title: Update PagerDuty connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_pagerduty' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_pagerduty' + required: + - config + - name + - secrets + Connectors_update_connector_request_resilient: + title: Update IBM Resilient connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_resilient' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_resilient' + required: + - config + - name + - secrets + Connectors_update_connector_request_sentinelone: + title: Update SentinelOne connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_sentinelone' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_sentinelone' + required: + - config + - name + - secrets + Connectors_update_connector_request_serverlog: + title: Update server log connector request + type: object + properties: + name: + description: The display name for the connector. + type: string + required: + - name + Connectors_update_connector_request_servicenow: + title: Update ServiceNow ITSM connector or ServiceNow SecOps request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' + required: + - config + - name + - secrets + Connectors_update_connector_request_servicenow_itom: + title: Create ServiceNow ITOM connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_servicenow_itom' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_servicenow' + required: + - config + - name + - secrets + Connectors_update_connector_request_slack_api: + title: Update Slack connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_slack_api' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_slack_api' + required: + - name + - secrets + Connectors_update_connector_request_slack_webhook: + title: Update Slack connector request + type: object + properties: + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_slack_webhook' + required: + - name + - secrets + Connectors_update_connector_request_swimlane: + title: Update Swimlane connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_swimlane' + name: + description: The display name for the connector. + example: my-connector + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_swimlane' + required: + - config + - name + - secrets + Connectors_update_connector_request_teams: + title: Update Microsoft Teams connector request + type: object + properties: + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_teams' + required: + - name + - secrets + Connectors_update_connector_request_tines: + title: Update Tines connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_tines' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_tines' + required: + - config + - name + - secrets + Connectors_update_connector_request_torq: + title: Update Torq connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_torq' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_torq' + required: + - config + - name + - secrets + Connectors_update_connector_request_webhook: + title: Update Webhook connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_webhook' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_webhook' + required: + - config + - name + - secrets + Connectors_update_connector_request_xmatters: + title: Update xMatters connector request + type: object + properties: + config: + $ref: '#/components/schemas/Connectors_config_properties_xmatters' + name: + description: The display name for the connector. + type: string + secrets: + $ref: '#/components/schemas/Connectors_secrets_properties_xmatters' + required: + - config + - name + - secrets + Data_views_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request + type: object + properties: + data_view: + description: The data view object. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: category - format: - id: string - shortDotsEnable: false - isMapped: true - currency: - count: 0 - name: currency + name: + description: The data view name. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - customer_birth_date: - count: 0 - name: customer_birth_date - type: date - esTypes: - - date - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: date - shortDotsEnable: false - isMapped: true - customer_first_name: - count: 0 - name: customer_first_name + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - customer_first_name.keyword: - count: 0 - name: customer_first_name.keyword + required: + - title + override: + default: false + description: >- + Override an existing data view if a data view with the provided + title already exists. + type: boolean + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: customer_first_name - format: - id: string - shortDotsEnable: false - isMapped: true - customer_full_name: - count: 0 - name: customer_full_name + name: + description: The data view name. type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - customer_full_name.keyword: - count: 0 - name: customer_full_name.keyword + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' + version: + example: WzQ2LDJd type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: customer_full_name - format: - id: string - shortDotsEnable: false - isMapped: true - customer_gender: - count: 0 - name: customer_gender + Data_views_fieldattrs: + description: A map of field attributes by field name. + type: object + properties: + count: + description: Popularity count for the field. + type: integer + customDescription: + description: Custom description for the field. + maxLength: 300 + type: string + customLabel: + description: Custom label for the field. + type: string + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: + type: object + properties: + source: + description: Script for the runtime field. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - customer_id: - count: 0 - name: customer_id + type: + description: Mapping type of the runtime field. + type: string + required: + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request + type: object + properties: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. + type: string + fromId: + description: The saved object reference to change. + type: string + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. + type: string + toId: + description: New saved object reference value to replace the old value. + type: string + required: + - fromId + - toId + Data_views_timefieldname: + description: 'The timestamp field name, which you use for time-based data views.' + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: 'When set to `rollup`, identifies the rollup data views.' + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + required: + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - customer_last_name: - count: 0 - name: customer_last_name + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + type: object + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: >- + Kibana's operational status as well as a detailed breakdown of plugin + statuses indication of various loads (like event loop utilization and + network traffic) at time of request. + type: object + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - customer_last_name.keyword: - count: 0 - name: customer_last_name.keyword + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. + type: object + properties: + elasticsearch: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + required: + - elasticsearch + - savedObjects + overall: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: >- + Unique, generated Kibana instance UUID. This UUID should persist + even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: customer_last_name - format: - id: string - shortDotsEnable: false - isMapped: true - customer_phone: - count: 0 - name: customer_phone + build_flavor: + description: >- + The build flavour determines configuration and behavior of + Kibana. On premise users will almost always run the + "traditional" flavour, while other flavours are reserved for + Elastic-specific use cases. + enum: + - serverless + - traditional type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - day_of_week: - count: 0 - name: day_of_week + build_hash: + description: >- + A unique hash value representing the git commit of this Kibana + build. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - day_of_week_i: - count: 0 - name: day_of_week_i + build_number: + description: >- + A monotonically increasing number, each subsequent build will + have a higher number. type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - email: - count: 0 - name: email - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - event.dataset: - count: 0 - name: event.dataset + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - geoip.city_name: - count: 0 - name: geoip.city_name + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + Machine_learning_APIs_mlSync200Response: + properties: + datafeedsAdded: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job is missing a datafeed + identifier, it is added when you run the sync machine learning saved + objects API. + type: object + datafeedsRemoved: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job references a datafeed + that no longer exists, it is deleted when you run the sync machine + learning saved objects API. + type: object + savedObjectsCreated: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated + savedObjectsDeleted: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted + title: Successful sync API response + type: object + Machine_learning_APIs_mlSync4xxResponse: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful sync API response + type: object + Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + description: >- + The sync machine learning saved objects API response contains this + object when there are anomaly detection jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for anomaly detection jobs + type: object + Machine_learning_APIs_mlSyncResponseDatafeeds: + description: >- + The sync machine learning saved objects API response contains this + object when there are datafeeds affected by the synchronization. There + is an object for each relevant datafeed, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for datafeeds + type: object + Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + description: >- + The sync machine learning saved objects API response contains this + object when there are data frame analytics jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for data frame analytics jobs + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + description: >- + If saved objects are missing for machine learning jobs or trained + models, they are created when you run the sync machine learning saved + objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If saved objects are missing for anomaly detection jobs, they are + created. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If saved objects are missing for data frame analytics jobs, they are + created. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: 'If saved objects are missing for trained models, they are created.' + type: object + title: Sync API response for created saved objects + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + description: >- + If saved objects exist for machine learning jobs or trained models that + no longer exist, they are deleted when you run the sync machine learning + saved objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If there are saved objects exist for nonexistent anomaly detection + jobs, they are deleted. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If there are saved objects exist for nonexistent data frame + analytics jobs, they are deleted. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: >- + If there are saved objects exist for nonexistent trained models, + they are deleted. + type: object + title: Sync API response for deleted saved objects + type: object + Machine_learning_APIs_mlSyncResponseSuccess: + description: The success or failure of the synchronization. + type: boolean + Machine_learning_APIs_mlSyncResponseTrainedModels: + description: >- + The sync machine learning saved objects API response contains this + object when there are trained models affected by the synchronization. + There is an object for each relevant trained model, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for trained models + type: object + Saved_objects_400_response: + title: Bad request + type: object + properties: + error: + enum: + - Bad Request + type: string + message: + type: string + statusCode: + enum: + - 400 + type: integer + required: + - error + - message + - statusCode + Saved_objects_attributes: + description: > + The data that you want to create. WARNING: When you create saved + objects, attributes are not validated, which allows you to pass + arbitrary and ill-formed data into the API that can break Kibana. Make + sure any data that you send to the API is properly formed. + type: object + Saved_objects_initial_namespaces: + description: > + Identifiers for the spaces in which this object is created. If this is + provided, the object is created only in the explicitly defined spaces. + If this is not provided, the object is created in the current space + (default behavior). For shareable object types (registered with + `namespaceType: 'multiple'`), this option can be used to specify one or + more spaces, including the "All spaces" identifier ('*'). For isolated + object types (registered with `namespaceType: 'single'` or + `namespaceType: 'multiple-isolated'`), this option can only be used to + specify a single space, and the "All spaces" identifier ('*') is not + allowed. For global object types (`registered with `namespaceType: + agnostic`), this option cannot be used. + type: array + Saved_objects_references: + description: > + Objects with `name`, `id`, and `type` properties that describe the other + saved objects that this object references. Use `name` in attributes to + refer to the other saved object, but never the `id`, which can update + automatically during migrations or import and export. + type: array + Security_AI_Assistant_API_AnonymizationFieldCreateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + field: + type: string + required: + - field + Security_AI_Assistant_API_AnonymizationFieldDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_AnonymizationFieldResponse: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + createdAt: + type: string + createdBy: + type: string + field: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + namespace: + description: Kibana space + type: string + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + required: + - id + - field + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: + enum: + - ANONYMIZATION_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: + type: object + properties: + anonymization_fields_count: + type: integer + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult + type: array + updated: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_AnonymizationFieldUpdateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + id: + type: string + required: + - id + Security_AI_Assistant_API_ApiConfig: + type: object + properties: + actionTypeId: + description: action type id + type: string + connectorId: + description: connector id + type: string + defaultSystemPromptId: + description: defaultSystemPromptId + type: string + model: + description: model + type: string + provider: + $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' + description: Provider + required: + - connectorId + - actionTypeId + Security_AI_Assistant_API_BulkCrudActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_AI_Assistant_API_ChatCompleteProps: + type: object + properties: + connectorId: + type: string + conversationId: + type: string + isStream: + type: boolean + langSmithApiKey: + type: string + langSmithProject: + type: string + messages: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' + type: array + model: + type: string + persist: + type: boolean + promptId: + type: string + responseLanguage: + type: string + required: + - messages + - persist + - connectorId + Security_AI_Assistant_API_ChatMessage: + description: AI assistant message. + type: object + properties: + content: + description: Message content. + type: string + data: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' + description: ECS object to attach to the context of the message. + fields_to_anonymize: + items: + type: string + type: array + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' + description: Message role. + required: + - role + Security_AI_Assistant_API_ChatMessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_ConversationCategory: + description: The conversation category. + enum: + - assistant + - insights + type: string + Security_AI_Assistant_API_ConversationConfidence: + description: The conversation confidence. + enum: + - low + - medium + - high + type: string + Security_AI_Assistant_API_ConversationCreateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + description: The conversation id. + type: string + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + title: + description: The conversation title. + type: string + required: + - title + Security_AI_Assistant_API_ConversationResponse: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + createdAt: + description: The last time conversation was updated. + type: string + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + namespace: + description: Kibana space + type: string + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + title: + description: The conversation title. + type: string + updatedAt: + description: The last time conversation was updated. + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - title + - createdAt + - users + - namespace + - category + Security_AI_Assistant_API_ConversationSummary: + type: object + properties: + confidence: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationConfidence + description: >- + How confident you are about this being a correct and useful + learning. + content: + description: Summary text of the conversation over time. + type: string + public: + description: Define if summary is marked as publicly available. + type: boolean + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp summary was updated. + Security_AI_Assistant_API_ConversationUpdateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + title: + description: The conversation title. + type: string + required: + - id + Security_AI_Assistant_API_FindAnonymizationFieldsSortField: + enum: + - created_at + - anonymized + - allowed + - field + - updated_at + type: string + Security_AI_Assistant_API_FindConversationsSortField: + enum: + - created_at + - is_default + - title + - updated_at + type: string + Security_AI_Assistant_API_FindPromptsSortField: + enum: + - created_at + - is_default + - name + - updated_at + type: string + Security_AI_Assistant_API_Message: + description: AI assistant conversation message. + type: object + properties: + content: + description: Message content. + type: string + isError: + description: Is error message. + type: boolean + reader: + $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' + description: Message content. + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' + description: Message role. + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp message was sent or received. + traceData: + $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' + description: trace Data + required: + - timestamp + - content + - role + Security_AI_Assistant_API_MessageData: + additionalProperties: true + type: object + Security_AI_Assistant_API_MessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_AI_Assistant_API_NormalizedAnonymizationFieldError: + type: object + properties: + anonymization_fields: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError + type: array + err_code: + type: string + message: + type: string + status_code: + type: integer + required: + - message + - status_code + - anonymization_fields + Security_AI_Assistant_API_NormalizedPromptError: + type: object + properties: + err_code: + type: string + message: + type: string + prompts: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - prompts + Security_AI_Assistant_API_PromptCreateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + required: + - name + - content + - promptType + Security_AI_Assistant_API_PromptDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_PromptResponse: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + createdAt: + type: string + createdBy: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + namespace: + description: Kibana space + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - name + - promptType + - content + Security_AI_Assistant_API_PromptsBulkActionSkipReason: + enum: + - PROMPT_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_PromptsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_PromptsBulkCrudActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + prompts_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_PromptsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_PromptType: + description: Prompt type + enum: + - system + - quick + type: string + Security_AI_Assistant_API_PromptUpdateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + id: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + required: + - id + Security_AI_Assistant_API_Provider: + description: Provider + enum: + - OpenAI + - Azure OpenAI + type: string + Security_AI_Assistant_API_Reader: + additionalProperties: true + type: object + Security_AI_Assistant_API_Replacements: + additionalProperties: + type: string + description: Replacements object used to anonymize/deanomymize messsages + type: object + Security_AI_Assistant_API_SortOrder: + enum: + - asc + - desc + type: string + Security_AI_Assistant_API_TraceData: + description: trace Data + type: object + properties: + traceId: + description: 'Could be any string, not necessarily a UUID' + type: string + transactionId: + description: 'Could be any string, not necessarily a UUID' + type: string + Security_AI_Assistant_API_User: + description: 'Could be any string, not necessarily a UUID' + type: object + properties: + id: + description: User id + type: string + name: + description: User name + type: string + Security_Solution_Detections_API_AlertAssignees: + type: object + properties: + add: + description: A list of users ids to assign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + remove: + description: A list of users ids to unassign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - add + - remove + Security_Solution_Detections_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + minItems: 1 + type: array + Security_Solution_Detections_API_AlertsIndex: + deprecated: true + description: (deprecated) Has no effect. + type: string + Security_Solution_Detections_API_AlertsIndexMigrationError: + type: object + properties: + error: + type: object + properties: + message: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - geoip.continent_name: - count: 0 - name: geoip.continent_name + status_code: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - geoip.country_iso_code: - count: 0 - name: geoip.country_iso_code + required: + - message + - status_code + index: + type: string + required: + - index + - error + Security_Solution_Detections_API_AlertsIndexMigrationSuccess: + type: object + properties: + index: + type: string + migration_id: + type: string + migration_index: + type: string + required: + - index + - migration_id + - migration_index + Security_Solution_Detections_API_AlertsIndexNamespace: + description: Has no effect. + type: string + Security_Solution_Detections_API_AlertsReindexOptions: + type: object + properties: + requests_per_second: + minimum: 1 + type: integer + size: + minimum: 1 + type: integer + slices: + minimum: 1 + type: integer + Security_Solution_Detections_API_AlertsSort: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + - items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + type: array + Security_Solution_Detections_API_AlertsSortCombinations: + anyOf: + - type: string + - additionalProperties: true + type: object + Security_Solution_Detections_API_AlertStatus: + enum: + - open + - closed + - acknowledged + - in-progress + type: string + Security_Solution_Detections_API_AlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + group_by: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionGroupBy + missing_fields_strategy: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy + required: + - group_by + Security_Solution_Detections_API_AlertSuppressionDuration: + type: object + properties: + unit: + enum: + - s + - m + - h + type: string + value: + minimum: 1 + type: integer + required: + - value + - unit + Security_Solution_Detections_API_AlertSuppressionGroupBy: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy: + description: >- + Describes how alerts will be generated for documents with missing + suppress by fields: + + doNotSuppress - per each document a separate alert will be created + + suppress - only alert will be created per suppress by bucket + enum: + - doNotSuppress + - suppress + type: string + Security_Solution_Detections_API_AlertTag: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_AlertTags: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTag' + type: array + Security_Solution_Detections_API_AlertVersion: + type: object + properties: + count: + type: integer + version: + type: integer + required: + - version + - count + Security_Solution_Detections_API_AnomalyThreshold: + description: Anomaly threshold + minimum: 0 + type: integer + Security_Solution_Detections_API_BuildingBlockType: + description: >- + Determines if the rule acts as a building block. By default, + building-block alerts are not displayed in the UI. These rules are used + as a foundation for other rules that do generate alerts. Its value must + be default. + type: string + Security_Solution_Detections_API_BulkActionEditPayload: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTags + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTimeline + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadRuleActions + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadSchedule + Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns: + type: object + properties: + overwrite_data_views: + type: boolean + type: + enum: + - add_index_patterns + - delete_index_patterns + - set_index_patterns + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields: + type: object + properties: + type: + enum: + - add_investigation_fields + - delete_investigation_fields + - set_investigation_fields + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadRuleActions: + type: object + properties: + type: + enum: + - add_rule_actions + - set_rule_actions + type: string + value: + type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleAction + type: array + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThrottleForBulkActions + required: + - actions + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadSchedule: + type: object + properties: + type: + enum: + - set_schedule + type: string + value: + type: object + properties: + interval: + description: >- + Interval in which the rule runs. For example, `"1h"` means the + rule runs every hour. + example: 1h + pattern: '^[1-9]\d*[smh]$' type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - geoip.location: - count: 0 - name: geoip.location - type: geo_point - esTypes: - - geo_point - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: geo_point - params: - transform: wkt - shortDotsEnable: false - isMapped: true - geoip.region_name: - count: 0 - name: geoip.region_name + lookback: + description: Lookback time for the rule + example: 1h + pattern: '^[1-9]\d*[smh]$' type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - manufacturer: - count: 0 - name: manufacturer + required: + - interval + - lookback + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTags: + type: object + properties: + type: + enum: + - add_tags + - delete_tags + - set_tags + type: string + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleTagArray' + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTimeline: + type: object + properties: + type: + enum: + - set_timeline + type: string + value: + type: object + properties: + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + required: + - timeline_id + - timeline_title + required: + - type + - value + Security_Solution_Detections_API_BulkActionsDryRunErrCode: + enum: + - IMMUTABLE + - MACHINE_LEARNING_AUTH + - MACHINE_LEARNING_INDEX_PATTERN + - ESQL_INDEX_PATTERN + - MANUAL_RULE_RUN_FEATURE + - MANUAL_RULE_RUN_DISABLED_RULE + type: string + Security_Solution_Detections_API_BulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditSkipReason + required: + - id + - skip_reason + Security_Solution_Detections_API_BulkCrudRulesResponse: + items: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ErrorSchema' + type: array + Security_Solution_Detections_API_BulkDeleteRules: + type: object + properties: + action: + enum: + - delete + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDisableRules: + type: object + properties: + action: + enum: + - disable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDuplicateRules: + type: object + properties: + action: + enum: + - duplicate + type: string + duplicate: + type: object + properties: + include_exceptions: + description: Whether to copy exceptions from the original rule + type: boolean + include_expired_exceptions: + description: Whether to copy expired exceptions from the original rule + type: boolean + required: + - include_exceptions + - include_expired_exceptions + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkEditActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleError + type: array + results: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResults + summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionSummary + required: + - results + - summary + message: + type: string + rules_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_Solution_Detections_API_BulkEditActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + deleted: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_Solution_Detections_API_BulkEditActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_Solution_Detections_API_BulkEditRules: + type: object + properties: + action: + enum: + - edit + type: string + edit: + description: Array of objects containing the edit operations + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayload + minItems: 1 + type: array + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + - edit + Security_Solution_Detections_API_BulkEditSkipReason: + enum: + - RULE_NOT_MODIFIED + type: string + Security_Solution_Detections_API_BulkEnableRules: + type: object + properties: + action: + enum: + - enable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkExportActionResponse: + type: string + Security_Solution_Detections_API_BulkExportRules: + type: object + properties: + action: + enum: + - export + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkManualRuleRun: + type: object + properties: + action: + enum: + - run + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + run: + type: object + properties: + end_date: + description: End date of the manual rule run type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - manufacturer.keyword: - count: 0 - name: manufacturer.keyword + start_date: + description: Start date of the manual rule run type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: manufacturer - format: - id: string - shortDotsEnable: false - isMapped: true - order_date: - count: 0 - name: order_date - type: date - esTypes: - - date - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: date - shortDotsEnable: false - isMapped: true - order_id: - count: 0 - name: order_id + required: + - start_date + required: + - action + - run + Security_Solution_Detections_API_ConcurrentSearches: + minimum: 1 + type: integer + Security_Solution_Detections_API_DataViewId: + type: string + Security_Solution_Detections_API_DefaultParams: + type: object + properties: + command: + enum: + - isolate + type: string + comment: + type: string + required: + - command + Security_Solution_Detections_API_EcsMapping: + additionalProperties: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + type: object + Security_Solution_Detections_API_EndpointResponseAction: + type: object + properties: + action_type_id: + enum: + - .endpoint + type: string + params: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_DefaultParams + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ProcessesParams + required: + - action_type_id + - params + Security_Solution_Detections_API_EqlOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + event_category_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EventCategoryOverride + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + tiebreaker_field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TiebreakerField + timestamp_field: + $ref: '#/components/schemas/Security_Solution_Detections_API_TimestampField' + Security_Solution_Detections_API_EqlQueryLanguage: + enum: + - eql + type: string + Security_Solution_Detections_API_EqlRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + required: + - type + - query + - language + Security_Solution_Detections_API_EqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleResponseFields + Security_Solution_Detections_API_EqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_EqlRulePatchFields: + allOf: + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - products._id: - count: 0 - name: products._id + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchFields + Security_Solution_Detections_API_EqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_ErrorSchema: + additionalProperties: false + type: object + properties: + error: + type: object + properties: + message: type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - products._id.keyword: - count: 0 - name: products._id.keyword + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + id: + type: string + item_id: + minLength: 1 + type: string + list_id: + minLength: 1 + type: string + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - error + Security_Solution_Detections_API_EsqlQueryLanguage: + enum: + - esql + type: string + Security_Solution_Detections_API_EsqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleResponseFields + Security_Solution_Detections_API_EsqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EsqlRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + Security_Solution_Detections_API_EsqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + type: + description: Rule type + enum: + - esql + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + Security_Solution_Detections_API_EsqlRuleRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + type: + description: Rule type + enum: + - esql + type: string + required: + - type + - language + - query + Security_Solution_Detections_API_EsqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EventCategoryOverride: + type: string + Security_Solution_Detections_API_ExceptionListType: + description: The exception type + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Detections_API_ExternalRuleSource: + description: >- + Type of rule source for externally sourced rules, i.e. rules that have + an external source, such as the Elastic Prebuilt rules repo. + type: object + properties: + is_customized: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsExternalRuleCustomized + type: + enum: + - external + type: string + required: + - type + - is_customized + Security_Solution_Detections_API_FindRulesSortField: + enum: + - created_at + - createdAt + - enabled + - execution_summary.last_execution.date + - execution_summary.last_execution.metrics.execution_gap_duration_s + - execution_summary.last_execution.metrics.total_indexing_duration_ms + - execution_summary.last_execution.metrics.total_search_duration_ms + - execution_summary.last_execution.status + - name + - risk_score + - riskScore + - severity + - updated_at + - updatedAt + type: string + Security_Solution_Detections_API_HistoryWindowStart: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_IndexMigrationStatus: + type: object + properties: + index: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + is_outdated: + type: boolean + migrations: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationStatus + type: array + signal_versions: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertVersion' + type: array + version: + type: integer + required: + - index + - version + - signal_versions + - migrations + - is_outdated + Security_Solution_Detections_API_IndexPatternArray: + items: + type: string + type: array + Security_Solution_Detections_API_InternalRuleSource: + description: >- + Type of rule source for internally sourced rules, i.e. created within + the Kibana apps. + type: object + properties: + type: + enum: + - internal + type: string + required: + - type + Security_Solution_Detections_API_InvestigationFields: + description: > + Schema for fields relating to investigation fields. These are user + defined fields we use to highlight + + in various features in the UI such as alert details flyout and + exceptions auto-population from alert. + + Added in PR #163235 + + Right now we only have a single field but anticipate adding more related + fields to store various + + configuration states such as `override` - where a user might say if they + want only these fields to + + display, or if they want these fields + the fields we select. When + expanding this field, it may look + + something like: + + ```typescript + + const investigationFields = z.object({ + field_names: NonEmptyArray(NonEmptyString), + override: z.boolean().optional(), + }); + + ``` + type: object + properties: + field_names: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - field_names + Security_Solution_Detections_API_InvestigationGuide: + description: Notes to help investigate alerts produced by the rule. + type: string + Security_Solution_Detections_API_IsExternalRuleCustomized: + description: >- + Determines whether an external/prebuilt rule has been customized by the + user (i.e. any of its fields have been modified and diverged from the + base value). + type: boolean + Security_Solution_Detections_API_IsRuleEnabled: + description: Determines whether the rule is enabled. + type: boolean + Security_Solution_Detections_API_IsRuleImmutable: + deprecated: true + description: >- + This field determines whether the rule is a prebuilt Elastic rule. It + will be replaced with the `rule_source` field. + type: boolean + Security_Solution_Detections_API_ItemsPerSearch: + minimum: 1 + type: integer + Security_Solution_Detections_API_KqlQueryLanguage: + enum: + - kuery + - lucene + type: string + Security_Solution_Detections_API_MachineLearningJobId: + description: Machine learning job ID + oneOf: + - type: string + - items: + type: string + minItems: 1 + type: array + Security_Solution_Detections_API_MachineLearningRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleResponseFields + Security_Solution_Detections_API_MachineLearningRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MachineLearningRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + Security_Solution_Detections_API_MachineLearningRulePatchFields: + allOf: + - type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: products._id - format: - id: string - shortDotsEnable: false - isMapped: true - products.base_price: - count: 0 - name: products.base_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.base_unit_price: - count: 0 - name: products.base_unit_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.category: - count: 0 - name: products.category + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchFields + Security_Solution_Detections_API_MachineLearningRuleRequiredFields: + type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + required: + - type + - machine_learning_job_id + - anomaly_threshold + Security_Solution_Detections_API_MachineLearningRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MaxSignals: + minimum: 1 + type: integer + Security_Solution_Detections_API_MigrationCleanupResult: + type: object + properties: + destinationIndex: + type: string + error: + type: object + properties: + message: type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - products.category.keyword: - count: 0 - name: products.category.keyword + status_code: + type: integer + required: + - message + - status_code + id: + type: string + sourceIndex: + type: string + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: string + required: + - id + - destinationIndex + - status + - sourceIndex + - version + - updated + Security_Solution_Detections_API_MigrationFinalizationResult: + type: object + properties: + completed: + type: boolean + destinationIndex: + type: string + error: + type: object + properties: + message: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: products.category - format: - id: string - shortDotsEnable: false - isMapped: true - products.created_on: - count: 0 - name: products.created_on - type: date - esTypes: - - date - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: date - shortDotsEnable: false - isMapped: true - products.discount_amount: - count: 0 - name: products.discount_amount - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.discount_percentage: - count: 0 - name: products.discount_percentage - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.manufacturer: - count: 1 - name: products.manufacturer + status_code: + type: integer + required: + - message + - status_code + id: + type: string + sourceIndex: + type: string + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: string + required: + - id + - completed + - destinationIndex + - status + - sourceIndex + - version + - updated + Security_Solution_Detections_API_MigrationStatus: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: integer + required: + - id + - status + - version + - updated + Security_Solution_Detections_API_NewTermsFields: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_NewTermsRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleResponseFields + Security_Solution_Detections_API_NewTermsRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NewTermsRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_NewTermsRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + Security_Solution_Detections_API_NewTermsRulePatchFields: + allOf: + - type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsFields + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - products.manufacturer.keyword: - count: 0 - name: products.manufacturer.keyword + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchFields + Security_Solution_Detections_API_NewTermsRuleRequiredFields: + type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + required: + - type + - query + - new_terms_fields + - history_window_start + Security_Solution_Detections_API_NewTermsRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_NewTermsRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Detections_API_NormalizedRuleAction: + additionalProperties: false + type: object + properties: + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + required: + - id + - params + Security_Solution_Detections_API_NormalizedRuleError: + type: object + properties: + err_code: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionsDryRunErrCode + message: + type: string + rules: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - rules + Security_Solution_Detections_API_OsqueryParams: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + pack_id: + type: string + queries: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryQuery' + type: array + query: + type: string + saved_query_id: + type: string + timeout: + type: number + Security_Solution_Detections_API_OsqueryQuery: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + id: + description: Query ID + type: string + platform: + type: string + query: + description: Query to run + type: string + removed: + type: boolean + snapshot: + type: boolean + version: + description: Query version + type: string + required: + - id + - query + Security_Solution_Detections_API_OsqueryResponseAction: + type: object + properties: + action_type_id: + enum: + - .osquery + type: string + params: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryParams' + required: + - action_type_id + - params + Security_Solution_Detections_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Detections_API_ProcessesParams: + type: object + properties: + command: + enum: + - kill-process + - suspend-process + type: string + comment: + type: string + config: + type: object + properties: + field: + description: Field to use instead of process.pid type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: products.manufacturer - format: - id: string - shortDotsEnable: false - isMapped: true - products.min_price: - count: 0 - name: products.min_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.price: - count: 1 - name: products.price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.product_id: - count: 0 - name: products.product_id - type: number - esTypes: - - long - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.product_name: - count: 1 - name: products.product_name + overwrite: + default: true + description: Whether to overwrite field with process.pid + type: boolean + required: + - field + required: + - command + - config + Security_Solution_Detections_API_QueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleResponseFields + Security_Solution_Detections_API_QueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_QueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + Security_Solution_Detections_API_QueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_QueryRulePatchFields: + allOf: + - type: object + properties: + type: + description: Rule type + enum: + - query type: string - esTypes: - - text - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - products.product_name.keyword: - count: 0 - name: products.product_name.keyword + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchFields + Security_Solution_Detections_API_QueryRuleRequiredFields: + type: object + properties: + type: + description: Rule type + enum: + - query + type: string + required: + - type + Security_Solution_Detections_API_QueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + required: + - query + - language + Security_Solution_Detections_API_QueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_RelatedIntegration: + description: > + Related integration is a potential dependency of a rule. It's assumed + that if the user installs + + one of the related integrations of a rule, the rule might start to work + properly because it will + + have source events (generated by this integration) potentially matching + the rule's query. + + + NOTE: Proper work is not guaranteed, because a related integration, if + installed, can be + + configured differently or generate data that is not necessarily relevant + for this rule. + + + Related integration is a combination of a Fleet package and (optionally) + one of the + + package's "integrations" that this package contains. It is represented + by 3 properties: + + + - `package`: name of the package (required, unique id) + + - `version`: version of the package (required, semver-compatible) + + - `integration`: name of the integration of this package (optional, id + within the package) + + + There are Fleet packages like `windows` that contain only one + integration; in this case, + + `integration` should be unspecified. There are also packages like `aws` + and `azure` that contain + + several integrations; in this case, `integration` should be specified. + + + @example + + const x: RelatedIntegration = { + package: 'windows', + version: '1.5.x', + }; + + + @example + + const x: RelatedIntegration = { + package: 'azure', + version: '~1.1.6', + integration: 'activitylogs', + }; + type: object + properties: + integration: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + package: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + version: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - package + - version + Security_Solution_Detections_API_RelatedIntegrationArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegration + type: array + Security_Solution_Detections_API_RequiredField: + description: > + Describes an Elasticsearch field that is needed for the rule to + function. + + + Almost all types of Security rules check source event documents for a + match to some kind of + + query or filter. If a document has certain field with certain values, + then it's a match and + + the rule will generate an alert. + + + Required field is an event field that must be present in the source + indices of a given rule. + + + @example + + const standardEcsField: RequiredField = { + name: 'event.action', + type: 'keyword', + ecs: true, + }; + + + @example + + const nonEcsField: RequiredField = { + name: 'winlog.event_data.AttributeLDAPDisplayName', + type: 'keyword', + ecs: false, + }; + type: object + properties: + ecs: + description: Whether the field is an ECS field + type: boolean + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of the Elasticsearch field + required: + - name + - type + - ecs + Security_Solution_Detections_API_RequiredFieldArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RequiredField' + type: array + Security_Solution_Detections_API_RequiredFieldInput: + description: >- + Input parameters to create a RequiredField. Does not include the `ecs` + field, because `ecs` is calculated on the backend based on the field + name and type. + type: object + properties: + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of an Elasticsearch field + required: + - name + - type + Security_Solution_Detections_API_ResponseAction: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_OsqueryResponseAction + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EndpointResponseAction + Security_Solution_Detections_API_ResponseFields: + type: object + properties: + created_at: + format: date-time + type: string + created_by: + type: string + execution_summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionSummary + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + immutable: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleImmutable + required_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldArray + revision: + minimum: 0 + type: integer + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_source: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleSource' + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - rule_id + - immutable + - updated_at + - updated_by + - created_at + - created_by + - revision + - related_integrations + - required_fields + Security_Solution_Detections_API_RiskScore: + description: Risk score (0 to 100) + maximum: 100 + minimum: 0 + type: integer + Security_Solution_Detections_API_RiskScoreMapping: + description: >- + Overrides generated alerts' risk_score with a value from the source + event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + value: + type: string + required: + - field + - operator + - value + type: array + Security_Solution_Detections_API_RuleAction: + type: object + properties: + action_type_id: + description: The action type used for sending notifications. + type: string + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + uuid: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - action_type_id + - id + - params + Security_Solution_Detections_API_RuleActionAlertsFilter: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleActionFrequency: + description: >- + The action frequency defines when the action runs (for example, only on + rule execution or at specific time intervals). + type: object + properties: + notifyWhen: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionNotifyWhen + summary: + description: >- + Action summary indicates whether we will send a summary notification + about all the generate alerts or notification per individual alert + type: boolean + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + nullable: true + required: + - summary + - notifyWhen + - throttle + Security_Solution_Detections_API_RuleActionGroup: + description: >- + Optionally groups actions by use cases. Use `default` for alert + notifications. + type: string + Security_Solution_Detections_API_RuleActionId: + description: The connector ID. + type: string + Security_Solution_Detections_API_RuleActionNotifyWhen: + description: >- + The condition for throttling the notification: `onActionGroupChange`, + `onActiveAlert`, or `onThrottleInterval` + enum: + - onActiveAlert + - onThrottleInterval + - onActionGroupChange + type: string + Security_Solution_Detections_API_RuleActionParams: + additionalProperties: true + description: >- + Object containing the allowed connector fields, which varies according + to the connector type. + type: object + Security_Solution_Detections_API_RuleActionThrottle: + description: Defines how often rule actions are taken. + oneOf: + - enum: + - no_actions + - rule + type: string + - description: 'Time interval in seconds, minutes, hours, or days.' + example: 1h + pattern: '^[1-9]\d*[smhd]$' + type: string + Security_Solution_Detections_API_RuleAuthorArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleCreateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleDescription: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_Solution_Detections_API_RuleExceptionList: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: ID of the exception container + list_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: List ID of the exception container + namespace_type: + description: Determines the exceptions validity in rule's Kibana space + enum: + - agnostic + - single + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExceptionListType + required: + - id + - list_id + - type + - namespace_type + Security_Solution_Detections_API_RuleExecutionMetrics: + type: object + properties: + execution_gap_duration_s: + description: Duration in seconds of execution gap + minimum: 0 + type: integer + total_enrichment_duration_ms: + description: >- + Total time spent enriching documents during current rule execution + cycle + minimum: 0 + type: integer + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during current rule execution + cycle + minimum: 0 + type: integer + total_search_duration_ms: + description: >- + Total time spent performing ES searches as measured by Kibana; + includes network latency and time spent serializing/deserializing + request/response + minimum: 0 + type: integer + Security_Solution_Detections_API_RuleExecutionStatus: + description: >- + Custom execution status of Security rules that is different from the + status used in the Alerting Framework. We merge our custom status with + the Framework's status to determine the resulting status of a rule. + + - going to run - @deprecated Replaced by the 'running' status but left + for backwards compatibility with rule execution events already written + to Event Log in the prior versions of Kibana. Don't use when writing + rule status changes. + + - running - Rule execution started but not reached any intermediate or + final status. + + - partial failure - Rule can partially fail for various reasons either + in the middle of an execution (in this case we update its status right + away) or in the end of it. So currently this status can be both + intermediate and final at the same time. A typical reason for a partial + failure: not all the indices that the rule searches over actually exist. + + - failed - Rule failed to execute due to unhandled exception or a reason + defined in the business logic of its executor function. + + - succeeded - Rule executed successfully without any issues. Note: this + status is just an indication of a rule's "health". The rule might or + might not generate any alerts despite of it. + enum: + - going to run + - running + - partial failure + - failed + - succeeded + type: string + Security_Solution_Detections_API_RuleExecutionStatusOrder: + type: integer + Security_Solution_Detections_API_RuleExecutionSummary: + type: object + properties: + last_execution: + type: object + properties: + date: + description: Date of the last execution + format: date-time type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - subType: - multi: - parent: products.product_name - format: - id: string - shortDotsEnable: false - isMapped: true - products.quantity: - count: 0 - name: products.quantity - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.sku: - count: 0 - name: products.sku + message: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - products.tax_amount: - count: 0 - name: products.tax_amount - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - products.taxful_price: - count: 0 - name: products.taxful_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.taxless_price: - count: 0 - name: products.taxless_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - products.unit_discount_amount: - count: 0 - name: products.unit_discount_amount - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - sku: - count: 0 - name: sku + metrics: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionMetrics + status: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatus + description: Status of the last execution + status_order: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatusOrder + required: + - date + - status + - status_order + - message + - metrics + required: + - last_execution + Security_Solution_Detections_API_RuleFalsePositiveArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleFilterArray: + items: {} + type: array + Security_Solution_Detections_API_RuleInterval: + description: >- + Frequency of rule execution, using a date math range. For example, "1h" + means the rule runs every hour. Defaults to 5m (5 minutes). + type: string + Security_Solution_Detections_API_RuleIntervalFrom: + description: >- + Time from which data is analyzed each time the rule runs, using a date + math range. For example, now-4200s means the rule analyzes data from 70 + minutes before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + Security_Solution_Detections_API_RuleIntervalTo: + type: string + Security_Solution_Detections_API_RuleLicense: + description: The rule's license. + type: string + Security_Solution_Detections_API_RuleMetadata: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleName: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleNameOverride: + description: Sets the source field for the alert's signal.rule.name value + type: string + Security_Solution_Detections_API_RuleObjectId: + $ref: '#/components/schemas/Security_Solution_Detections_API_UUID' + Security_Solution_Detections_API_RulePatchProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRulePatchProps + Security_Solution_Detections_API_RulePreviewLogs: + type: object + properties: + duration: + description: Execution duration in milliseconds + type: integer + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + startedAt: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - errors + - warnings + - duration + Security_Solution_Detections_API_RulePreviewParams: + type: object + properties: + invocationCount: + type: integer + timeframeEnd: + format: date-time + type: string + required: + - invocationCount + - timeframeEnd + Security_Solution_Detections_API_RuleQuery: + type: string + Security_Solution_Detections_API_RuleReferenceArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleResponse: + anyOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_EqlRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_QueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdRule' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRule + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRule + - $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_EsqlRule' + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleSignatureId: + description: 'Could be any string, not necessarily a UUID' + type: string + Security_Solution_Detections_API_RuleSource: + description: >- + Discriminated union that determines whether the rule is internally + sourced (created within the Kibana app) or has an external source, such + as the Elastic Prebuilt rules repo. + discriminator: + propertyName: type + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExternalRuleSource + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_InternalRuleSource + Security_Solution_Detections_API_RuleTagArray: + description: >- + String array containing words and phrases to help categorize, filter, + and search rules. Defaults to an empty array. + items: + type: string + type: array + Security_Solution_Detections_API_RuleUpdateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleUpdateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleVersion: + description: The rule's version number. + minimum: 1 + type: integer + Security_Solution_Detections_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Solution_Detections_API_SavedObjectResolveAliasTargetId: + type: string + Security_Solution_Detections_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Solution_Detections_API_SavedQueryId: + type: string + Security_Solution_Detections_API_SavedQueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleResponseFields + Security_Solution_Detections_API_SavedQueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SavedQueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_SavedQueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_SavedQueryRulePatchFields: + allOf: + - type: object + properties: + saved_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryId + type: + description: Rule type + enum: + - saved_query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchFields + Security_Solution_Detections_API_SavedQueryRuleRequiredFields: + type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + required: + - type + - saved_id + Security_Solution_Detections_API_SavedQueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_SavedQueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SetAlertsStatusByIds: + type: object + properties: + signal_ids: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - signal_ids + - status + Security_Solution_Detections_API_SetAlertsStatusByQuery: + type: object + properties: + conflicts: + default: abort + enum: + - abort + - proceed + type: string + query: + additionalProperties: true + type: object + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - query + - status + Security_Solution_Detections_API_SetAlertTags: + type: object + properties: + tags_to_add: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + tags_to_remove: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + required: + - tags_to_add + - tags_to_remove + Security_Solution_Detections_API_SetupGuide: + type: string + Security_Solution_Detections_API_Severity: + description: Severity of the rule + enum: + - low + - medium + - high + - critical + type: string + Security_Solution_Detections_API_SeverityMapping: + description: Overrides generated alerts' severity with values from the source event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + value: + type: string + required: + - field + - operator + - severity + - value + type: array + Security_Solution_Detections_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Detections_API_SkippedAlertsIndexMigration: + type: object + properties: + index: + type: string + required: + - index + Security_Solution_Detections_API_SortOrder: + enum: + - asc + - desc + type: string + Security_Solution_Detections_API_Threat: + type: object + properties: + framework: + description: Relevant attack framework + type: string + tactic: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatTactic' + technique: + description: Array containing information on the attack techniques (optional) + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatTechnique + type: array + required: + - framework + - tactic + Security_Solution_Detections_API_ThreatArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threat' + type: array + Security_Solution_Detections_API_ThreatFilters: + items: + description: >- + Query and filter context array used to filter documents from the + Elasticsearch index containing the threat values + type: array + Security_Solution_Detections_API_ThreatIndex: + items: + type: string + type: array + Security_Solution_Detections_API_ThreatIndicatorPath: + description: >- + Defines the path to the threat indicator in the indicator documents + (optional) + type: string + Security_Solution_Detections_API_ThreatMapping: + items: + type: object + properties: + entries: + items: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: + enum: + - mapping + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - field + - type + - value + type: array + required: + - entries + minItems: 1 + type: array + Security_Solution_Detections_API_ThreatMatchRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleResponseFields + Security_Solution_Detections_API_ThreatMatchRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + concurrent_searches: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ConcurrentSearches + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + items_per_search: + $ref: '#/components/schemas/Security_Solution_Detections_API_ItemsPerSearch' + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + threat_filters: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatFilters' + threat_indicator_path: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndicatorPath + threat_language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndex + threat_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMapping + threat_query: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatQuery + type: + description: Rule type + enum: + - threat_match type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - taxful_total_price: - count: 0 - name: taxful_total_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.[00] - shortDotsEnable: false - isMapped: true - taxless_total_price: - count: 0 - name: taxless_total_price - type: number - esTypes: - - half_float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.00 - shortDotsEnable: false - isMapped: true - total_quantity: - count: 1 - name: total_quantity - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - total_unique_products: - count: 0 - name: total_unique_products - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchFields + Security_Solution_Detections_API_ThreatMatchRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match + type: string + required: + - type + - query + - threat_query + - threat_mapping + - threat_index + Security_Solution_Detections_API_ThreatMatchRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThreatMatchRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatQuery: + description: Query to run + type: string + Security_Solution_Detections_API_ThreatSubtechnique: + type: object + properties: + id: + description: Subtechnique ID + type: string + name: + description: Subtechnique name + type: string + reference: + description: Subtechnique reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTactic: + type: object + properties: + id: + description: Tactic ID + type: string + name: + description: Tactic name + type: string + reference: + description: Tactic reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTechnique: + type: object + properties: + id: + description: Technique ID + type: string + name: + description: Technique name + type: string + reference: + description: Technique reference + type: string + subtechnique: + description: Array containing more specific information on the attack technique + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatSubtechnique + type: array + required: + - id + - name + - reference + Security_Solution_Detections_API_Threshold: + type: object + properties: + cardinality: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdCardinality + field: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdField' + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdValue' + required: + - field + - value + Security_Solution_Detections_API_ThresholdAlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + required: + - duration + Security_Solution_Detections_API_ThresholdCardinality: + items: + type: object + properties: + field: + type: string + value: + minimum: 0 + type: integer + required: + - field + - value + type: array + Security_Solution_Detections_API_ThresholdField: + description: Field to aggregate on + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Detections_API_ThresholdRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleResponseFields + Security_Solution_Detections_API_ThresholdRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThresholdRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdAlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_ThresholdRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchFields + Security_Solution_Detections_API_ThresholdRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + required: + - type + - query + - threshold + Security_Solution_Detections_API_ThresholdRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThresholdRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdValue: + description: Threshold value + minimum: 1 + type: integer + Security_Solution_Detections_API_ThrottleForBulkActions: + description: >- + The condition for throttling the notification: 'rule', 'no_actions', or + time duration + enum: + - rule + - 1h + - 1d + - 7d + type: string + Security_Solution_Detections_API_TiebreakerField: + description: Sets a secondary field for sorting events + type: string + Security_Solution_Detections_API_TimelineTemplateId: + description: Timeline template ID + type: string + Security_Solution_Detections_API_TimelineTemplateTitle: + description: Timeline template title + type: string + Security_Solution_Detections_API_TimestampField: + description: Contains the event timestamp used for sorting a sequence of events + type: string + Security_Solution_Detections_API_TimestampOverride: + description: Sets the time field used to query indices + type: string + Security_Solution_Detections_API_TimestampOverrideFallbackDisabled: + description: Disables the fallback to the event's @timestamp field + type: boolean + Security_Solution_Detections_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Detections_API_WarningSchema: + type: object + properties: + actionPath: + type: string + buttonLabel: + type: string + message: + type: string + type: + type: string + required: + - type + - message + - actionPath + Security_Solution_Endpoint_Exceptions_API_EndpointList: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionList + - additionalProperties: false + type: object + Security_Solution_Endpoint_Exceptions_API_EndpointListItem: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItem + Security_Solution_Endpoint_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + description: 'Human readable string identifier, e.g. `trusted-linux-processes`' + Security_Solution_Endpoint_Exceptions_API_ExceptionListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + created_at: + format: date-time + type: string + created_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + updated_at: + format: date-time + type: string + updated_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - id + - comment + - created_at + - created_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + list: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListId type: - count: 0 - name: type - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - user: - count: 0 - name: user - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - typeMeta: {} - fieldFormats: - taxful_total_price: - id: number - params: - pattern: $0,0.[00] - products.price: - id: number - params: - pattern: $0,0.00 - taxless_total_price: - id: number - params: - pattern: $0,0.00 - products.taxless_price: - id: number - params: - pattern: $0,0.00 - products.taxful_price: - id: number - params: - pattern: $0,0.00 - products.min_price: - id: number - params: - pattern: $0,0.00 - products.base_unit_price: - id: number - params: - pattern: $0,0.00 - products.base_price: - id: number - params: - pattern: $0,0.00 - runtimeFieldMap: {} - fieldAttrs: - products.manufacturer: - count: 1 - products.price: - count: 1 - products.product_name: - count: 1 - total_quantity: - count: 1 - allowNoIndex: false - name: Kibana Sample Data eCommerce - namespaces: - - default - Data_views_update_data_view_request: - summary: Update some properties for a data view. - value: - data_view: - title: kibana_sample_data_ecommerce - timeFieldName: order_date - allowNoIndex: false - name: Kibana Sample Data eCommerce - refresh_fields: true - Data_views_update_field_metadata_request: - summary: Update metadata for multiple fields. - value: - fields: - field1: - count: 123 - customLabel: Field 1 label - field2: - customLabel: Field 2 label - customDescription: Field 2 description - Data_views_create_runtime_field_request: - summary: Create a runtime field. - value: - name: runtimeFoo - runtimeField: - type: long - script: - source: emit(doc["foo"].value) - Data_views_get_runtime_field_response: - summary: >- - The get runtime field API returns a JSON object that contains - information about the runtime field (`hour_of_day`) and the data view - (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). - value: - fields: - - count: 0 - name: hour_of_day - type: number - esTypes: - - long - scripted: false - searchable: true - aggregatable: true - readFromDocValues: false - shortDotsEnable: false - runtimeField: - type: long - script: - source: emit(doc['timestamp'].value.getHour()); - data_view: - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - version: WzM2LDJd - title: kibana_sample_data_flights - timeFieldName: timestamp - sourceFilters: [] - fields: - hour_of_day: - count: 0 - name: hour_of_day - type: number - esTypes: - - long - scripted: false - searchable: true - aggregatable: true - readFromDocValues: false - format: - id: number - params: - pattern: '00' - shortDotsEnable: false - runtimeField: - type: long - script: - source: emit(doc['timestamp'].value.getHour()); - AvgTicketPrice: - count: 0 - name: AvgTicketPrice - type: number - esTypes: - - float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - params: - pattern: $0,0.[00] - shortDotsEnable: false - isMapped: true - Cancelled: - count: 0 - name: Cancelled - type: boolean - esTypes: - - boolean - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: boolean - shortDotsEnable: false - isMapped: true - Carrier: - count: 0 - name: Carrier - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - Dest: - count: 0 - name: Dest - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestAirportID: - count: 0 - name: DestAirportID + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListType + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Endpoint_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Endpoint_Management_API_ActionLogRequestQuery: + type: object + properties: + end_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + page_size: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PageSize + start_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + canEncrypt: + type: boolean + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + agent_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + pending_actions: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionsSchema + required: + - agent_id + - pending_actions + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_AgentId: + description: Agent ID + type: string + Security_Solution_Endpoint_Management_API_AgentIds: + minLength: 1 + oneOf: + - items: + minLength: 1 + type: string + maxItems: 50 + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_AgentTypes: + enum: + - endpoint + - sentinel_one + - crowdstrike + type: string + Security_Solution_Endpoint_Management_API_AlertIds: + description: A list of alerts ids. + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NonEmptyString + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_CaseIds: + description: Case IDs to be updated (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_Command: + description: The command to be executed (cannot be an empty string) + enum: + - isolate + - unisolate + - kill-process + - suspend-process + - running-processes + - get-file + - execute + - upload + - scan + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_Commands: + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Command' + type: array + Security_Solution_Endpoint_Management_API_Comment: + description: Optional comment + type: string + Security_Solution_Endpoint_Management_API_EndDate: + description: End date + type: string + Security_Solution_Endpoint_Management_API_EndpointIds: + description: List of endpoint IDs (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + command: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Command + timeout: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Timeout + required: + - command + required: + - parameters + Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery: + type: object + properties: + agentIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + agentTypes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + commands: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Commands + endDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + startDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + types: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Types' + userIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UserIds + withOutputs: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_WithOutputs + Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_KillOrSuspendActionSchema: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - type: object + properties: + pid: + minimum: 1 + type: integer + - type: object + properties: + entity_id: + minLength: 1 + type: string + required: + - parameters + Security_Solution_Endpoint_Management_API_ListRequestQuery: + type: object + properties: + hostStatuses: + items: + enum: + - healthy + - offline + - updating + - inactive + - unenrolled + type: string + type: array + kuery: + nullable: true + type: string + page: + default: 0 + description: Page number + minimum: 0 + type: integer + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + sortDirection: + enum: + - asc + - desc + nullable: true + type: string + sortField: + enum: + - enrolled_at + - metadata.host.hostname + - host_status + - metadata.Endpoint.policy.applied.name + - metadata.Endpoint.policy.applied.status + - metadata.host.os.name + - metadata.host.ip + - metadata.agent.version + - last_checkin + type: string + required: + - hostStatuses + Security_Solution_Endpoint_Management_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Management_API_NoParametersRequestSchema: + type: object + properties: + body: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: + - body + Security_Solution_Endpoint_Management_API_Page: + default: 1 + description: Page number + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_PageSize: + default: 10 + description: Number of items per page + maximum: 100 + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Parameters: + description: Optional parameters object + type: object + Security_Solution_Endpoint_Management_API_PendingActionDataType: + type: integer + Security_Solution_Endpoint_Management_API_PendingActionsSchema: + oneOf: + - type: object + properties: + execute: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + get-file: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + isolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + kill-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + running-processes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + scan: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + suspend-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + unisolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + upload: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + - additionalProperties: true + type: object + Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse: + type: object + properties: + note: + type: string + Security_Solution_Endpoint_Management_API_ScanRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_StartDate: + description: Start date + type: string + Security_Solution_Endpoint_Management_API_SuccessResponse: + type: object + properties: {} + Security_Solution_Endpoint_Management_API_Timeout: + description: The maximum timeout value in milliseconds (optional) + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Type: + description: Type of response action + enum: + - automated + - manual + type: string + Security_Solution_Endpoint_Management_API_Types: + description: List of types of response actions + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Type' + maxLength: 2 + minLength: 1 + type: array + Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_UploadRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + file: + format: binary type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestCityName: - count: 0 - name: DestCityName + parameters: + type: object + properties: + overwrite: + default: false + type: boolean + required: + - parameters + - file + Security_Solution_Endpoint_Management_API_UserIds: + description: User IDs + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_WithOutputs: + description: Shows detailed outputs for an action response + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: + type: object + properties: + index: + type: integer + message: + type: string + required: + - message + - index + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats: + type: object + properties: + failed: + type: integer + successful: + type: integer + total: + type: integer + required: + - successful + - failed + - total + Security_Solution_Entity_Analytics_API_AssetCriticalityLevel: + description: The criticality level of the asset. + enum: + - low_impact + - medium_impact + - high_impact + - extreme_impact + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + '@timestamp': + description: The time the record was created or updated. + example: '2017-07-21T17:32:28Z' + format: date-time type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestCountry: - count: 0 - name: DestCountry + required: + - '@timestamp' + Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts: + type: object + properties: + id_field: + $ref: '#/components/schemas/Security_Solution_Entity_Analytics_API_IdField' + description: The field representing the ID. + example: host.name + id_value: + description: The ID value of the asset. + type: string + required: + - id_value + - id_field + Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts + - type: object + properties: + criticality_level: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality_level + Security_Solution_Entity_Analytics_API_IdField: + enum: + - host.name + - user.name + type: string + Security_Solution_Exceptions_API_CreateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + Security_Solution_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + description: 'Human readable string identifier, e.g. `trusted-linux-processes`' + Security_Solution_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + created_at: + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + updated_at: + format: date-time + type: string + updated_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Solution_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + list: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: array + Security_Solution_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListsImportBulkError: + type: object + properties: + error: + type: object + properties: + message: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestLocation: - count: 0 - name: DestLocation - type: geo_point - esTypes: - - geo_point - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: geo_point - params: - transform: wkt - shortDotsEnable: false - isMapped: true - DestRegion: - count: 0 - name: DestRegion + status_code: + type: integer + required: + - status_code + - message + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + required: + - error + Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkError + type: array + Security_Solution_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Exceptions_API_FindExceptionListItemsFilter: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_FindExceptionListsFilter: + type: string + Security_Solution_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Exceptions_API_RuleId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_UUID' + Security_Solution_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Exceptions_API_UpdateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Lists_API_FindListItemsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListItemsFilter: + type: string + Security_Solution_Lists_API_FindListsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListsFilter: + type: string + Security_Solution_Lists_API_List: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + immutable: + type: boolean + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + minimum: 1 + type: integer + required: + - id + - type + - name + - description + - immutable + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListDescription: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItem: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemMetadata' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + value: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemValue' + required: + - id + - type + - list_id + - value + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListItemId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItemMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListItemPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListItemValue: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListName: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Lists_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Lists_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Lists_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Osquery_API_ArrayQueries: + items: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueriesItem' + type: array + Security_Solution_Osquery_API_ArrayQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_CreateLiveQueryRequestBody: + type: object + properties: + agent_all: + type: boolean + agent_ids: + items: + type: string + type: array + agent_platforms: + items: + type: string + type: array + agent_policy_ids: + items: + type: string + type: array + alert_ids: + items: + type: string + type: array + case_ids: + items: + type: string + type: array + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + event_ids: + items: + type: string + type: array + metadata: + nullable: true + type: object + pack_id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackIdOrUndefined' + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueries' + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + Security_Solution_Osquery_API_CreatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + name: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackName' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_CreateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_DefaultSuccessResponse: + type: object + properties: {} + Security_Solution_Osquery_API_Description: + type: string + Security_Solution_Osquery_API_DescriptionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Description' + nullable: true + Security_Solution_Osquery_API_ECSMapping: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMappingItem' + type: object + Security_Solution_Osquery_API_ECSMappingItem: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Osquery_API_ECSMappingOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMapping' + nullable: true + Security_Solution_Osquery_API_Enabled: + type: boolean + Security_Solution_Osquery_API_EnabledOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Enabled' + nullable: true + Security_Solution_Osquery_API_FindLiveQueryRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindPacksRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindSavedQueryRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_Id: + type: string + Security_Solution_Osquery_API_Interval: + type: string + Security_Solution_Osquery_API_IntervalOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + nullable: true + Security_Solution_Osquery_API_KueryOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_ObjectQueries: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueriesItem' + type: object + Security_Solution_Osquery_API_ObjectQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_PackId: + type: string + Security_Solution_Osquery_API_PackIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + nullable: true + Security_Solution_Osquery_API_PackName: + type: string + Security_Solution_Osquery_API_PageOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_PageSizeOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_Platform: + type: string + Security_Solution_Osquery_API_PlatformOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Platform' + nullable: true + Security_Solution_Osquery_API_PolicyIds: + items: + type: string + type: array + Security_Solution_Osquery_API_PolicyIdsOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PolicyIds' + nullable: true + Security_Solution_Osquery_API_Query: + type: string + Security_Solution_Osquery_API_QueryOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + nullable: true + Security_Solution_Osquery_API_Removed: + type: boolean + Security_Solution_Osquery_API_RemovedOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Removed' + nullable: true + Security_Solution_Osquery_API_SavedQueryId: + type: string + Security_Solution_Osquery_API_SavedQueryIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + nullable: true + Security_Solution_Osquery_API_Shards: + additionalProperties: + type: number + type: object + Security_Solution_Osquery_API_Snapshot: + type: boolean + Security_Solution_Osquery_API_SnapshotOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Snapshot' + nullable: true + Security_Solution_Osquery_API_SortOrderOrUndefined: + oneOf: + - nullable: true + type: string + - enum: + - asc + - desc + Security_Solution_Osquery_API_SortOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_UpdatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_UpdateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_IntervalOrUndefined + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_Version: + type: string + Security_Solution_Osquery_API_VersionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Version' + nullable: true + Security_Solution_Timeline_API_BareNote: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + nullable: true + type: string + note: + nullable: true + type: string + timelineId: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + required: + - timelineId + Security_Solution_Timeline_API_ColumnHeaderResult: + type: object + properties: + aggregatable: + type: boolean + category: + type: string + columnHeaderType: + type: string + description: + type: string + example: + oneOf: + - type: string + - type: number + id: + type: string + indexes: + items: + type: string + type: array + name: + type: string + placeholder: + type: string + searchable: + type: boolean + type: + type: string + Security_Solution_Timeline_API_DataProviderQueryMatch: + type: object + properties: + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + Security_Solution_Timeline_API_DataProviderResult: + type: object + properties: + and: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderQueryMatch + nullable: true + type: array + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DataProviderType' + nullable: true + Security_Solution_Timeline_API_DataProviderType: + description: >- + The type of data provider to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Security_Solution_Timeline_API_DocumentIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Solution_Timeline_API_FavoriteTimelineResponse: + type: object + properties: + code: + nullable: true + type: number + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + type: array + message: + nullable: true + type: string + savedObjectId: + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_FavoriteTimelineResult: + type: object + properties: + favoriteDate: + nullable: true + type: number + fullName: + nullable: true + type: string + userName: + nullable: true + type: string + Security_Solution_Timeline_API_FilterTimelineResult: + type: object + properties: + exists: + type: boolean + match_all: + type: string + meta: + type: object + properties: + alias: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DestWeather: - count: 0 - name: DestWeather + controlledBy: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - DistanceKilometers: - count: 0 - name: DistanceKilometers - type: number - esTypes: - - float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - DistanceMiles: - count: 0 - name: DistanceMiles - type: number - esTypes: - - float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - FlightDelay: - count: 0 - name: FlightDelay + disabled: type: boolean - esTypes: - - boolean - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: boolean - shortDotsEnable: false - isMapped: true - FlightDelayMin: - count: 0 - name: FlightDelayMin - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - FlightDelayType: - count: 0 - name: FlightDelayType - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - FlightNum: - count: 0 - name: FlightNum - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - FlightTimeHour: - count: 0 - name: FlightTimeHour - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - FlightTimeMin: - count: 0 - name: FlightTimeMin - type: number - esTypes: - - float - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - Origin: - count: 0 - name: Origin - type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginAirportID: - count: 0 - name: OriginAirportID + field: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginCityName: - count: 0 - name: OriginCityName + formattedValue: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginCountry: - count: 0 - name: OriginCountry + index: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginLocation: - count: 0 - name: OriginLocation - type: geo_point - esTypes: - - geo_point - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: geo_point - params: - transform: wkt - shortDotsEnable: false - isMapped: true - OriginRegion: - count: 0 - name: OriginRegion + key: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - OriginWeather: - count: 0 - name: OriginWeather + negate: + type: boolean + params: type: string - esTypes: - - keyword - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: string - shortDotsEnable: false - isMapped: true - _id: - count: 0 - name: _id + type: type: string - esTypes: - - _id - scripted: false - searchable: true - aggregatable: false - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - _index: - count: 0 - name: _index + value: type: string - esTypes: - - _index - scripted: false - searchable: true - aggregatable: true - readFromDocValues: false - format: - id: string - shortDotsEnable: false - isMapped: true - _score: - count: 0 - name: _score - type: number - scripted: false - searchable: false - aggregatable: false - readFromDocValues: false - format: - id: number - shortDotsEnable: false - isMapped: true - _source: - count: 0 - name: _source - type: _source - esTypes: - - _source - scripted: false - searchable: false - aggregatable: false - readFromDocValues: false - format: - id: _source - shortDotsEnable: false - isMapped: true - dayOfWeek: - count: 0 - name: dayOfWeek - type: number - esTypes: - - integer - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: number - shortDotsEnable: false - isMapped: true - timestamp: - count: 0 - name: timestamp - type: date - esTypes: - - date - scripted: false - searchable: true - aggregatable: true - readFromDocValues: true - format: - id: date - shortDotsEnable: false - isMapped: true - fieldFormats: - hour_of_day: - id: number - params: - pattern: '00' - AvgTicketPrice: - id: number - params: - pattern: $0,0.[00] - runtimeFieldMap: - hour_of_day: - type: long - script: - source: emit(doc['timestamp'].value.getHour()); - fieldAttrs: {} - allowNoIndex: false - name: Kibana Sample Data Flights - Data_views_update_runtime_field_request: - summary: Update an existing runtime field on a data view. - value: - runtimeField: - script: - source: emit(doc["bar"].value) - Data_views_get_default_data_view_response: - summary: The get default data view API returns the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_set_default_data_view_request: - summary: Set the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - force: true - Data_views_swap_data_view_request: - summary: >- - Swap references from data view ID "abcd-efg" to "xyz-123" and remove the - data view that is no longer referenced. - value: - fromId: abcd-efg - toId: xyz-123 - delete: true - Data_views_preview_swap_data_view_request: - summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". - value: - fromId: abcd-efg - toId: xyz-123 - Machine_learning_APIs_mlSyncExample: - summary: Two anomaly detection jobs required synchronization in this example. - value: - savedObjectsCreated: - anomaly-detector: - myjob1: - success: true - myjob2: - success: true - savedObjectsDeleted: {} - datafeedsAdded: {} - datafeedsRemoved: {} - Saved_objects_key_rotation_response: - summary: Encryption key rotation using default parameters. - value: - total: 1000 - successful: 300 - failed: 0 - Saved_objects_export_objects_request: - summary: Export a specific saved object. - value: - objects: - - type: map - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - includeReferencesDeep: false - excludeExportDetails: true - Saved_objects_export_objects_response: - summary: >- - The export objects API response contains a JSON record for each exported - object. - value: - attributes: - description: '' - layerListJSON: >- - [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total - Requests by - Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web - logs - count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual - Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total - Requests and - Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web - logs - count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] - mapStateJSON: >- - {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} - title: '[Logs] Total Requests and Bytes' - uiStateJSON: '{"isDarkMode":false}' - coreMigrationVersion: 8.8.0 - created_at: '2023-08-23T20:03:32.204Z' - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - managed: false - references: - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_1_join_0_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_2_source_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_3_source_index_pattern - type: index-pattern - type: map - typeMigrationVersion: 8.4.0 - updated_at: '2023-08-23T20:03:32.204Z' - version: WzEzLDFd - Saved_objects_import_objects_request: - value: - file: file.ndjson - Saved_objects_import_objects_response: - summary: >- - The import objects API response indicates a successful import and the - objects are created. Since these objects are created as new copies, each - entry in the successResults array includes a destinationId attribute. - value: - successCount: 1 - success: true - successResults: - - type: index-pattern - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - meta: - title: Kibana Sample Data Logs - icon: indexPatternApp - managed: false - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 - Saved_objects_resolve_missing_reference_request: - value: - file: file.ndjson - retries: - - type: index-pattern - id: my-pattern - overwrite: true - - type: visualization - id: my-vis - overwrite: true - destinationId: another-vis - - type: canvas - id: my-canvas - overwrite: true - destinationId: yet-another-canvas - - type: dashboard - id: my-dashboard - Saved_objects_resolve_missing_reference_response: - summary: Resolve missing reference errors. - value: - success: true - successCount: 3 - successResults: - - id: my-vis - type: visualization - meta: - icon: visualizeApp - title: Look at my visualization - - id: my-search - type: search - meta: - icon: searchApp - title: Look at my search - - id: my-dashboard - type: dashboard - meta: - icon: dashboardApp - title: Look at my dashboard - responses: - Connectors_401: - description: Authorization information is missing or invalid. - content: - application/json: - schema: + missing: + type: string + query: + type: string + range: + type: string + script: + type: string + Security_Solution_Timeline_API_ImportTimelineResult: + type: object + properties: + errors: + items: type: object - title: Unauthorized response properties: error: + type: object + properties: + message: + type: string + status_code: + type: number + id: + type: string + type: array + success: + type: boolean + success_count: + type: number + timelines_installed: + type: number + timelines_updated: + type: number + Security_Solution_Timeline_API_ImportTimelines: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + globalNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + savedObjectId: + nullable: true + type: string + version: + nullable: true + type: string + Security_Solution_Timeline_API_Note: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + - type: object + properties: + noteId: + type: string + version: + type: string + Security_Solution_Timeline_API_PinnedEvent: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + type: string + pinnedEventId: + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + version: + type: string + required: + - eventId + - pinnedEventId + - timelineId + - version + Security_Solution_Timeline_API_QueryMatchResult: + type: object + properties: + displayField: + nullable: true + type: string + displayValue: + nullable: true + type: string + field: + nullable: true + type: string + operator: + nullable: true + type: string + value: + nullable: true + type: string + Security_Solution_Timeline_API_Readable: + type: object + properties: + _data: + additionalProperties: true + type: object + _encoding: + type: string + _events: + additionalProperties: true + type: object + _eventsCount: + type: number + _maxListeners: + additionalProperties: true + type: object + _position: + type: number + _read: + additionalProperties: true + type: object + _readableState: + additionalProperties: true + type: object + readable: + type: boolean + Security_Solution_Timeline_API_RowRendererId: + enum: + - alert + - alerts + - auditd + - auditd_file + - library + - netflow + - plain + - registry + - suricata + - system + - system_dns + - system_endgame_process + - system_file + - system_fim + - system_security_event + - system_socket + - threat_match + - zeek + type: string + Security_Solution_Timeline_API_SavedTimeline: + type: object + properties: + columns: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ColumnHeaderResult + nullable: true + type: array + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + dataProviders: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderResult + nullable: true + type: array + dataViewId: + nullable: true + type: string + dateRange: + nullable: true + type: object + properties: + end: + oneOf: + - type: string + - type: number + start: + oneOf: + - type: string + - type: number + description: + nullable: true + type: string + eqlOptions: + nullable: true + type: object + properties: + eventCategoryField: + nullable: true + type: string + query: + nullable: true + type: string + size: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + tiebreakerField: + nullable: true + type: string + timestampField: + nullable: true + type: string + eventType: + nullable: true + type: string + excludedRowRendererIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_RowRendererId' + nullable: true + type: array + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + nullable: true + type: array + filters: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FilterTimelineResult + nullable: true + type: array + indexNames: + items: + type: string + nullable: true + type: array + kqlMode: + nullable: true + type: string + kqlQuery: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SerializedFilterQueryResult + nullable: true + savedQueryId: + nullable: true + type: string + savedSearchId: + nullable: true + type: string + sort: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Sort' + nullable: true + status: + enum: + - active + - draft + - immutable + nullable: true + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + title: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + Security_Solution_Timeline_API_SerializedFilterQueryResult: + type: object + properties: + filterQuery: + nullable: true + type: object + properties: + kuery: + nullable: true + type: object + properties: + expression: + nullable: true + type: string + kind: + nullable: true + type: string + serializedQuery: + nullable: true + type: string + Security_Solution_Timeline_API_Sort: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + - items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + type: array + Security_Solution_Timeline_API_SortFieldTimeline: + description: The field to sort the timelines by. + enum: + - title + - description + - updated + - created + type: string + Security_Solution_Timeline_API_SortObject: + type: object + properties: + columnId: + nullable: true + type: string + columnType: + nullable: true + type: string + sortDirection: + nullable: true + type: string + Security_Solution_Timeline_API_TimelineResponse: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + noteIds: + items: type: string - example: Unauthorized - enum: - - Unauthorized - message: + type: array + notes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + pinnedEventIds: + items: type: string - statusCode: - type: integer - example: 401 - enum: - - 401 - Connectors_404: - description: Object is not found. - content: - application/json: - schema: + type: array + pinnedEventsSaveObject: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + type: array + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_TimelineStatus: + description: >- + The status of the timeline. Valid values are `active`, `draft`, and + `immutable`. + enum: + - active + - draft + - immutable + type: string + Security_Solution_Timeline_API_TimelineType: + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + SLOs_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + example: 'Invalid value ''foo'' supplied to: [...]' + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + SLOs_401_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 401 + type: number + required: + - statusCode + - error + - message + SLOs_403_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 403 + type: number + required: + - statusCode + - error + - message + SLOs_404_response: + title: Not found + type: object + properties: + error: + example: Not Found + type: string + message: + example: 'SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found' + type: string + statusCode: + example: 404 + type: number + required: + - statusCode + - error + - message + SLOs_409_response: + title: Conflict + type: object + properties: + error: + example: Conflict + type: string + message: + example: 'SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists' + type: string + statusCode: + example: 409 + type: number + required: + - statusCode + - error + - message + SLOs_budgeting_method: + description: The budgeting method to use when computing the rollup data. + enum: + - occurrences + - timeslices + example: occurrences + title: Budgeting method + type: string + SLOs_create_slo_request: + description: > + The create SLO API request body varies depending on the type of + indicator, time window and budgeting method. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: >- + A optional and unique identifier for the SLO. Must be between 8 and + 36 chars + example: my-super-slo-id + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + required: + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + title: Create SLO request + type: object + SLOs_create_slo_response: + title: Create SLO response + type: object + properties: + id: + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - id + SLOs_delete_slo_instances_request: + description: > + The delete SLO instances request takes a list of SLO id and instance id, + then delete the rollup and summary data. This API can be used to remove + the staled data of an instance SLO that no longer get updated. + properties: + list: + description: An array of slo id and instance id + items: type: object - title: Not found response properties: - error: + instanceId: + description: The SLO instance identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 type: string - example: Not Found - enum: - - Not Found - message: + sloId: + description: The SLO unique identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 type: string - example: >- - Saved object [action/baf33fc0-920c-11ed-b36a-874bd1548a00] not - found - statusCode: - type: integer - example: 404 - enum: - - 404 - Connectors_200_actions: - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '#/components/schemas/Connectors_action_response_properties' + required: + - sloId + - instanceId + type: array + required: + - list + title: Delete SLO instances request + type: object + SLOs_error_budget: + title: Error budget + type: object + properties: + consumed: + description: 'The error budget consummed, as a percentage of the initial value.' + example: 0.8 + type: number + initial: + description: 'The initial error budget, as 1 - objective' + example: 0.02 + type: number + isEstimated: + description: >- + Only for SLO defined with occurrences budgeting method and calendar + aligned time window. + example: true + type: boolean + remaining: + description: 'The error budget remaining, as a percentage of the initial value.' + example: 0.2 + type: number + required: + - initial + - consumed + - remaining + - isEstimated + SLOs_filter: + description: Defines properties for a filter + properties: + meta: + $ref: '#/components/schemas/SLOs_filter_meta' + query: + type: object + title: Filter + type: object + SLOs_filter_meta: + description: Defines properties for a filter + properties: + alias: + nullable: true + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + group: + type: string + index: + type: string + isMultiIndex: + type: boolean + key: + type: string + negate: + type: boolean + params: + type: object + type: + type: string + value: + type: string + title: FilterMeta + type: object + SLOs_find_slo_response: + description: | + A paginated response of SLOs matching the query. + properties: + page: + example: 1 + type: number + perPage: + example: 25 + type: number + results: + items: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + type: array + total: + example: 34 + type: number + title: Find SLO response + type: object + SLOs_indicator_properties_apm_availability: + description: Defines properties for the APM availability indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: 'metrics-apm*,apm*' + type: string + service: + description: The APM service name + example: o11y-app + type: string + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM availability + SLOs_indicator_properties_apm_latency: + description: Defines properties for the APM latency indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: 'metrics-apm*,apm*' + type: string + service: + description: The APM service name + example: o11y-app + type: string + threshold: + description: The latency threshold in milliseconds + example: 250 + type: number + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + - threshold + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM latency + SLOs_indicator_properties_custom_kql: + description: Defines properties for a custom query indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + $ref: '#/components/schemas/SLOs_kql_with_filters' + good: + $ref: '#/components/schemas/SLOs_kql_with_filters_good' + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + $ref: '#/components/schemas/SLOs_kql_with_filters_total' + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.kql.custom + type: string + required: + - type + - params + title: Custom Query + SLOs_indicator_properties_custom_metric: + description: Defines properties for a custom metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "good" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "total" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: *' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.metric.custom + type: string + required: + - type + - params + title: Custom metric + SLOs_indicator_properties_histogram: + description: Defines properties for a histogram indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for good events. + example: 'processor.outcome: "success"' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for total events. + example: 'processor.outcome : *' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.histogram.custom + type: string + required: + - type + - params + title: Histogram indicator + SLOs_indicator_properties_timeslice_metric: + description: Defines properties for a timeslice metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + index: + description: The index or index pattern to use + example: my-service-* + type: string + metric: + description: > + An object defining the metrics, equation, and threshold to + determine if it's a good slice or not + type: object + properties: + comparator: + description: >- + The comparator to use to compare the equation to the + threshold. + enum: + - GT + - GTE + - LT + - LTE + example: GT + type: string + equation: + description: The equation to calculate the metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + anyOf: + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_percentile_metric + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_doc_count_metric + type: array + threshold: + description: >- + The threshold used to determine if the metric is a good + slice or not. + example: 100 + type: number + required: + - metrics + - equation + - comparator + - threshold + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + required: + - index + - timestampField + - metric + type: + description: The type of indicator. + example: sli.metric.timeslice + type: string + required: + - type + - params + title: Timeslice metric + SLOs_kql_with_filters: + description: Defines properties for a filter + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL with filters + SLOs_kql_with_filters_good: + description: The KQL query used to define the good events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'request.latency <= 150 and request.status_code : "2xx"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for good events + SLOs_kql_with_filters_total: + description: The KQL query used to define all events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for all events + SLOs_objective: + description: Defines properties for the SLO objective + type: object + properties: + target: + description: the target objective between 0 and 1 excluded + example: 0.99 + exclusiveMaximum: true + exclusiveMinimum: true + maximum: 100 + minimum: 0 + type: number + timesliceTarget: + description: >- + the target objective for each slice when using a timeslices + budgeting method + example: 0.995 + maximum: 100 + minimum: 0 + type: number + timesliceWindow: + description: >- + the duration of each slice when using a timeslices budgeting method, + as {duraton}{unit} + example: 5m + type: string + required: + - target + title: Objective + SLOs_settings: + description: Defines properties for SLO settings. + properties: + frequency: + default: 1m + description: 'Configure how often the transform runs, default 1m' + example: 5m + type: string + preventInitialBackfill: + default: false + description: Prevents the transform from backfilling data when it starts. + example: true + type: boolean + syncDelay: + default: 1m + description: The synch delay to apply to the transform. Default 1m + example: 5m + type: string + title: Settings + type: object + SLOs_slo_definition_response: + title: SLO definition response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - enabled + - groupBy + - tags + - createdAt + - updatedAt + - version + SLOs_slo_with_summary_response: + title: SLO response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + instanceId: + description: 'the value derived from the groupBy field, if present, otherwise ''*''' + example: host-abcde + type: string + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + summary: + $ref: '#/components/schemas/SLOs_summary' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - summary + - enabled + - groupBy + - instanceId + - tags + - createdAt + - updatedAt + - version + SLOs_summary: + description: The SLO computed data + properties: + errorBudget: + $ref: '#/components/schemas/SLOs_error_budget' + sliValue: + example: 0.9836 + type: number + status: + $ref: '#/components/schemas/SLOs_summary_status' + required: + - status + - sliValue + - errorBudget + title: Summary + type: object + SLOs_summary_status: + enum: + - NO_DATA + - HEALTHY + - DEGRADING + - VIOLATED + example: HEALTHY + title: summary status + type: string + SLOs_time_window: + description: Defines properties for the SLO time window + type: object + properties: + duration: + description: >- + the duration formatted as {duration}{unit}. Accepted values for + rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w + (weekly) or 1M (monthly) + example: 30d + type: string + type: + description: >- + Indicates weither the time window is a rolling or a calendar aligned + time window. + enum: + - rolling + - calendarAligned + example: rolling + type: string + required: + - duration + - type + title: Time window + SLOs_timeslice_metric_basic_metric_with_field: + type: object + properties: + aggregation: + description: The aggregation type of the metric. + enum: + - sum + - avg + - min + - max + - std_deviation + - last_value + - cardinality + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + required: + - name + - aggregation + - field + title: Timeslice Metric Basic Metric with Field + SLOs_timeslice_metric_doc_count_metric: + type: object + properties: + aggregation: + description: The aggregation type of the metric. Only valid option is "doc_count" + enum: + - doc_count + example: doc_count + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + required: + - name + - aggregation + title: Timeslice Metric Doc Count Metric + SLOs_timeslice_metric_percentile_metric: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option is + "percentile" + enum: + - percentile + example: percentile + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: '^[A-Z]$' + type: string + percentile: + description: The percentile value. + example: 95 + type: number + required: + - name + - aggregation + - field + - percentile + title: Timeslice Metric Percentile Metric + SLOs_update_slo_request: + description: > + The update SLO API request body varies depending on the type of + indicator, time window and budgeting method. Partial update is handled. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + title: Update SLO request + type: object securitySchemes: - Kibana_HTTP_APIs_apiKeyAuth: + apiKeyAuth: + description: > + These APIs use key-based authentication. You must create an API key and + use the encoded value in the request header. For example: + `Authorization: ApiKey base64AccessApiKey` in: header name: Authorization type: apiKey - Kibana_HTTP_APIs_basicAuth: - scheme: basic - type: http -x-tagGroups: - - name: Alerting - tags: - - alerting - - name: APM UI - tags: - - APM agent keys - - APM annotations - - name: Cases - tags: - - cases - - name: Connectors - tags: - - connectors - - name: Data views - tags: - - data views - - name: Machine learning APIs - tags: - - ml - - name: Saved objects - tags: - - saved objects - - name: Kibana HTTP APIs - tags: - - system +security: + - apiKeyAuth: [] +tags: + - description: > + Configure APM agent keys to authorize requests from APM agents to the APM + Server. + name: APM agent keys + - description: > + Annotate visualizations in the APM app with significant events. + Annotations enable you to easily see how events are impacting the + performance of your applications. + name: APM annotations + - description: Connector APIs enable you to create and manage connectors. + name: connectors + - description: >- + Data view APIs enable you to manage data views, formerly known as Kibana + index patterns. + name: data views + - description: Machine learning + name: ml + - description: >- + Manage Kibana saved objects, including dashboards, visualizations, and + more. + name: saved objects + - description: Manage and interact with Security Assistant resources. + name: Security AI Assistant API + - description: >- + You can create rules that automatically turn events and external alerts + sent to Elastic Security into detection alerts. These alerts are displayed + on the Detections page. + name: Security Solution Detections API + - description: Interact with and manage endpoints running the Elastic Defend integration. + name: Security Solution Endpoint Management API + - description: '' + name: Security Solution Entity Analytics API + - description: >- + Exceptions API allows you to manage detection rule exceptions to prevent a + rule from generating an alert from incoming events even when the rule's + other criteria are met. + name: Security Solution Exceptions API + - description: 'Lists API allows you to manage lists of keywords, IPs or IP ranges items.' + name: Security Solution Lists API + - description: 'Run live queries, manage packs and saved queries.' + name: Security Solution Osquery API + - description: >- + You can create Timelines and Timeline templates via the API, as well as + import new Timelines from an ndjson file. + name: Security Solution Timeline API + - description: 'SLO APIs enable you to define, manage and track service-level objectives' + name: slo + - name: system diff --git a/oas_docs/scripts/merge_ess_oas.js b/oas_docs/scripts/merge_ess_oas.js new file mode 100644 index 0000000000000..a1812670c15f9 --- /dev/null +++ b/oas_docs/scripts/merge_ess_oas.js @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +require('../../src/setup_node_env'); +const { merge } = require('@kbn/openapi-bundler'); +const { REPO_ROOT } = require('@kbn/repo-info'); + +(async () => { + await merge({ + sourceGlobs: [ + `${REPO_ROOT}/oas_docs/bundle.json`, + `${REPO_ROOT}/x-pack/plugins/actions/docs/openapi/bundled.yaml`, + `${REPO_ROOT}/src/plugins/data_views/docs/openapi/bundled.yaml`, + `${REPO_ROOT}/x-pack/plugins/ml/common/openapi/ml_apis.yaml`, + `${REPO_ROOT}/packages/core/saved-objects/docs/openapi/bundled.yaml`, + + // Observability Solution + `${REPO_ROOT}/x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml`, + `${REPO_ROOT}/x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml`, + + // Security solution + `${REPO_ROOT}/x-pack/plugins/security_solution/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-lists-common/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/ess/*.schema.yaml`, + `${REPO_ROOT}/x-pack/plugins/osquery/docs/openapi/ess/*.schema.yaml`, + ], + outputFilePath: `${REPO_ROOT}/oas_docs/output/kibana.yaml`, + options: { + prototypeDocument: `${REPO_ROOT}/oas_docs/kibana.info.yaml`, + }, + }); +})(); diff --git a/oas_docs/scripts/merge_serverless_oas.js b/oas_docs/scripts/merge_serverless_oas.js new file mode 100644 index 0000000000000..e1b9bf3c7ab17 --- /dev/null +++ b/oas_docs/scripts/merge_serverless_oas.js @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +require('../../src/setup_node_env'); +const { merge } = require('@kbn/openapi-bundler'); +const { REPO_ROOT } = require('@kbn/repo-info'); + +(async () => { + await merge({ + sourceGlobs: [ + `${REPO_ROOT}/oas_docs/bundle.serverless.json`, + `${REPO_ROOT}/x-pack/plugins/actions/docs/openapi/bundled_serverless.yaml`, + `${REPO_ROOT}/src/plugins/data_views/docs/openapi/bundled.yaml`, + `${REPO_ROOT}/x-pack/plugins/ml/common/openapi/ml_apis_serverless.yaml`, + `${REPO_ROOT}/packages/core/saved-objects/docs/openapi/bundled_serverless.yaml`, + + // Observability Solution + `${REPO_ROOT}/x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml`, + `${REPO_ROOT}/x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml`, + + // Security solution + `${REPO_ROOT}/x-pack/plugins/security_solution/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-lists-common/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/serverless/*.schema.yaml`, + `${REPO_ROOT}/x-pack/plugins/osquery/docs/openapi/serverless/*.schema.yaml`, + ], + outputFilePath: `${REPO_ROOT}/oas_docs/output/kibana.serverless.yaml`, + options: { + prototypeDocument: `${REPO_ROOT}/oas_docs/kibana.info.yaml`, + }, + }); +})(); diff --git a/package.json b/package.json index 2864dd7970bf6..90f91cf7d98e6 100644 --- a/package.json +++ b/package.json @@ -220,6 +220,8 @@ "@kbn/console-plugin": "link:src/plugins/console", "@kbn/content-management-content-editor": "link:packages/content-management/content_editor", "@kbn/content-management-examples-plugin": "link:examples/content_management_examples", + "@kbn/content-management-favorites-public": "link:packages/content-management/favorites/favorites_public", + "@kbn/content-management-favorites-server": "link:packages/content-management/favorites/favorites_server", "@kbn/content-management-plugin": "link:src/plugins/content_management", "@kbn/content-management-tabbed-table-list-view": "link:packages/content-management/tabbed_table_list_view", "@kbn/content-management-table-list-view": "link:packages/content-management/table_list_view", diff --git a/packages/content-management/favorites/README.mdx b/packages/content-management/favorites/README.mdx new file mode 100644 index 0000000000000..e54f1baef2c98 --- /dev/null +++ b/packages/content-management/favorites/README.mdx @@ -0,0 +1,76 @@ +--- +id: sharedUX/Favorites +slug: /shared-ux/favorites +title: Favorites Service +description: A service and a set of components and hooks for implementing content favorites +tags: ['shared-ux', 'component'] +date: 2024-07-26 +--- + +## Description + +The Favorites service provides a way to add favorites feature to your content. It includes a service for managing the list of favorites and a set of components for displaying and interacting with the list. + +- The favorites are isolated per user, per space. +- The service provides an API for adding, removing, and listing favorites. +- The service provides a set of react-query hooks for interacting with the favorites list +- The components include a button for toggling the favorite state of an object +- The service relies on ambiguous object ids to identify the objects being favorite. This allows the service to be used with any type of content, not just saved objects. + +## API + +```tsx +// client side +import { + FavoritesClient, + FavoritesContextProvider, + useFavorites, + FavoriteButton, +} from '@kbn/content-management-favorites-public'; + +const favoriteObjectType = 'dashboard'; +const favoritesClient = new FavoritesClient('dashboard', { + http: core.http, +}); + +// wrap your content with the favorites context provider +const myApp = () => { + + + ; +}; + +const App = () => { + // get the favorites list + const favoritesQuery = useFavorites(); + + // display favorite state and toggle button for an object + return ; +}; +``` + +## Implementation Details + +Internally the favorites list is backed by a saved object. A saved object of type "favorites" is created for each user (user profile id) and space (space id) and object type (e.g. dashboard) combination when a user for the first time favorites an object. The saved object contains a list of favorite objects of the type. + +``` +{ + "_index": ".kibana_8.16.0_001", + "_id": "spaceid:favorites:object_type:u_profile_id", + "_source": { + "favorites": { + "userId": "u_profile_id", + "type: "dashboard", + "favoriteIds": [ + "dashboard_id_1", + "dashboard_id_2", + ] + }, + "type": "favorites", + "references": [], + "namespace": "spaceid", + } +}, +``` + +The service doesn't track the favorite object itself, only the object id. When the object is deleted, the favorite isn't removed from the list automatically. diff --git a/packages/content-management/favorites/favorites_public/README.md b/packages/content-management/favorites/favorites_public/README.md new file mode 100644 index 0000000000000..0ca4cd473d6a7 --- /dev/null +++ b/packages/content-management/favorites/favorites_public/README.md @@ -0,0 +1,4 @@ +# @kbn/content-management-favorites-public + +Client-side code for the favorites feature +Meant be used in conjunction with the `@kbn/content-management-favorites-server` package. diff --git a/packages/content-management/favorites/favorites_public/index.ts b/packages/content-management/favorites/favorites_public/index.ts new file mode 100644 index 0000000000000..232bef2021ec8 --- /dev/null +++ b/packages/content-management/favorites/favorites_public/index.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +export { type FavoritesClientPublic, FavoritesClient } from './src/favorites_client'; +export { FavoritesContextProvider } from './src/favorites_context'; +export { useFavorites } from './src/favorites_query'; + +export { + FavoriteButton, + type FavoriteButtonProps, + cssFavoriteHoverWithinEuiTableRow, +} from './src/components/favorite_button'; + +export { FavoritesEmptyState } from './src/components/favorites_empty_state'; diff --git a/packages/content-management/favorites/favorites_public/jest.config.js b/packages/content-management/favorites/favorites_public/jest.config.js new file mode 100644 index 0000000000000..e12c809e93706 --- /dev/null +++ b/packages/content-management/favorites/favorites_public/jest.config.js @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +module.exports = { + preset: '@kbn/test', + rootDir: '../../../..', + roots: ['/packages/content-management/favorites/favorites_public'], +}; diff --git a/packages/content-management/favorites/favorites_public/kibana.jsonc b/packages/content-management/favorites/favorites_public/kibana.jsonc new file mode 100644 index 0000000000000..a6564f6a17407 --- /dev/null +++ b/packages/content-management/favorites/favorites_public/kibana.jsonc @@ -0,0 +1,5 @@ +{ + "type": "shared-browser", + "id": "@kbn/content-management-favorites-public", + "owner": "@elastic/appex-sharedux" +} diff --git a/packages/content-management/favorites/favorites_public/package.json b/packages/content-management/favorites/favorites_public/package.json new file mode 100644 index 0000000000000..60798ad82bf2d --- /dev/null +++ b/packages/content-management/favorites/favorites_public/package.json @@ -0,0 +1,6 @@ +{ + "name": "@kbn/content-management-favorites-public", + "private": true, + "version": "1.0.0", + "license": "SSPL-1.0 OR Elastic License 2.0" +} \ No newline at end of file diff --git a/packages/content-management/favorites/favorites_public/src/components/empty_favorites_dark.svg b/packages/content-management/favorites/favorites_public/src/components/empty_favorites_dark.svg new file mode 100644 index 0000000000000..34f708a77cf97 --- /dev/null +++ b/packages/content-management/favorites/favorites_public/src/components/empty_favorites_dark.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/packages/content-management/favorites/favorites_public/src/components/empty_favorites_light.svg b/packages/content-management/favorites/favorites_public/src/components/empty_favorites_light.svg new file mode 100644 index 0000000000000..cbf0f0c461afb --- /dev/null +++ b/packages/content-management/favorites/favorites_public/src/components/empty_favorites_light.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx b/packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx new file mode 100644 index 0000000000000..a82933bd0f53e --- /dev/null +++ b/packages/content-management/favorites/favorites_public/src/components/favorite_button.tsx @@ -0,0 +1,94 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import React from 'react'; +import { i18n } from '@kbn/i18n'; +import classNames from 'classnames'; +import { EuiButtonIcon, euiCanAnimate, EuiThemeComputed } from '@elastic/eui'; +import { css } from '@emotion/react'; +import { useFavorites, useRemoveFavorite, useAddFavorite } from '../favorites_query'; + +export interface FavoriteButtonProps { + id: string; + className?: string; +} + +export const FavoriteButton = ({ id, className }: FavoriteButtonProps) => { + const { data } = useFavorites(); + + const removeFavorite = useRemoveFavorite(); + const addFavorite = useAddFavorite(); + + if (!data) return null; + + const isFavorite = data.favoriteIds.includes(id); + + if (isFavorite) { + const title = i18n.translate('contentManagement.favorites.unfavoriteButtonLabel', { + defaultMessage: 'Remove from Starred', + }); + + return ( + { + removeFavorite.mutate({ id }); + }} + className={classNames(className, 'cm-favorite-button', { + 'cm-favorite-button--active': !removeFavorite.isLoading, + })} + data-test-subj="unfavoriteButton" + /> + ); + } else { + const title = i18n.translate('contentManagement.favorites.favoriteButtonLabel', { + defaultMessage: 'Add to Starred', + }); + return ( + { + addFavorite.mutate({ id }); + }} + className={classNames(className, 'cm-favorite-button', { + 'cm-favorite-button--empty': !addFavorite.isLoading, + })} + data-test-subj="favoriteButton" + /> + ); + } +}; + +/** + * CSS to apply to euiTable to show the favorite button on hover or when active + * @param euiTheme + */ +export const cssFavoriteHoverWithinEuiTableRow = (euiTheme: EuiThemeComputed) => css` + @media (hover: hover) { + .euiTableRow .cm-favorite-button--empty { + visibility: hidden; + opacity: 0; + ${euiCanAnimate} { + transition: opacity ${euiTheme.animation.fast} ${euiTheme.animation.resistance}; + } + } + .euiTableRow:hover, + .euiTableRow:focus-within { + .cm-favorite-button--empty { + visibility: visible; + opacity: 1; + } + } + } +`; diff --git a/packages/content-management/favorites/favorites_public/src/components/favorites_empty_state.tsx b/packages/content-management/favorites/favorites_public/src/components/favorites_empty_state.tsx new file mode 100644 index 0000000000000..4afc0632c471a --- /dev/null +++ b/packages/content-management/favorites/favorites_public/src/components/favorites_empty_state.tsx @@ -0,0 +1,88 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { FormattedMessage } from '@kbn/i18n-react'; +import { i18n } from '@kbn/i18n'; +import { EuiEmptyPrompt, useEuiTheme, EuiImage, EuiMarkdownFormat } from '@elastic/eui'; +import { css } from '@emotion/react'; +import React from 'react'; +import emptyFavoritesDark from './empty_favorites_dark.svg'; +import emptyFavoritesLight from './empty_favorites_light.svg'; + +export const FavoritesEmptyState = ({ + emptyStateType = 'noItems', + entityNamePlural = i18n.translate('contentManagement.favorites.defaultEntityNamePlural', { + defaultMessage: 'items', + }), + entityName = i18n.translate('contentManagement.favorites.defaultEntityName', { + defaultMessage: 'item', + }), +}: { + emptyStateType: 'noItems' | 'noMatchingItems'; + entityNamePlural?: string; + entityName?: string; +}) => { + const title = + emptyStateType === 'noItems' ? ( + + ) : ( + + ); + + return ( + } + hasBorder={false} + title={

{title}

} + body={ + + {i18n.translate('contentManagement.favorites.noFavoritesMessageBody', { + defaultMessage: + "Keep track of your most important {entityNamePlural} by adding them to your **Starred** list. Click the **{starIcon}** **star icon** next to a {entityName} name and it'll appear in this tab.", + values: { entityNamePlural, entityName, starIcon: `✩` }, + })} + + } + /> + ); +}; + +const NoFavoritesIllustration = () => { + const { colorMode } = useEuiTheme(); + + const src = colorMode === 'DARK' ? emptyFavoritesDark : emptyFavoritesLight; + + return ( + + ); +}; diff --git a/packages/content-management/favorites/favorites_public/src/favorites_client.ts b/packages/content-management/favorites/favorites_public/src/favorites_client.ts new file mode 100644 index 0000000000000..58eea3a600de4 --- /dev/null +++ b/packages/content-management/favorites/favorites_public/src/favorites_client.ts @@ -0,0 +1,42 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import type { HttpStart } from '@kbn/core-http-browser'; +import type { GetFavoritesResponse } from '@kbn/content-management-favorites-server'; + +export interface FavoritesClientPublic { + getFavorites(): Promise; + addFavorite({ id }: { id: string }): Promise; + removeFavorite({ id }: { id: string }): Promise; + + getFavoriteType(): string; +} + +export class FavoritesClient implements FavoritesClientPublic { + constructor(private favoriteObjectType: string, private deps: { http: HttpStart }) {} + + public async getFavorites(): Promise { + return this.deps.http.get(`/internal/content_management/favorites/${this.favoriteObjectType}`); + } + + public async addFavorite({ id }: { id: string }): Promise { + return this.deps.http.post( + `/internal/content_management/favorites/${this.favoriteObjectType}/${id}/favorite` + ); + } + + public async removeFavorite({ id }: { id: string }): Promise { + return this.deps.http.post( + `/internal/content_management/favorites/${this.favoriteObjectType}/${id}/unfavorite` + ); + } + + public getFavoriteType() { + return this.favoriteObjectType; + } +} diff --git a/packages/content-management/favorites/favorites_public/src/favorites_context.tsx b/packages/content-management/favorites/favorites_public/src/favorites_context.tsx new file mode 100644 index 0000000000000..ea11ff29a5d23 --- /dev/null +++ b/packages/content-management/favorites/favorites_public/src/favorites_context.tsx @@ -0,0 +1,40 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import React from 'react'; + +import type { FavoritesClientPublic } from './favorites_client'; + +interface FavoritesContextValue { + favoritesClient?: FavoritesClientPublic; + notifyError?: (title: JSX.Element, text?: string) => void; +} + +const FavoritesContext = React.createContext(null); + +export const FavoritesContextProvider: React.FC = ({ + favoritesClient, + notifyError, + children, +}) => { + return ( + + {children} + + ); +}; + +export const useFavoritesContext = () => { + const context = React.useContext(FavoritesContext); + return context; +}; + +export const useFavoritesClient = () => { + const context = useFavoritesContext(); + return context?.favoritesClient; +}; diff --git a/packages/content-management/favorites/favorites_public/src/favorites_query.tsx b/packages/content-management/favorites/favorites_public/src/favorites_query.tsx new file mode 100644 index 0000000000000..54ce72fd0f27d --- /dev/null +++ b/packages/content-management/favorites/favorites_public/src/favorites_query.tsx @@ -0,0 +1,102 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { useQuery, useMutation, useQueryClient } from '@tanstack/react-query'; +import { i18n } from '@kbn/i18n'; +import React from 'react'; + +import { useFavoritesClient, useFavoritesContext } from './favorites_context'; + +const favoritesKeys = { + all: ['favorites'] as const, + byType: (type: string) => [...favoritesKeys.all, type] as const, +}; + +export const useFavorites = ({ enabled = true }: { enabled?: boolean } = { enabled: true }) => { + const favoritesClient = useFavoritesClient(); + + if (!favoritesClient && enabled) { + throw new Error( + `useFavorites: favoritesClient is not available. Make sure you have wrapped your component with FavoritesContextProvider` + ); + } + + return useQuery( + favoritesKeys.byType(favoritesClient?.getFavoriteType() ?? 'never'), + () => favoritesClient!.getFavorites(), + { enabled } + ); +}; + +export const useAddFavorite = () => { + const favoritesContext = useFavoritesContext(); + + if (!favoritesContext) { + throw new Error( + `useAddFavorite: favoritesContext is not available. Make sure you have wrapped your component with FavoritesContextProvider` + ); + } + + const favoritesClient = favoritesContext.favoritesClient; + const notifyError = favoritesContext.notifyError; + const queryClient = useQueryClient(); + return useMutation( + ({ id }: { id: string }) => { + return favoritesClient!.addFavorite({ id }); + }, + { + onSuccess: (data) => { + queryClient.setQueryData(favoritesKeys.byType(favoritesClient!.getFavoriteType()), data); + }, + onError: (error: Error) => { + notifyError?.( + <> + {i18n.translate('contentManagement.favorites.addFavoriteError', { + defaultMessage: 'Error adding to Starred', + })} + , + error?.message + ); + }, + } + ); +}; + +export const useRemoveFavorite = () => { + const favoritesContext = useFavoritesContext(); + + if (!favoritesContext) { + throw new Error( + `useAddFavorite: favoritesContext is not available. Make sure you have wrapped your component with FavoritesContextProvider` + ); + } + + const favoritesClient = favoritesContext.favoritesClient; + const notifyError = favoritesContext.notifyError; + const queryClient = useQueryClient(); + return useMutation( + ({ id }: { id: string }) => { + return favoritesClient!.removeFavorite({ id }); + }, + { + onSuccess: (data) => { + queryClient.setQueryData(favoritesKeys.byType(favoritesClient!.getFavoriteType()), data); + }, + onError: (error: Error) => { + notifyError?.( + <> + {i18n.translate('contentManagement.favorites.removeFavoriteError', { + defaultMessage: 'Error removing from Starred', + })} + , + error?.message + ); + }, + } + ); +}; diff --git a/packages/content-management/favorites/favorites_public/tsconfig.json b/packages/content-management/favorites/favorites_public/tsconfig.json new file mode 100644 index 0000000000000..2e5ef8bc52347 --- /dev/null +++ b/packages/content-management/favorites/favorites_public/tsconfig.json @@ -0,0 +1,26 @@ +{ + "extends": "../../../../tsconfig.base.json", + "compilerOptions": { + "outDir": "target/types", + "types": [ + "jest", + "node", + "react", + "@emotion/react/types/css-prop", + "@kbn/ambient-ui-types" + ] + }, + "include": [ + "**/*.ts", + "**/*.tsx", + ], + "exclude": [ + "target/**/*" + ], + "kbn_references": [ + "@kbn/i18n", + "@kbn/core-http-browser", + "@kbn/content-management-favorites-server", + "@kbn/i18n-react", + ] +} diff --git a/packages/content-management/favorites/favorites_server/README.md b/packages/content-management/favorites/favorites_server/README.md new file mode 100644 index 0000000000000..e72479aed7d99 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/README.md @@ -0,0 +1,4 @@ +# @kbn/content-management-favorites-server + +Server-side code for the favorites feature. +Meant be used in conjunction with the `@kbn/content-management-favorites-public` package. diff --git a/packages/content-management/favorites/favorites_server/index.ts b/packages/content-management/favorites/favorites_server/index.ts new file mode 100644 index 0000000000000..f631a3a45acc4 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/index.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +export { registerFavorites, type GetFavoritesResponse } from './src'; diff --git a/packages/content-management/favorites/favorites_server/jest.config.js b/packages/content-management/favorites/favorites_server/jest.config.js new file mode 100644 index 0000000000000..d1566e122313d --- /dev/null +++ b/packages/content-management/favorites/favorites_server/jest.config.js @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +module.exports = { + preset: '@kbn/test/jest_node', + rootDir: '../../../..', + roots: ['/packages/content-management/favorites/favorites_server'], +}; diff --git a/packages/content-management/favorites/favorites_server/kibana.jsonc b/packages/content-management/favorites/favorites_server/kibana.jsonc new file mode 100644 index 0000000000000..8d3fe725d1e86 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/kibana.jsonc @@ -0,0 +1,5 @@ +{ + "type": "shared-server", + "id": "@kbn/content-management-favorites-server", + "owner": "@elastic/appex-sharedux" +} diff --git a/packages/content-management/favorites/favorites_server/package.json b/packages/content-management/favorites/favorites_server/package.json new file mode 100644 index 0000000000000..6ad4f49f9be01 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/package.json @@ -0,0 +1,6 @@ +{ + "name": "@kbn/content-management-favorites-server", + "private": true, + "version": "1.0.0", + "license": "SSPL-1.0 OR Elastic License 2.0" +} \ No newline at end of file diff --git a/packages/content-management/favorites/favorites_server/src/favorites_routes.ts b/packages/content-management/favorites/favorites_server/src/favorites_routes.ts new file mode 100644 index 0000000000000..7079bb8e5e7a9 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/src/favorites_routes.ts @@ -0,0 +1,146 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { + CoreRequestHandlerContext, + CoreSetup, + Logger, + SECURITY_EXTENSION_ID, +} from '@kbn/core/server'; +import { schema } from '@kbn/config-schema'; +import { FavoritesService } from './favorites_service'; +import { favoritesSavedObjectType } from './favorites_saved_object'; + +// only dashboard is supported for now +// TODO: make configurable or allow any string +const typeSchema = schema.oneOf([schema.literal('dashboard')]); + +/** + * @public + * Response for get favorites API + */ +export interface GetFavoritesResponse { + favoriteIds: string[]; +} + +export function registerFavoritesRoutes({ core, logger }: { core: CoreSetup; logger: Logger }) { + const router = core.http.createRouter(); + + const getSavedObjectClient = (coreRequestHandlerContext: CoreRequestHandlerContext) => { + // We need to exclude security extension to access the `favorite` type which not every user has access to + // and give access only to the current user's favorites through this API + return coreRequestHandlerContext.savedObjects.getClient({ + includedHiddenTypes: [favoritesSavedObjectType.name], + excludedExtensions: [SECURITY_EXTENSION_ID], + }); + }; + + router.post( + { + path: '/internal/content_management/favorites/{type}/{id}/favorite', + validate: { + params: schema.object({ + id: schema.string(), + type: typeSchema, + }), + }, + // we don't protect the route with any access tags as + // we only give access to the current user's favorites ids + }, + async (requestHandlerContext, request, response) => { + const coreRequestHandlerContext = await requestHandlerContext.core; + + const userId = coreRequestHandlerContext.security.authc.getCurrentUser()?.profile_uid; + + if (!userId) { + return response.forbidden(); + } + + const type = request.params.type; + + const favorites = new FavoritesService(type, userId, { + savedObjectClient: getSavedObjectClient(coreRequestHandlerContext), + logger, + }); + + const favoriteIds: GetFavoritesResponse = await favorites.addFavorite({ + id: request.params.id, + }); + + return response.ok({ body: favoriteIds }); + } + ); + + router.post( + { + path: '/internal/content_management/favorites/{type}/{id}/unfavorite', + validate: { + params: schema.object({ + id: schema.string(), + type: typeSchema, + }), + }, + // we don't protect the route with any access tags as + // we only give access to the current user's favorites ids + }, + async (requestHandlerContext, request, response) => { + const coreRequestHandlerContext = await requestHandlerContext.core; + const userId = coreRequestHandlerContext.security.authc.getCurrentUser()?.profile_uid; + + if (!userId) { + return response.forbidden(); + } + + const type = request.params.type; + + const favorites = new FavoritesService(type, userId, { + savedObjectClient: getSavedObjectClient(coreRequestHandlerContext), + logger, + }); + + const favoriteIds: GetFavoritesResponse = await favorites.removeFavorite({ + id: request.params.id, + }); + return response.ok({ body: favoriteIds }); + } + ); + + router.get( + { + path: '/internal/content_management/favorites/{type}', + validate: { + params: schema.object({ + type: typeSchema, + }), + }, + // we don't protect the route with any access tags as + // we only give access to the current user's favorites ids + }, + async (requestHandlerContext, request, response) => { + const coreRequestHandlerContext = await requestHandlerContext.core; + const userId = coreRequestHandlerContext.security.authc.getCurrentUser()?.profile_uid; + + if (!userId) { + return response.forbidden(); + } + + const type = request.params.type; + + const favorites = new FavoritesService(type, userId, { + savedObjectClient: getSavedObjectClient(coreRequestHandlerContext), + logger, + }); + + const getFavoritesResponse: GetFavoritesResponse = await favorites.getFavorites(); + + return response.ok({ + body: getFavoritesResponse, + }); + } + ); +} diff --git a/packages/content-management/favorites/favorites_server/src/favorites_saved_object.ts b/packages/content-management/favorites/favorites_server/src/favorites_saved_object.ts new file mode 100644 index 0000000000000..e7d88045860f4 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/src/favorites_saved_object.ts @@ -0,0 +1,45 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { schema } from '@kbn/config-schema'; +import type { SavedObjectsType } from '@kbn/core/server'; + +export interface FavoritesSavedObjectAttributes { + userId: string; + type: string; + favoriteIds: string[]; +} + +const schemaV1 = schema.object({ + userId: schema.string(), + type: schema.string(), // object type, e.g. dashboard + favoriteIds: schema.arrayOf(schema.string()), +}); + +export const favoritesSavedObjectType: SavedObjectsType = { + name: 'favorites', + hidden: true, + namespaceType: 'single', + mappings: { + dynamic: false, + properties: {}, + }, + modelVersions: { + 1: { + changes: [], + schemas: { + // The forward compatible schema should allow any future versions of + // this SO to be converted to this version, since we are using + // @kbn/config-schema we opt-in to unknowns to allow the schema to + // successfully "downgrade" future SOs to this version. + forwardCompatibility: schemaV1.extends({}, { unknowns: 'ignore' }), + create: schemaV1, + }, + }, + }, +}; diff --git a/packages/content-management/favorites/favorites_server/src/favorites_service.ts b/packages/content-management/favorites/favorites_server/src/favorites_service.ts new file mode 100644 index 0000000000000..14d3896abf655 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/src/favorites_service.ts @@ -0,0 +1,124 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import type { SavedObject, SavedObjectsClientContract } from '@kbn/core-saved-objects-api-server'; +import { Logger, SavedObjectsErrorHelpers } from '@kbn/core/server'; +import { favoritesSavedObjectType, FavoritesSavedObjectAttributes } from './favorites_saved_object'; + +export class FavoritesService { + constructor( + private readonly type: string, + private readonly userId: string, + private readonly deps: { + savedObjectClient: SavedObjectsClientContract; + logger: Logger; + } + ) { + if (!this.userId || !this.type) { + // This should never happen, but just in case let's do a runtime check + throw new Error('userId and object type are required to use a favorite service'); + } + } + + public async getFavorites(): Promise<{ favoriteIds: string[] }> { + const favoritesSavedObject = await this.getFavoritesSavedObject(); + + const favoriteIds = favoritesSavedObject?.attributes?.favoriteIds ?? []; + + return { favoriteIds }; + } + + public async addFavorite({ id }: { id: string }): Promise<{ favoriteIds: string[] }> { + let favoritesSavedObject = await this.getFavoritesSavedObject(); + + if (!favoritesSavedObject) { + favoritesSavedObject = await this.deps.savedObjectClient.create( + favoritesSavedObjectType.name, + { + userId: this.userId, + type: this.type, + favoriteIds: [id], + }, + { + id: this.getFavoriteSavedObjectId(), + } + ); + + return { favoriteIds: favoritesSavedObject.attributes.favoriteIds }; + } else { + const newFavoriteIds = [ + ...(favoritesSavedObject.attributes.favoriteIds ?? []).filter( + (favoriteId) => favoriteId !== id + ), + id, + ]; + + await this.deps.savedObjectClient.update( + favoritesSavedObjectType.name, + favoritesSavedObject.id, + { + favoriteIds: newFavoriteIds, + }, + { + version: favoritesSavedObject.version, + } + ); + + return { favoriteIds: newFavoriteIds }; + } + } + + public async removeFavorite({ id }: { id: string }): Promise<{ favoriteIds: string[] }> { + const favoritesSavedObject = await this.getFavoritesSavedObject(); + + if (!favoritesSavedObject) { + return { favoriteIds: [] }; + } + + const newFavoriteIds = (favoritesSavedObject.attributes.favoriteIds ?? []).filter( + (favoriteId) => favoriteId !== id + ); + + await this.deps.savedObjectClient.update( + favoritesSavedObjectType.name, + favoritesSavedObject.id, + { + favoriteIds: newFavoriteIds, + }, + { + version: favoritesSavedObject.version, + } + ); + + return { + favoriteIds: newFavoriteIds, + }; + } + + private async getFavoritesSavedObject(): Promise | null> { + try { + const favoritesSavedObject = + await this.deps.savedObjectClient.get( + favoritesSavedObjectType.name, + this.getFavoriteSavedObjectId() + ); + + return favoritesSavedObject; + } catch (e) { + if (SavedObjectsErrorHelpers.isNotFoundError(e)) { + return null; + } + + throw e; + } + } + + private getFavoriteSavedObjectId() { + return `${this.type}:${this.userId}`; + } +} diff --git a/packages/content-management/favorites/favorites_server/src/index.ts b/packages/content-management/favorites/favorites_server/src/index.ts new file mode 100644 index 0000000000000..729d4537717c9 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/src/index.ts @@ -0,0 +1,25 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import type { CoreSetup, Logger } from '@kbn/core/server'; +import { registerFavoritesRoutes } from './favorites_routes'; +import { favoritesSavedObjectType } from './favorites_saved_object'; + +export type { GetFavoritesResponse } from './favorites_routes'; + +/** + * @public + * Registers the favorites feature enabling favorites saved object type and api routes. + * + * @param logger + * @param core + */ +export function registerFavorites({ logger, core }: { core: CoreSetup; logger: Logger }) { + core.savedObjects.registerType(favoritesSavedObjectType); + registerFavoritesRoutes({ core, logger }); +} diff --git a/packages/content-management/favorites/favorites_server/tsconfig.json b/packages/content-management/favorites/favorites_server/tsconfig.json new file mode 100644 index 0000000000000..fd4fbfb554cf6 --- /dev/null +++ b/packages/content-management/favorites/favorites_server/tsconfig.json @@ -0,0 +1,21 @@ +{ + "extends": "../../../../tsconfig.base.json", + "compilerOptions": { + "outDir": "target/types", + "types": [ + "jest", + "node" + ] + }, + "include": [ + "**/*.ts", + ], + "exclude": [ + "target/**/*" + ], + "kbn_references": [ + "@kbn/core", + "@kbn/config-schema", + "@kbn/core-saved-objects-api-server", + ] +} diff --git a/packages/content-management/table_list_view_table/src/__jest__/tests.helpers.tsx b/packages/content-management/table_list_view_table/src/__jest__/tests.helpers.tsx index d1f42f0d1d6b1..019a64587fcc3 100644 --- a/packages/content-management/table_list_view_table/src/__jest__/tests.helpers.tsx +++ b/packages/content-management/table_list_view_table/src/__jest__/tests.helpers.tsx @@ -27,6 +27,7 @@ export const getMockServices = (overrides?: Partial '', getTagIdsFromReferences: () => [], isTaggingEnabled: () => true, + isFavoritesEnabled: () => false, bulkGetUserProfiles: async () => [], getUserProfile: async () => ({ uid: '', enabled: true, data: {}, user: { username: '' } }), ...overrides, diff --git a/packages/content-management/table_list_view_table/src/components/item_details.tsx b/packages/content-management/table_list_view_table/src/components/item_details.tsx index 36138839a7daa..209d87c927cbc 100644 --- a/packages/content-management/table_list_view_table/src/components/item_details.tsx +++ b/packages/content-management/table_list_view_table/src/components/item_details.tsx @@ -7,9 +7,11 @@ */ import React, { useCallback, useMemo } from 'react'; -import { EuiText, EuiLink, EuiSpacer, EuiHighlight } from '@elastic/eui'; +import { EuiText, EuiLink, EuiSpacer, EuiHighlight, useEuiTheme } from '@elastic/eui'; import { RedirectAppLinks } from '@kbn/shared-ux-link-redirect-app'; +import { FavoriteButton } from '@kbn/content-management-favorites-public'; import { UserContentCommonSchema } from '@kbn/content-management-table-list-view-common'; +import { css } from '@emotion/react'; import type { Tag } from '../types'; import { useServices } from '../services'; @@ -25,6 +27,7 @@ interface Props extends InheritedProps { item: T; searchTerm?: string; onClickTag: (tag: Tag, isCtrlKey: boolean) => void; + isFavoritesEnabled?: boolean; } /** @@ -41,7 +44,9 @@ export function ItemDetails({ getDetailViewLink, getOnClickTitle, onClickTag, + isFavoritesEnabled, }: Props) { + const { euiTheme } = useEuiTheme(); const { references, attributes: { title, description }, @@ -90,9 +95,19 @@ export function ItemDetails({ {title} + {isFavoritesEnabled && ( + + )} ); }, [ + euiTheme, getDetailViewLink, getOnClickTitle, id, @@ -101,6 +116,7 @@ export function ItemDetails({ redirectAppLinksCoreStart, searchTerm, title, + isFavoritesEnabled, ]); const hasTags = itemHasTags(references); diff --git a/packages/content-management/table_list_view_table/src/components/tabbed_filter.tsx b/packages/content-management/table_list_view_table/src/components/tabbed_filter.tsx new file mode 100644 index 0000000000000..b87041e768c03 --- /dev/null +++ b/packages/content-management/table_list_view_table/src/components/tabbed_filter.tsx @@ -0,0 +1,52 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import React from 'react'; +import { EuiTab, EuiTabs, EuiSpacer } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n-react'; + +interface TabbedTableFilterProps { + onSelectedTabChanged: (tabId: 'all' | 'favorite') => void; + selectedTabId: 'all' | 'favorite'; +} + +export const TabbedTableFilter = (props: TabbedTableFilterProps) => { + return ( + <> + + props.onSelectedTabChanged('all')} + isSelected={props.selectedTabId === 'all'} + data-test-subj="allTab" + > + + + props.onSelectedTabChanged('favorite')} + isSelected={props.selectedTabId === 'favorite'} + data-test-subj="favoriteTab" + > + + + + + + ); +}; diff --git a/packages/content-management/table_list_view_table/src/components/table.tsx b/packages/content-management/table_list_view_table/src/components/table.tsx index 1c3cedbc8045e..54225a344810b 100644 --- a/packages/content-management/table_list_view_table/src/components/table.tsx +++ b/packages/content-management/table_list_view_table/src/components/table.tsx @@ -18,9 +18,15 @@ import { Query, Search, type EuiTableSelectionType, + useEuiTheme, } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import type { UserContentCommonSchema } from '@kbn/content-management-table-list-view-common'; +import { + cssFavoriteHoverWithinEuiTableRow, + useFavorites, + FavoritesEmptyState, +} from '@kbn/content-management-favorites-public'; import { useServices } from '../services'; import type { Action } from '../actions'; @@ -39,6 +45,7 @@ import { UserFilterContextProvider, NULL_USER as USER_FILTER_NULL_USER, } from './user_filter_panel'; +import { TabbedTableFilter } from './tabbed_filter'; type State = Pick< TableListViewState, @@ -68,6 +75,7 @@ interface Props extends State, TagManageme onTableSearchChange: (arg: { query: Query | null; queryText: string }) => void; clearTagSelection: () => void; createdByEnabled: boolean; + favoritesEnabled: boolean; } export function Table({ @@ -97,7 +105,9 @@ export function Table({ addOrRemoveIncludeTagFilter, clearTagSelection, createdByEnabled, + favoritesEnabled, }: Props) { + const euiTheme = useEuiTheme(); const { getTagList, isTaggingEnabled } = useServices(); const renderToolsLeft = useCallback(() => { @@ -221,7 +231,15 @@ export function Table({ }; }, [onTableSearchChange, renderCreateButton, renderToolsLeft, searchFilters, searchQuery.query]); - const noItemsMessage = ( + const hasQueryOrFilters = Boolean(searchQuery.text || tableFilter.createdBy.length > 0); + + const noItemsMessage = tableFilter.favorites ? ( + + ) : ( ({ /> ); + const { data: favorites, isError: favoritesError } = useFavorites({ enabled: favoritesEnabled }); + const visibleItems = React.useMemo(() => { + let filteredItems = items; + if (tableFilter?.createdBy?.length > 0) { - return items.filter((item) => { + filteredItems = items.filter((item) => { if (item.createdBy) return tableFilter.createdBy.includes(item.createdBy); else if (item.managed) return false; else return tableFilter.createdBy.includes(USER_FILTER_NULL_USER); }); } - return items; - }, [items, tableFilter]); + if (tableFilter?.favorites && !favoritesError) { + if (!favorites) { + filteredItems = []; + } else { + filteredItems = filteredItems.filter((item) => favorites.favoriteIds.includes(item.id)); + } + } + + return filteredItems; + }, [items, tableFilter, favorites, favoritesError]); const { allUsers, showNoUserOption } = useMemo(() => { if (!createdByEnabled) return { allUsers: [], showNoUserOption: false }; @@ -262,6 +292,16 @@ export function Table({ ? true // by passing "true" we disable the EuiInMemoryTable sorting and handle it ourselves, but sorting is still enabled : { sort: tableSort }; + const favoritesFilter = + favoritesEnabled && !favoritesError ? ( + { + onFilterChange({ favorites: newTab === 'favorite' }); + }} + /> + ) : undefined; + return ( ({ data-test-subj="itemsInMemTable" rowHeader="attributes.title" tableCaption={tableCaption} + css={cssFavoriteHoverWithinEuiTableRow(euiTheme.euiTheme)} + childrenBetween={favoritesFilter} /> diff --git a/packages/content-management/table_list_view_table/src/mocks.tsx b/packages/content-management/table_list_view_table/src/mocks.tsx index f76954fd497a2..268ec33625149 100644 --- a/packages/content-management/table_list_view_table/src/mocks.tsx +++ b/packages/content-management/table_list_view_table/src/mocks.tsx @@ -72,6 +72,7 @@ export const getStoryServices = (params: Params, action: ActionFn = () => {}) => getTagManagementUrl: () => '', getTagIdsFromReferences: () => [], isTaggingEnabled: () => true, + isFavoritesEnabled: () => false, ...params, }; diff --git a/packages/content-management/table_list_view_table/src/services.tsx b/packages/content-management/table_list_view_table/src/services.tsx index 5275dd35069cd..ebdbaf31b4f0e 100644 --- a/packages/content-management/table_list_view_table/src/services.tsx +++ b/packages/content-management/table_list_view_table/src/services.tsx @@ -24,6 +24,10 @@ import type { FormattedRelative } from '@kbn/i18n-react'; import { toMountPoint } from '@kbn/react-kibana-mount'; import { RedirectAppLinksKibanaProvider } from '@kbn/shared-ux-link-redirect-app'; import { UserProfilesKibanaProvider } from '@kbn/content-management-user-profiles'; +import { + FavoritesClientPublic, + FavoritesContextProvider, +} from '@kbn/content-management-favorites-public'; import { TAG_MANAGEMENT_APP_URL } from './constants'; import type { Tag } from './types'; @@ -63,6 +67,8 @@ export interface Services { TagList: FC; /** Predicate to indicate if tagging features is enabled */ isTaggingEnabled: () => boolean; + /** Predicate to indicate if favorites features is enabled */ + isFavoritesEnabled: () => boolean; /** Predicate function to indicate if some of the saved object references are tags */ itemHasTags: (references: SavedObjectsReference[]) => boolean; /** Handler to return the url to navigate to the kibana tags management */ @@ -163,6 +169,11 @@ export interface TableListViewKibanaDependencies { }; /** The component from the @kbn/i18n-react package */ FormattedRelative: typeof FormattedRelative; + + /** + * The favorites client to enable the favorites feature. + */ + favorites?: FavoritesClientPublic; } /** @@ -229,29 +240,37 @@ export const TableListViewKibanaProvider: FC< - - application.getUrlForApp('management', { - path: `/kibana/settings?query=savedObjects:listingLimit`, - }) - } + { notifications.toasts.addDanger({ title: toMountPoint(title, startServices), text }); }} - searchQueryParser={searchQueryParser} - DateFormatterComp={(props) => } - currentAppId$={application.currentAppId$} - navigateToUrl={application.navigateToUrl} - isTaggingEnabled={() => Boolean(savedObjectsTagging)} - getTagList={getTagList} - TagList={TagList} - itemHasTags={itemHasTags} - getTagIdsFromReferences={getTagIdsFromReferences} - getTagManagementUrl={() => core.http.basePath.prepend(TAG_MANAGEMENT_APP_URL)} > - {children} - + + application.getUrlForApp('management', { + path: `/kibana/settings?query=savedObjects:listingLimit`, + }) + } + notifyError={(title, text) => { + notifications.toasts.addDanger({ title: toMountPoint(title, startServices), text }); + }} + searchQueryParser={searchQueryParser} + DateFormatterComp={(props) => } + currentAppId$={application.currentAppId$} + navigateToUrl={application.navigateToUrl} + isTaggingEnabled={() => Boolean(savedObjectsTagging)} + isFavoritesEnabled={() => Boolean(services.favorites)} + getTagList={getTagList} + TagList={TagList} + itemHasTags={itemHasTags} + getTagIdsFromReferences={getTagIdsFromReferences} + getTagManagementUrl={() => core.http.basePath.prepend(TAG_MANAGEMENT_APP_URL)} + > + {children} + + diff --git a/packages/content-management/table_list_view_table/src/table_list_view_table.tsx b/packages/content-management/table_list_view_table/src/table_list_view_table.tsx index 888e0a312d049..82894d7d8b6ef 100644 --- a/packages/content-management/table_list_view_table/src/table_list_view_table.tsx +++ b/packages/content-management/table_list_view_table/src/table_list_view_table.tsx @@ -157,6 +157,7 @@ export interface State { stateFromURL.filter = { createdBy: [] }; } + if (sanitizedParams.favorites === 'true') { + stateFromURL.filter.favorites = true; + } else { + stateFromURL.filter.favorites = false; + } + return stateFromURL; }; @@ -248,7 +257,7 @@ const urlStateDeserializer = (params: URLQueryParams): URLState => { const urlStateSerializer = (updated: { s?: string; sort?: { field: 'title' | 'updatedAt'; direction: Direction }; - filter?: { createdBy?: string[] }; + filter?: { createdBy?: string[]; favorites?: boolean }; }) => { const updatedQueryParams: Partial = {}; @@ -271,6 +280,10 @@ const urlStateSerializer = (updated: { updatedQueryParams.created_by = updated.filter.createdBy; } + if (updated?.filter && 'favorites' in updated.filter) { + updatedQueryParams.favorites = updated.filter.favorites ? 'true' : undefined; + } + return updatedQueryParams; }; @@ -354,6 +367,7 @@ function TableListViewTableComp({ notifyError, DateFormatterComp, getTagList, + isFavoritesEnabled, } = useServices(); const openContentEditor = useOpenContentEditor(); @@ -400,6 +414,7 @@ function TableListViewTableComp({ sortColumnChanged: !initialSort.isDefault, tableFilter: { createdBy: [], + favorites: false, }, }; }, [initialPageSize, entityName, recentlyAccessed]); @@ -589,6 +604,7 @@ function TableListViewTableComp({ } }} searchTerm={searchQuery.text} + isFavoritesEnabled={isFavoritesEnabled()} /> ); }, @@ -721,6 +737,7 @@ function TableListViewTableComp({ tableItemsRowActions, inspectItem, entityName, + isFavoritesEnabled, ]); const itemsById = useMemo(() => { @@ -1041,6 +1058,7 @@ function TableListViewTableComp({ data: { filter: { createdBy: filter.createdBy ?? [], + favorites: filter.favorites ?? false, }, }, }); @@ -1150,6 +1168,7 @@ function TableListViewTableComp({ addOrRemoveExcludeTagFilter={addOrRemoveExcludeTagFilter} clearTagSelection={clearTagSelection} createdByEnabled={createdByEnabled} + favoritesEnabled={isFavoritesEnabled()} /> {/* Delete modal */} diff --git a/packages/content-management/table_list_view_table/tsconfig.json b/packages/content-management/table_list_view_table/tsconfig.json index b8add47c2bfb9..7bd513f12f99e 100644 --- a/packages/content-management/table_list_view_table/tsconfig.json +++ b/packages/content-management/table_list_view_table/tsconfig.json @@ -35,7 +35,8 @@ "@kbn/core-user-profile-browser", "@kbn/react-kibana-mount", "@kbn/content-management-user-profiles", - "@kbn/recently-accessed" + "@kbn/recently-accessed", + "@kbn/content-management-favorites-public" ], "exclude": [ "target/**/*" diff --git a/packages/core/elasticsearch/core-elasticsearch-client-server-internal/src/client_config.test.ts b/packages/core/elasticsearch/core-elasticsearch-client-server-internal/src/client_config.test.ts index de0702b62aa66..078287a9cb151 100644 --- a/packages/core/elasticsearch/core-elasticsearch-client-server-internal/src/client_config.test.ts +++ b/packages/core/elasticsearch/core-elasticsearch-client-server-internal/src/client_config.test.ts @@ -80,7 +80,7 @@ describe('parseClientOptions', () => { it('`customHeaders` take precedence to default kibana headers', () => { const customHeader: Record = {}; for (const header in defaultHeaders) { - if (defaultHeaders.hasOwnProperty(header)) { + if (Object.hasOwn(defaultHeaders, header)) { customHeader[header] = 'foo'; } } diff --git a/packages/core/plugins/core-plugins-server-internal/src/create_browser_config.test.ts b/packages/core/plugins/core-plugins-server-internal/src/create_browser_config.test.ts index 11f55d1bc1edb..41da3f1ce2cef 100644 --- a/packages/core/plugins/core-plugins-server-internal/src/create_browser_config.test.ts +++ b/packages/core/plugins/core-plugins-server-internal/src/create_browser_config.test.ts @@ -69,7 +69,7 @@ describe('createBrowserConfig', () => { exposedConfigKeys: { exposed1: 'string', 'nested.exposed2': 'boolean', - 'nested.exposed3': 'number', + 'nested.exposed3': 'number?', // notExposed4 is not present }, }); @@ -182,7 +182,7 @@ describe('createBrowserConfig', () => { exposedConfigKeys: { exposed1: 'string', 'deeply.exposed2': 'boolean', - 'deeply.nested.exposed3': 'number', + 'deeply.nested.exposed3': 'number?', 'deeply.nested.structure.exposed4': 'string', // notExposed5, notExposed6, notExposed7, and notExposed8 are not present }, diff --git a/packages/core/plugins/core-plugins-server-internal/src/plugins_service.test.ts b/packages/core/plugins/core-plugins-server-internal/src/plugins_service.test.ts index 076245a07b758..3320fe22d7d62 100644 --- a/packages/core/plugins/core-plugins-server-internal/src/plugins_service.test.ts +++ b/packages/core/plugins/core-plugins-server-internal/src/plugins_service.test.ts @@ -1046,7 +1046,7 @@ describe('PluginsService', () => { const prebootUIConfig$ = preboot.uiPlugins.browserConfigs.get('plugin-with-expose-preboot')!; await expect(prebootUIConfig$.pipe(take(1)).toPromise()).resolves.toEqual({ browserConfig: { sharedProp: 'sharedProp default value plugin-with-expose-preboot' }, - exposedConfigKeys: { sharedProp: 'string' }, + exposedConfigKeys: { sharedProp: 'string?' }, }); const standardUIConfig$ = standard.uiPlugins.browserConfigs.get( @@ -1054,7 +1054,7 @@ describe('PluginsService', () => { )!; await expect(standardUIConfig$.pipe(take(1)).toPromise()).resolves.toEqual({ browserConfig: { sharedProp: 'sharedProp default value plugin-with-expose-standard' }, - exposedConfigKeys: { sharedProp: 'string' }, + exposedConfigKeys: { sharedProp: 'string?' }, }); }); diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_active_mappings.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_active_mappings.ts index 5525814c07238..5fabc74d118d7 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_active_mappings.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_active_mappings.ts @@ -106,7 +106,7 @@ function validateAndMerge( if (k.startsWith('_')) { throw new Error(`Invalid mapping "${k}". Mappings cannot start with _.`); } - if (dest.hasOwnProperty(k)) { + if (Object.hasOwn(dest, k)) { throw new Error(`Cannot redefine core mapping "${k}".`); } }); diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_index_map.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_index_map.ts index 225b3bb422925..125eec08e52b3 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_index_map.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_index_map.ts @@ -32,7 +32,7 @@ export function createIndexMap({ kibanaIndexName, registry, indexMap }: CreateIn const script = typeDef?.convertToAliasScript; // Defaults to kibanaIndexName if indexPattern isn't defined const indexPattern = typeDef?.indexPattern || kibanaIndexName; - if (!map.hasOwnProperty(indexPattern as string)) { + if (!Object.hasOwn(map, indexPattern as string)) { map[indexPattern] = { typeMappings: {} }; } map[indexPattern].typeMappings[type] = indexMap[type]; diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_types_mappings.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_types_mappings.ts index 18aa689149c24..d5845c278273e 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_types_mappings.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/build_types_mappings.ts @@ -16,7 +16,7 @@ export const buildTypesMappings = ( types: SavedObjectsType[] ): SavedObjectsTypeMappingDefinitions => { return types.reduce((acc, { name: type, mappings }) => { - const duplicate = acc.hasOwnProperty(type); + const duplicate = Object.hasOwn(acc, type); if (duplicate) { throw new Error(`Type ${type} is already defined.`); } diff --git a/packages/core/ui-settings/core-ui-settings-server-internal/src/clients/base_ui_settings_client.ts b/packages/core/ui-settings/core-ui-settings-server-internal/src/clients/base_ui_settings_client.ts index 04da5a75788ec..b82b1343b4688 100644 --- a/packages/core/ui-settings/core-ui-settings-server-internal/src/clients/base_ui_settings_client.ts +++ b/packages/core/ui-settings/core-ui-settings-server-internal/src/clients/base_ui_settings_client.ts @@ -66,7 +66,7 @@ export abstract class BaseUiSettingsClient implements IUiSettingsClient { } isOverridden(key: string) { - return this.overrides.hasOwnProperty(key); + return Object.hasOwn(this.overrides, key); } isSensitive(key: string): boolean { diff --git a/packages/core/ui-settings/core-ui-settings-server-internal/src/clients/ui_settings_client_common.ts b/packages/core/ui-settings/core-ui-settings-server-internal/src/clients/ui_settings_client_common.ts index c923feaf9da92..e7b0db9e2394a 100644 --- a/packages/core/ui-settings/core-ui-settings-server-internal/src/clients/ui_settings_client_common.ts +++ b/packages/core/ui-settings/core-ui-settings-server-internal/src/clients/ui_settings_client_common.ts @@ -93,7 +93,7 @@ export abstract class UiSettingsClientCommon extends BaseUiSettingsClient { } private assertUpdateAllowed(key: string) { - if (this.overrides.hasOwnProperty(key)) { + if (Object.hasOwn(this.overrides, key)) { throw new CannotOverrideError(`Unable to update "${key}" because it is overridden`); } } @@ -113,7 +113,7 @@ export abstract class UiSettingsClientCommon extends BaseUiSettingsClient { // validate value read from saved objects as it can be changed via SO API const filteredValues: UserProvided = {}; for (const [key, userValue] of Object.entries(values)) { - if (userValue === null || this.overrides.hasOwnProperty(key)) continue; + if (userValue === null || Object.hasOwn(this.overrides, key)) continue; try { this.validateKey(key, userValue); filteredValues[key] = { diff --git a/packages/core/ui-settings/core-ui-settings-server-internal/src/ui_settings_service.ts b/packages/core/ui-settings/core-ui-settings-server-internal/src/ui_settings_service.ts index 02dfd1562c3b3..cfd12e2432835 100644 --- a/packages/core/ui-settings/core-ui-settings-server-internal/src/ui_settings_service.ts +++ b/packages/core/ui-settings/core-ui-settings-server-internal/src/ui_settings_service.ts @@ -94,7 +94,7 @@ export class UiSettingsService registerInternalRoutes(router); // Register public routes by default unless the publicApiEnabled config setting is set to false - if (!config.hasOwnProperty('publicApiEnabled') || config.publicApiEnabled === true) { + if (!Object.hasOwn(config, 'publicApiEnabled') || config.publicApiEnabled === true) { registerRoutes(router); } diff --git a/packages/kbn-ace/src/ace/modes/x_json/worker/x_json.ace.worker.js b/packages/kbn-ace/src/ace/modes/x_json/worker/x_json.ace.worker.js index c27e96624a8b7..c3720e5546628 100644 --- a/packages/kbn-ace/src/ace/modes/x_json/worker/x_json.ace.worker.js +++ b/packages/kbn-ace/src/ace/modes/x_json/worker/x_json.ace.worker.js @@ -472,9 +472,9 @@ }, this.createAnchor = function(row, column) { return new Anchor(this, row, column) }, this.$split = 0 === "aaa".split(/a/).length ? function(text) { - return text.replace(/\r\n|\r/g, "\n").split("\n") + return text.replace(/\r\n|\r/g, "\n").split("\n"); } : function(text) { - return text.split(/\r\n|\r|\n/) + return text.split(/\r\n|\r|\n/); }, this.$detectNewLine = function(text) { var match = text.match(/^.*?(\r\n|\r|\n)/m); this.$autoNewLine = match ? match[1] : "\n", this._signal("changeNewLineMode") @@ -711,9 +711,9 @@ }, exports.arrayRemove = function(array, value) { for (var i = 0; array.length >= i; i++) value === array[i] && array.splice(i, 1) }, exports.escapeRegExp = function(str) { - return str.replace(/([.*+?^${}()|[\]\/\\])/g, "\\$1") + return str.replace(/([.*+?^${}()|[\]\/\\])/g, "\\$1"); }, exports.escapeHTML = function(str) { - return str.replace(/&/g, "&").replace(/"/g, """).replace(/'/g, "'").replace(/; class Log extends Serializable { + constructor(fields: LogDocument, private logsOptions: LogsOptions) { + super({ + ...fields, + }); + } + service(name: string) { this.fields['service.name'] = name; return this; @@ -69,8 +85,9 @@ class Log extends Serializable { } dataset(value: string) { - this.fields['data_stream.dataset'] = value; - this.fields['event.dataset'] = value; + const dataset = `${this.logsOptions.isLogsDb ? LOGSDB_DATASET_PREFIX : ''}${value}`; + this.fields['data_stream.dataset'] = dataset; + this.fields['event.dataset'] = dataset; return this; } @@ -85,15 +102,16 @@ class Log extends Serializable { } } -function create(): Log { - return new Log({ - 'input.type': 'logs', - 'data_stream.namespace': 'default', - 'data_stream.type': 'logs', - 'data_stream.dataset': 'synth', - 'event.dataset': 'synth', - 'host.name': 'synth-host', - }); +function create(logsOptions: LogsOptions = defaultLogsOptions): Log { + return new Log( + { + 'input.type': 'logs', + 'data_stream.namespace': 'default', + 'data_stream.type': 'logs', + 'host.name': 'synth-host', + }, + logsOptions + ).dataset('synth'); } export const log = { diff --git a/packages/kbn-apm-synthtrace/src/cli/scenario.ts b/packages/kbn-apm-synthtrace/src/cli/scenario.ts index 990682cb65aee..c12d8333071c6 100644 --- a/packages/kbn-apm-synthtrace/src/cli/scenario.ts +++ b/packages/kbn-apm-synthtrace/src/cli/scenario.ts @@ -13,22 +13,19 @@ import { Logger } from '../lib/utils/create_logger'; import { ScenarioReturnType } from '../lib/utils/with_client'; import { RunOptions } from './utils/parse_run_cli_flags'; +interface EsClients { + apmEsClient: ApmSynthtraceEsClient; + logsEsClient: LogsSynthtraceEsClient; + infraEsClient: InfraSynthtraceEsClient; + assetsEsClient: AssetsSynthtraceEsClient; +} + type Generate = (options: { range: Timerange; - clients: { - apmEsClient: ApmSynthtraceEsClient; - logsEsClient: LogsSynthtraceEsClient; - infraEsClient: InfraSynthtraceEsClient; - assetsEsClient: AssetsSynthtraceEsClient; - }; + clients: EsClients; }) => ScenarioReturnType | Array>; export type Scenario = (options: RunOptions & { logger: Logger }) => Promise<{ - bootstrap?: (options: { - apmEsClient: ApmSynthtraceEsClient; - logsEsClient: LogsSynthtraceEsClient; - infraEsClient: InfraSynthtraceEsClient; - assetsEsClient: AssetsSynthtraceEsClient; - }) => Promise; + bootstrap?: (options: EsClients) => Promise; generate: Generate; }>; diff --git a/packages/kbn-apm-synthtrace/src/cli/utils/get_apm_es_client.ts b/packages/kbn-apm-synthtrace/src/cli/utils/get_apm_es_client.ts index ee350ab3c56d8..b876f89fa38e0 100644 --- a/packages/kbn-apm-synthtrace/src/cli/utils/get_apm_es_client.ts +++ b/packages/kbn-apm-synthtrace/src/cli/utils/get_apm_es_client.ts @@ -10,6 +10,7 @@ import { Client } from '@elastic/elasticsearch'; import { ApmSynthtraceEsClient } from '../../..'; import { Logger } from '../../lib/utils/create_logger'; import { RunOptions } from './parse_run_cli_flags'; +import { getEsClientTlsSettings } from './ssl'; export function getApmEsClient({ target, @@ -23,6 +24,7 @@ export function getApmEsClient({ }) { const client = new Client({ node: target, + tls: getEsClientTlsSettings(target), }); const apmEsClient = new ApmSynthtraceEsClient({ diff --git a/packages/kbn-apm-synthtrace/src/cli/utils/get_assets_es_client.ts b/packages/kbn-apm-synthtrace/src/cli/utils/get_assets_es_client.ts index 059a837492699..fa44bcbe3b2de 100644 --- a/packages/kbn-apm-synthtrace/src/cli/utils/get_assets_es_client.ts +++ b/packages/kbn-apm-synthtrace/src/cli/utils/get_assets_es_client.ts @@ -10,6 +10,7 @@ import { Client } from '@elastic/elasticsearch'; import { AssetsSynthtraceEsClient } from '../../lib/assets/assets_synthtrace_es_client'; import { Logger } from '../../lib/utils/create_logger'; import { RunOptions } from './parse_run_cli_flags'; +import { getEsClientTlsSettings } from './ssl'; export function getAssetsEsClient({ target, @@ -21,6 +22,7 @@ export function getAssetsEsClient({ }) { const client = new Client({ node: target, + tls: getEsClientTlsSettings(target), }); return new AssetsSynthtraceEsClient({ diff --git a/packages/kbn-apm-synthtrace/src/cli/utils/get_infra_es_client.ts b/packages/kbn-apm-synthtrace/src/cli/utils/get_infra_es_client.ts index 82a714dc8f244..a0f651d8f3185 100644 --- a/packages/kbn-apm-synthtrace/src/cli/utils/get_infra_es_client.ts +++ b/packages/kbn-apm-synthtrace/src/cli/utils/get_infra_es_client.ts @@ -10,6 +10,7 @@ import { Client } from '@elastic/elasticsearch'; import { InfraSynthtraceEsClient } from '../../lib/infra/infra_synthtrace_es_client'; import { Logger } from '../../lib/utils/create_logger'; import { RunOptions } from './parse_run_cli_flags'; +import { getEsClientTlsSettings } from './ssl'; export function getInfraEsClient({ target, @@ -21,6 +22,7 @@ export function getInfraEsClient({ }) { const client = new Client({ node: target, + tls: getEsClientTlsSettings(target), }); return new InfraSynthtraceEsClient({ diff --git a/packages/kbn-apm-synthtrace/src/cli/utils/get_logs_es_client.ts b/packages/kbn-apm-synthtrace/src/cli/utils/get_logs_es_client.ts index 8bfcdaef90839..863cf2c9964d4 100644 --- a/packages/kbn-apm-synthtrace/src/cli/utils/get_logs_es_client.ts +++ b/packages/kbn-apm-synthtrace/src/cli/utils/get_logs_es_client.ts @@ -10,6 +10,7 @@ import { Client } from '@elastic/elasticsearch'; import { LogsSynthtraceEsClient } from '../../lib/logs/logs_synthtrace_es_client'; import { Logger } from '../../lib/utils/create_logger'; import { RunOptions } from './parse_run_cli_flags'; +import { getEsClientTlsSettings } from './ssl'; export function getLogsEsClient({ target, @@ -21,6 +22,7 @@ export function getLogsEsClient({ }) { const client = new Client({ node: target, + tls: getEsClientTlsSettings(target), }); return new LogsSynthtraceEsClient({ diff --git a/packages/kbn-apm-synthtrace/src/cli/utils/get_service_urls.ts b/packages/kbn-apm-synthtrace/src/cli/utils/get_service_urls.ts index 3967040a569af..d8c11af6b41a9 100644 --- a/packages/kbn-apm-synthtrace/src/cli/utils/get_service_urls.ts +++ b/packages/kbn-apm-synthtrace/src/cli/utils/get_service_urls.ts @@ -10,6 +10,7 @@ import fetch from 'node-fetch'; import { format, parse, Url } from 'url'; import { Logger } from '../../lib/utils/create_logger'; import { RunOptions } from './parse_run_cli_flags'; +import { getFetchAgent } from './ssl'; async function discoverAuth(parsedTarget: Url) { const possibleCredentials = [`admin:changeme`, `elastic:changeme`, `elastic_serverless:changeme`]; @@ -20,7 +21,9 @@ async function discoverAuth(parsedTarget: Url) { }); let status: number; try { - const response = await fetch(url); + const response = await fetch(url, { + agent: getFetchAgent(url), + }); status = response.status; } catch (err) { status = 0; @@ -43,6 +46,7 @@ async function getKibanaUrl({ target, logger }: { target: string; logger: Logger method: 'HEAD', follow: 1, redirect: 'manual', + agent: getFetchAgent(target), }); const discoveredKibanaUrl = @@ -62,6 +66,7 @@ async function getKibanaUrl({ target, logger }: { target: string; logger: Logger const redirectedResponse = await fetch(discoveredKibanaUrlWithAuth, { method: 'HEAD', + agent: getFetchAgent(discoveredKibanaUrlWithAuth), }); if (redirectedResponse.status !== 200) { diff --git a/packages/kbn-apm-synthtrace/src/cli/utils/ssl.ts b/packages/kbn-apm-synthtrace/src/cli/utils/ssl.ts new file mode 100644 index 0000000000000..22ad438323e6b --- /dev/null +++ b/packages/kbn-apm-synthtrace/src/cli/utils/ssl.ts @@ -0,0 +1,31 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import * as Fs from 'fs'; +import { CA_CERT_PATH } from '@kbn/dev-utils'; +import https from 'https'; + +export function getFetchAgent(url: string) { + const isHTTPS = new URL(url).protocol === 'https:'; + const isLocalhost = new URL(url).hostname === 'localhost'; + return isHTTPS && isLocalhost ? new https.Agent({ rejectUnauthorized: false }) : undefined; +} + +export function getEsClientTlsSettings(url: string) { + const isHTTPS = new URL(url).protocol === 'https:'; + // load the CA cert from disk if necessary + const caCert = isHTTPS ? Fs.readFileSync(CA_CERT_PATH) : null; + const isLocalhost = new URL(url).hostname === 'localhost'; + + return caCert && isLocalhost + ? { + ca: caCert, + rejectUnauthorized: true, + } + : undefined; +} diff --git a/packages/kbn-apm-synthtrace/src/cli/utils/start_live_data_upload.ts b/packages/kbn-apm-synthtrace/src/cli/utils/start_live_data_upload.ts index 74468dbaa1569..fd7ddc6b42b36 100644 --- a/packages/kbn-apm-synthtrace/src/cli/utils/start_live_data_upload.ts +++ b/packages/kbn-apm-synthtrace/src/cli/utils/start_live_data_upload.ts @@ -10,11 +10,11 @@ import { timerange } from '@kbn/apm-synthtrace-client'; import { castArray } from 'lodash'; import { PassThrough, Readable, Writable } from 'stream'; import { isGeneratorObject } from 'util/types'; +import { SynthtraceEsClient } from '../../lib/shared/base_client'; import { awaitStream } from '../../lib/utils/wait_until_stream_finished'; import { bootstrap } from './bootstrap'; import { getScenario } from './get_scenario'; import { RunOptions } from './parse_run_cli_flags'; -import { SynthtraceEsClient } from '../../lib/utils/with_client'; export async function startLiveDataUpload({ runOptions, @@ -36,6 +36,7 @@ export async function startLiveDataUpload({ let requestedUntil = start; let currentStreams: PassThrough[] = []; + // @ts-expect-error upgrade typescript v4.9.5 const cachedStreams: WeakMap = new WeakMap(); process.on('SIGINT', () => closeStreams()); diff --git a/packages/kbn-apm-synthtrace/src/lib/apm/client/apm_synthtrace_kibana_client.ts b/packages/kbn-apm-synthtrace/src/lib/apm/client/apm_synthtrace_kibana_client.ts index caf6f47be45ce..56b3b92d287d4 100644 --- a/packages/kbn-apm-synthtrace/src/lib/apm/client/apm_synthtrace_kibana_client.ts +++ b/packages/kbn-apm-synthtrace/src/lib/apm/client/apm_synthtrace_kibana_client.ts @@ -10,6 +10,7 @@ import fetch from 'node-fetch'; import pRetry from 'p-retry'; import { Logger } from '../../utils/create_logger'; import { kibanaHeaders } from '../../shared/client_headers'; +import { getFetchAgent } from '../../../cli/utils/ssl'; export class ApmSynthtraceKibanaClient { private readonly logger: Logger; @@ -34,6 +35,7 @@ export class ApmSynthtraceKibanaClient { const response = await fetch(url, { method: 'GET', headers: kibanaHeaders(), + agent: getFetchAgent(url), }); const responseJson = await response.json(); @@ -62,6 +64,7 @@ export class ApmSynthtraceKibanaClient { method: 'POST', headers: kibanaHeaders(), body: '{"force":true}', + agent: getFetchAgent(url), }); if (!res.ok) { @@ -109,6 +112,7 @@ export class ApmSynthtraceKibanaClient { method: 'DELETE', headers: kibanaHeaders(), body: '{"force":true}', + agent: getFetchAgent(url), }); if (!res.ok) { diff --git a/packages/kbn-apm-synthtrace/src/lib/infra/infra_synthtrace_kibana_client.ts b/packages/kbn-apm-synthtrace/src/lib/infra/infra_synthtrace_kibana_client.ts index c1ac555276a66..b39efada2abff 100644 --- a/packages/kbn-apm-synthtrace/src/lib/infra/infra_synthtrace_kibana_client.ts +++ b/packages/kbn-apm-synthtrace/src/lib/infra/infra_synthtrace_kibana_client.ts @@ -11,6 +11,7 @@ import fetch from 'node-fetch'; import pRetry from 'p-retry'; import { Logger } from '../utils/create_logger'; import { kibanaHeaders } from '../shared/client_headers'; +import { getFetchAgent } from '../../cli/utils/ssl'; export class InfraSynthtraceKibanaClient { private readonly logger: Logger; @@ -30,6 +31,7 @@ export class InfraSynthtraceKibanaClient { const response = await fetch(fleetPackageApiUrl, { method: 'GET', headers: kibanaHeaders(), + agent: getFetchAgent(fleetPackageApiUrl), }); const responseJson = await response.json(); @@ -54,6 +56,7 @@ export class InfraSynthtraceKibanaClient { method: 'POST', headers: kibanaHeaders(), body: '{"force":true}', + agent: getFetchAgent(url), }); }); diff --git a/packages/kbn-apm-synthtrace/src/lib/logs/custom_logsdb_index_templates.ts b/packages/kbn-apm-synthtrace/src/lib/logs/custom_logsdb_index_templates.ts new file mode 100644 index 0000000000000..0e1003244eeef --- /dev/null +++ b/packages/kbn-apm-synthtrace/src/lib/logs/custom_logsdb_index_templates.ts @@ -0,0 +1,37 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import type { IndicesPutIndexTemplateRequest } from '@elastic/elasticsearch/lib/api/types'; + +export enum IndexTemplateName { + LogsDb = 'logsdb', +} + +export const indexTemplates: { + [key in IndexTemplateName]: IndicesPutIndexTemplateRequest; +} = { + [IndexTemplateName.LogsDb]: { + name: IndexTemplateName.LogsDb, + _meta: { + managed: false, + description: 'custom logsdb template created by synthtrace tool.', + }, + template: { + settings: { + mode: 'logsdb', + }, + }, + priority: 500, + index_patterns: ['logs-logsdb.*-*'], + composed_of: ['logs@mappings', 'logs@settings', 'ecs@mappings'], + allow_auto_create: true, + data_stream: { + hidden: false, + }, + }, +}; diff --git a/packages/kbn-apm-synthtrace/src/lib/logs/logs_synthtrace_es_client.ts b/packages/kbn-apm-synthtrace/src/lib/logs/logs_synthtrace_es_client.ts index 8d2b32849bd8f..13002dec07f3d 100644 --- a/packages/kbn-apm-synthtrace/src/lib/logs/logs_synthtrace_es_client.ts +++ b/packages/kbn-apm-synthtrace/src/lib/logs/logs_synthtrace_es_client.ts @@ -13,6 +13,7 @@ import { LogDocument } from '@kbn/apm-synthtrace-client/src/lib/logs'; import { SynthtraceEsClient, SynthtraceEsClientOptions } from '../shared/base_client'; import { getSerializeTransform } from '../shared/get_serialize_transform'; import { Logger } from '../utils/create_logger'; +import { indexTemplates, IndexTemplateName } from './custom_logsdb_index_templates'; export type LogsSynthtraceEsClientOptions = Omit; @@ -24,6 +25,21 @@ export class LogsSynthtraceEsClient extends SynthtraceEsClient { }); this.dataStreams = ['logs-*-*']; } + + async createIndexTemplate(name: IndexTemplateName) { + const isTemplateExisting = await this.client.indices.existsIndexTemplate({ name }); + + if (isTemplateExisting) return this.logger.info(`Index template already exists: ${name}`); + + const template = indexTemplates[name]; + + try { + await this.client.indices.putIndexTemplate(template); + this.logger.info(`Index template successfully created: ${name}`); + } catch (err) { + this.logger.error(`Index template creation failed: ${name} - ${err.message}`); + } + } } function logsPipeline() { diff --git a/packages/kbn-apm-synthtrace/src/lib/utils/with_client.ts b/packages/kbn-apm-synthtrace/src/lib/utils/with_client.ts index 5acbcdfbbd9f3..3427c293ec4ec 100644 --- a/packages/kbn-apm-synthtrace/src/lib/utils/with_client.ts +++ b/packages/kbn-apm-synthtrace/src/lib/utils/with_client.ts @@ -8,9 +8,8 @@ import { SynthtraceGenerator } from '@kbn/apm-synthtrace-client'; import { Readable } from 'stream'; -import { ApmSynthtraceEsClient, LogsSynthtraceEsClient } from '../../..'; +import { SynthtraceEsClient } from '../shared/base_client'; -export type SynthtraceEsClient = ApmSynthtraceEsClient | LogsSynthtraceEsClient; export type SynthGenerator = // @ts-expect-error upgrade typescript v4.9.5 | SynthtraceGenerator @@ -19,6 +18,7 @@ export type SynthGenerator = | Readable; export const withClient = ( + // @ts-expect-error upgrade typescript v4.9.5 client: SynthtraceEsClient, generator: SynthGenerator ) => { diff --git a/packages/kbn-apm-synthtrace/src/scenarios/degraded_logs.ts b/packages/kbn-apm-synthtrace/src/scenarios/degraded_logs.ts index cb5313ac70795..20323c8c2be91 100644 --- a/packages/kbn-apm-synthtrace/src/scenarios/degraded_logs.ts +++ b/packages/kbn-apm-synthtrace/src/scenarios/degraded_logs.ts @@ -7,13 +7,19 @@ */ import { LogDocument, log, generateShortId, generateLongId } from '@kbn/apm-synthtrace-client'; import { Scenario } from '../cli/scenario'; +import { IndexTemplateName } from '../lib/logs/custom_logsdb_index_templates'; import { withClient } from '../lib/utils/with_client'; +import { parseLogsScenarioOpts } from './helpers/logs_scenario_opts_parser'; const MORE_THAN_1024_CHARS = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora incidunt ut labore et dolore magnam aliquam quaerat voluptatem. Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur?'; const scenario: Scenario = async (runOptions) => { + const { isLogsDb } = parseLogsScenarioOpts(runOptions.scenarioOpts); return { + bootstrap: async ({ logsEsClient }) => { + if (isLogsDb) await logsEsClient.createIndexTemplate(IndexTemplateName.LogsDb); + }, generate: ({ range, clients: { logsEsClient } }) => { const { logger } = runOptions; @@ -42,7 +48,7 @@ const scenario: Scenario = async (runOptions) => { const datasetSynth1Logs = (timestamp: number) => { const index = Math.floor(Math.random() * 3); return log - .create() + .create({ isLogsDb }) .dataset('synth.1') .message(MESSAGE_LOG_LEVELS[index].message as string) .logLevel(MESSAGE_LOG_LEVELS[index].level) @@ -67,7 +73,7 @@ const scenario: Scenario = async (runOptions) => { const index = Math.floor(Math.random() * 3); const isMalformed = i % 60 === 0; return log - .create() + .create({ isLogsDb }) .dataset('synth.2') .message(MESSAGE_LOG_LEVELS[index].message as string) .logLevel(isMalformed ? MORE_THAN_1024_CHARS : MESSAGE_LOG_LEVELS[index].level) // "ignore_above": 1024 in mapping @@ -92,7 +98,7 @@ const scenario: Scenario = async (runOptions) => { const index = Math.floor(Math.random() * 3); const isMalformed = i % 10 === 0; return log - .create() + .create({ isLogsDb }) .dataset('synth.3') .message(MESSAGE_LOG_LEVELS[index].message as string) .logLevel(isMalformed ? MORE_THAN_1024_CHARS : MESSAGE_LOG_LEVELS[index].level) // "ignore_above": 1024 in mapping diff --git a/packages/kbn-apm-synthtrace/src/scenarios/helpers/logs_scenario_opts_parser.ts b/packages/kbn-apm-synthtrace/src/scenarios/helpers/logs_scenario_opts_parser.ts new file mode 100644 index 0000000000000..73608100944de --- /dev/null +++ b/packages/kbn-apm-synthtrace/src/scenarios/helpers/logs_scenario_opts_parser.ts @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +export const parseStringToBoolean = (value: string, defaultValue?: boolean): boolean => { + if (!value) return defaultValue ?? false; + + switch (value.trim().toLowerCase()) { + case 'true': + return true; + case 'false': + return false; + default: + return defaultValue ?? /true/i.test(value); + } +}; + +export interface LogsScenarioOpts { + isLogsDb: boolean; +} + +export const parseLogsScenarioOpts = ( + scenarioOpts: Record | undefined +): LogsScenarioOpts => { + const isLogsDb = parseStringToBoolean(scenarioOpts?.logsdb); + + return { + isLogsDb, + }; +}; diff --git a/packages/kbn-apm-synthtrace/src/scenarios/logs_and_metrics.ts b/packages/kbn-apm-synthtrace/src/scenarios/logs_and_metrics.ts index 4227f003771ef..15085d087096e 100644 --- a/packages/kbn-apm-synthtrace/src/scenarios/logs_and_metrics.ts +++ b/packages/kbn-apm-synthtrace/src/scenarios/logs_and_metrics.ts @@ -16,11 +16,18 @@ import { import { Scenario } from '../cli/scenario'; import { withClient } from '../lib/utils/with_client'; import { getSynthtraceEnvironment } from '../lib/utils/get_synthtrace_environment'; +import { parseLogsScenarioOpts } from './helpers/logs_scenario_opts_parser'; +import { IndexTemplateName } from '../lib/logs/custom_logsdb_index_templates'; const ENVIRONMENT = getSynthtraceEnvironment(__filename); const scenario: Scenario = async (runOptions) => { + const { isLogsDb } = parseLogsScenarioOpts(runOptions.scenarioOpts); + return { + bootstrap: async ({ logsEsClient }) => { + if (isLogsDb) await logsEsClient.createIndexTemplate(IndexTemplateName.LogsDb); + }, generate: ({ range, clients: { logsEsClient, apmEsClient } }) => { const { numServices = 3 } = runOptions.scenarioOpts || {}; const { logger } = runOptions; @@ -53,7 +60,7 @@ const scenario: Scenario = async (runOptions) => { .map(() => { const index = Math.floor(Math.random() * 3); return log - .create() + .create({ isLogsDb }) .message(MESSAGE_LOG_LEVELS[index].message) .logLevel(MESSAGE_LOG_LEVELS[index].level) .service(SERVICE_NAMES[index]) diff --git a/packages/kbn-apm-synthtrace/src/scenarios/logs_traces_hosts.ts b/packages/kbn-apm-synthtrace/src/scenarios/logs_traces_hosts.ts index a745ef6d2bca2..2c569985e87eb 100644 --- a/packages/kbn-apm-synthtrace/src/scenarios/logs_traces_hosts.ts +++ b/packages/kbn-apm-synthtrace/src/scenarios/logs_traces_hosts.ts @@ -20,6 +20,8 @@ import { Scenario } from '../cli/scenario'; import { Logger } from '../lib/utils/create_logger'; import { withClient } from '../lib/utils/with_client'; import { getSynthtraceEnvironment } from '../lib/utils/get_synthtrace_environment'; +import { parseLogsScenarioOpts, parseStringToBoolean } from './helpers/logs_scenario_opts_parser'; +import { IndexTemplateName } from '../lib/logs/custom_logsdb_index_templates'; const ENVIRONMENT = getSynthtraceEnvironment(__filename); @@ -38,10 +40,16 @@ const DEFAULT_SCENARIO_OPTS = { logsRate: 1, ingestHosts: true, ingestTraces: true, + logsdb: false, }; const scenario: Scenario = async (runOptions) => { + const { isLogsDb } = parseLogsScenarioOpts(runOptions.scenarioOpts); + return { + bootstrap: async ({ logsEsClient }) => { + if (isLogsDb) await logsEsClient.createIndexTemplate(IndexTemplateName.LogsDb); + }, generate: ({ range, clients: { logsEsClient, infraEsClient, apmEsClient } }) => { const { numSpaces, @@ -58,6 +66,10 @@ const scenario: Scenario = async (runOp ingestHosts, ingestTraces, } = { ...DEFAULT_SCENARIO_OPTS, ...(runOptions.scenarioOpts || {}) }; + + const parsedIngestHosts = parseStringToBoolean(`${ingestHosts}`); + const parsedIngestTraces = parseStringToBoolean(`${ingestTraces}`); + const { logger } = runOptions; killIfUnknownScenarioOptions(logger, runOptions.scenarioOpts || {}); @@ -189,7 +201,7 @@ const scenario: Scenario = async (runOp const customFields = getExtraFields(numCustomFields, isMalformed, customFieldPrefix); return log - .create() + .create({ isLogsDb }) .dataset(dataset) .message(message) .logLevel(logLevel) @@ -220,7 +232,7 @@ const scenario: Scenario = async (runOp }); return [ - ...(ingestHosts + ...(parsedIngestHosts ? [ withClient( infraEsClient, @@ -228,7 +240,7 @@ const scenario: Scenario = async (runOp ), ] : []), - ...(ingestTraces + ...(parsedIngestTraces ? [ withClient( apmEsClient, diff --git a/packages/kbn-apm-synthtrace/src/scenarios/simple_logs.ts b/packages/kbn-apm-synthtrace/src/scenarios/simple_logs.ts index d617bbe54d3c4..d496079ebd556 100644 --- a/packages/kbn-apm-synthtrace/src/scenarios/simple_logs.ts +++ b/packages/kbn-apm-synthtrace/src/scenarios/simple_logs.ts @@ -7,13 +7,20 @@ */ import { LogDocument, log, generateShortId, generateLongId } from '@kbn/apm-synthtrace-client'; import { Scenario } from '../cli/scenario'; +import { IndexTemplateName } from '../lib/logs/custom_logsdb_index_templates'; import { withClient } from '../lib/utils/with_client'; +import { parseLogsScenarioOpts } from './helpers/logs_scenario_opts_parser'; const MORE_THAN_1024_CHARS = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora incidunt ut labore et dolore magnam aliquam quaerat voluptatem. Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur?'; const scenario: Scenario = async (runOptions) => { + const { isLogsDb } = parseLogsScenarioOpts(runOptions.scenarioOpts); + return { + bootstrap: async ({ logsEsClient }) => { + if (isLogsDb) await logsEsClient.createIndexTemplate(IndexTemplateName.LogsDb); + }, generate: ({ range, clients: { logsEsClient } }) => { const { logger } = runOptions; @@ -48,7 +55,7 @@ const scenario: Scenario = async (runOptions) => { const serviceName = SERVICE_NAMES[index]; return log - .create() + .create({ isLogsDb }) .message(message.replace('', generateShortId())) .logLevel(level) .service(serviceName) @@ -80,7 +87,7 @@ const scenario: Scenario = async (runOptions) => { .map(() => { const index = Math.floor(Math.random() * 3); return log - .create() + .create({ isLogsDb }) .service(SERVICE_NAMES[index]) .defaults({ 'trace.id': generateShortId(), @@ -111,7 +118,7 @@ const scenario: Scenario = async (runOptions) => { .map(() => { const index = Math.floor(Math.random() * 3); return log - .create() + .create({ isLogsDb }) .logLevel(MESSAGE_LOG_LEVELS[index].level) .service(SERVICE_NAMES[index]) .defaults({ @@ -144,7 +151,7 @@ const scenario: Scenario = async (runOptions) => { .map(() => { const index = Math.floor(Math.random() * 3); return log - .create() + .create({ isLogsDb }) .logLevel(MESSAGE_LOG_LEVELS[index].level) .service(SERVICE_NAMES[index]) .defaults({ @@ -177,7 +184,7 @@ const scenario: Scenario = async (runOptions) => { .map(() => { const index = Math.floor(Math.random() * 3); return log - .create() + .create({ isLogsDb }) .logLevel(MESSAGE_LOG_LEVELS[index].level) .service(SERVICE_NAMES[index]) .defaults({ @@ -209,7 +216,7 @@ const scenario: Scenario = async (runOptions) => { .map(() => { const index = Math.floor(Math.random() * 3); return log - .create() + .create({ isLogsDb }) .message(MESSAGE_LOG_LEVELS[index].message) .logLevel(MORE_THAN_1024_CHARS) .service(SERVICE_NAMES[index]) diff --git a/packages/kbn-apm-synthtrace/src/scenarios/spiked_latency.ts b/packages/kbn-apm-synthtrace/src/scenarios/spiked_latency.ts index 13eb4dcd3f6d6..69394a9688231 100644 --- a/packages/kbn-apm-synthtrace/src/scenarios/spiked_latency.ts +++ b/packages/kbn-apm-synthtrace/src/scenarios/spiked_latency.ts @@ -18,13 +18,20 @@ import { import { Scenario } from '../cli/scenario'; import { getSynthtraceEnvironment } from '../lib/utils/get_synthtrace_environment'; import { withClient } from '../lib/utils/with_client'; +import { parseLogsScenarioOpts } from './helpers/logs_scenario_opts_parser'; +import { IndexTemplateName } from '../lib/logs/custom_logsdb_index_templates'; const ENVIRONMENT = getSynthtraceEnvironment(__filename); const alwaysSpikeTransactionName = 'GET /always-spike'; const sometimesSpikeTransactionName = 'GET /sometimes-spike'; -const scenario: Scenario = async ({ logger }) => { +const scenario: Scenario = async ({ logger, ...runOptions }) => { + const { isLogsDb } = parseLogsScenarioOpts(runOptions.scenarioOpts); + return { + bootstrap: async ({ logsEsClient }) => { + if (isLogsDb) await logsEsClient.createIndexTemplate(IndexTemplateName.LogsDb); + }, generate: ({ range, clients: { apmEsClient, logsEsClient } }) => { const serviceNames = ['spikey-frontend', 'spikey-backend']; @@ -63,7 +70,7 @@ const scenario: Scenario = async ({ logger }) => { } = clusters[clusterIndex]; return log - .create() + .create({ isLogsDb }) .message(`Error message #${generateShortId()} from ${serviceName}`) .logLevel('error') .service(serviceName) diff --git a/packages/kbn-apm-synthtrace/src/scenarios/traces_logs_assets.ts b/packages/kbn-apm-synthtrace/src/scenarios/traces_logs_assets.ts index 5b3e6fcf4b350..66bfb2db54e13 100644 --- a/packages/kbn-apm-synthtrace/src/scenarios/traces_logs_assets.ts +++ b/packages/kbn-apm-synthtrace/src/scenarios/traces_logs_assets.ts @@ -18,16 +18,22 @@ import { import { random } from 'lodash'; import { Readable } from 'stream'; import { Scenario } from '../cli/scenario'; +import { IndexTemplateName } from '../lib/logs/custom_logsdb_index_templates'; import { getSynthtraceEnvironment } from '../lib/utils/get_synthtrace_environment'; import { withClient } from '../lib/utils/with_client'; +import { parseLogsScenarioOpts } from './helpers/logs_scenario_opts_parser'; const ENVIRONMENT = getSynthtraceEnvironment(__filename); const scenario: Scenario = async (runOptions) => { - const { logger } = runOptions; + const { logger, scenarioOpts } = runOptions; const { numServices = 3, numHosts = 10 } = runOptions.scenarioOpts || {}; + const { isLogsDb } = parseLogsScenarioOpts(scenarioOpts); return { + bootstrap: async ({ logsEsClient }) => { + if (isLogsDb) await logsEsClient.createIndexTemplate(IndexTemplateName.LogsDb); + }, generate: ({ range, clients: { apmEsClient, assetsEsClient, logsEsClient, infraEsClient }, @@ -142,7 +148,7 @@ const scenario: Scenario = async (runOptions) => { }; return log - .create() + .create({ isLogsDb }) .message(message.replace('', generateShortId())) .logLevel(level) .service('multi-signal-service') @@ -182,7 +188,7 @@ const scenario: Scenario = async (runOptions) => { }; return log - .create() + .create({ isLogsDb }) .message(message.replace('', generateShortId())) .logLevel(level) .service('logs-only-services') diff --git a/packages/kbn-apm-synthtrace/tsconfig.json b/packages/kbn-apm-synthtrace/tsconfig.json index 22ff0442879ab..e5ca7beabd45c 100644 --- a/packages/kbn-apm-synthtrace/tsconfig.json +++ b/packages/kbn-apm-synthtrace/tsconfig.json @@ -8,6 +8,7 @@ "kbn_references": [ "@kbn/datemath", "@kbn/apm-synthtrace-client", + "@kbn/dev-utils", ], "exclude": [ "target/**/*", diff --git a/packages/kbn-check-mappings-update-cli/current_fields.json b/packages/kbn-check-mappings-update-cli/current_fields.json index d891c7ae5d095..211777a5274a5 100644 --- a/packages/kbn-check-mappings-update-cli/current_fields.json +++ b/packages/kbn-check-mappings-update-cli/current_fields.json @@ -436,6 +436,7 @@ "updated_by", "version" ], + "favorites": [], "file": [ "FileKind", "Meta", @@ -629,6 +630,7 @@ "is_managed", "name", "namespace", + "output_id", "overrides", "package", "package.name", diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index 8bec33bcda085..e6e1fef63ee85 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -1482,6 +1482,10 @@ } } }, + "favorites": { + "dynamic": false, + "properties": {} + }, "file": { "dynamic": false, "properties": { @@ -2097,6 +2101,9 @@ "namespace": { "type": "keyword" }, + "output_id": { + "type": "keyword" + }, "overrides": { "index": false, "type": "flattened" diff --git a/packages/kbn-cli-dev-mode/src/optimizer.ts b/packages/kbn-cli-dev-mode/src/optimizer.ts index f81f6ec7fb2a4..f82f152dd7e49 100644 --- a/packages/kbn-cli-dev-mode/src/optimizer.ts +++ b/packages/kbn-cli-dev-mode/src/optimizer.ts @@ -92,7 +92,7 @@ export class Optimizer { ); const log = new ToolingLog(); - const has = (obj: T, x: any): x is keyof T => obj.hasOwnProperty(x); + const has = (obj: T, x: any): x is keyof T => Object.hasOwn(obj, x); log.setWriters([ { diff --git a/packages/kbn-config-schema/src/types/object_type.test.ts b/packages/kbn-config-schema/src/types/object_type.test.ts index d12688fa04099..d8828f566d007 100644 --- a/packages/kbn-config-schema/src/types/object_type.test.ts +++ b/packages/kbn-config-schema/src/types/object_type.test.ts @@ -8,7 +8,7 @@ import { get } from 'lodash'; import { expectType } from 'tsd'; -import { schema } from '../..'; +import { offeringBasedSchema, schema } from '../..'; import { TypeOf } from './object_type'; test('returns value by default', () => { @@ -682,6 +682,10 @@ test('returns schema structure', () => { boolean: schema.boolean(), buffer: schema.buffer(), byteSize: schema.byteSize(), + svlConditional: offeringBasedSchema({ + serverless: schema.literal('serverless'), + traditional: schema.literal('stateful'), + }), conditional: schema.conditional( schema.contextRef('context_value_1'), schema.contextRef('context_value_2'), @@ -699,8 +703,9 @@ test('returns schema structure', () => { record: schema.recordOf(schema.string(), schema.string()), stream: schema.stream(), string: schema.string(), - union: schema.oneOf([schema.string()]), + union: schema.oneOf([schema.string(), schema.number(), schema.boolean()]), uri: schema.uri(), + null: schema.literal(null), }); const type = objSchema.extends({ nested: objSchema, @@ -711,39 +716,43 @@ test('returns schema structure', () => { { path: ['boolean'], type: 'boolean' }, { path: ['buffer'], type: 'binary' }, { path: ['byteSize'], type: 'bytes' }, - { path: ['conditional'], type: 'any' }, + { path: ['svlConditional'], type: 'serverless|stateful' }, + { path: ['conditional'], type: 'string' }, { path: ['duration'], type: 'duration' }, { path: ['ip'], type: 'string' }, - { path: ['literal'], type: 'any' }, + { path: ['literal'], type: 'foo' }, { path: ['map'], type: 'map' }, - { path: ['maybe'], type: 'string' }, - { path: ['never'], type: 'any' }, - { path: ['nullable'], type: 'alternatives' }, + { path: ['maybe'], type: 'string?' }, + { path: ['never'], type: 'never' }, + { path: ['nullable'], type: 'string?|null' }, { path: ['number'], type: 'number' }, { path: ['record'], type: 'record' }, { path: ['stream'], type: 'stream' }, { path: ['string'], type: 'string' }, - { path: ['union'], type: 'alternatives' }, + { path: ['union'], type: 'string|number|boolean' }, { path: ['uri'], type: 'string' }, + { path: ['null'], type: 'null' }, { path: ['nested', 'any'], type: 'any' }, { path: ['nested', 'array'], type: 'array' }, { path: ['nested', 'boolean'], type: 'boolean' }, { path: ['nested', 'buffer'], type: 'binary' }, { path: ['nested', 'byteSize'], type: 'bytes' }, - { path: ['nested', 'conditional'], type: 'any' }, + { path: ['nested', 'svlConditional'], type: 'serverless|stateful' }, + { path: ['nested', 'conditional'], type: 'string' }, { path: ['nested', 'duration'], type: 'duration' }, { path: ['nested', 'ip'], type: 'string' }, - { path: ['nested', 'literal'], type: 'any' }, + { path: ['nested', 'literal'], type: 'foo' }, { path: ['nested', 'map'], type: 'map' }, - { path: ['nested', 'maybe'], type: 'string' }, - { path: ['nested', 'never'], type: 'any' }, - { path: ['nested', 'nullable'], type: 'alternatives' }, + { path: ['nested', 'maybe'], type: 'string?' }, + { path: ['nested', 'never'], type: 'never' }, + { path: ['nested', 'nullable'], type: 'string?|null' }, { path: ['nested', 'number'], type: 'number' }, { path: ['nested', 'record'], type: 'record' }, { path: ['nested', 'stream'], type: 'stream' }, { path: ['nested', 'string'], type: 'string' }, - { path: ['nested', 'union'], type: 'alternatives' }, + { path: ['nested', 'union'], type: 'string|number|boolean' }, { path: ['nested', 'uri'], type: 'string' }, + { path: ['nested', 'null'], type: 'null' }, ]); }); diff --git a/packages/kbn-config-schema/src/types/type.ts b/packages/kbn-config-schema/src/types/type.ts index d7e02e439ae3b..eee480723c623 100644 --- a/packages/kbn-config-schema/src/types/type.ts +++ b/packages/kbn-config-schema/src/types/type.ts @@ -6,7 +6,15 @@ * Side Public License, v 1. */ -import type { AnySchema, CustomValidator, ErrorReport } from 'joi'; +import { + isSchema, + type CustomValidator, + type ErrorReport, + type Schema, + type SchemaLike, + type WhenOptions, + CustomHelpers, +} from 'joi'; import { META_FIELD_X_OAS_DEPRECATED } from '../oas_meta_fields'; import { SchemaTypeError, ValidationError } from '../errors'; import { Reference } from '../references'; @@ -91,9 +99,9 @@ export abstract class Type { * Internal "schema" backed by Joi. * @type {Schema} */ - protected readonly internalSchema: AnySchema; + protected readonly internalSchema: Schema; - protected constructor(schema: AnySchema, options: TypeOptions = {}) { + protected constructor(schema: Schema, options: TypeOptions = {}) { if (options.defaultValue !== undefined) { schema = schema.optional(); @@ -214,7 +222,7 @@ export abstract class Type { } } -function recursiveGetSchemaStructure(internalSchema: AnySchema, path: string[] = []) { +function recursiveGetSchemaStructure(internalSchema: Schema, path: string[] = []) { const array: SchemaStructureEntry[] = []; // Note: we are relying on Joi internals to obtain the schema structure (recursive keys). // This is not ideal, but it works for now and we only need it for some integration test assertions. @@ -222,8 +230,69 @@ function recursiveGetSchemaStructure(internalSchema: AnySchema, path: string[] = for (const [key, val] of (internalSchema as any)._ids._byKey.entries()) { array.push(...recursiveGetSchemaStructure(val.schema, [...path, key])); } + if (!array.length) { - array.push({ path, type: internalSchema.type ?? 'unknown' }); + let type: string; + try { + type = prettyPrintType(internalSchema, path); + } catch (error) { + // failed to find special type, might need to update for new joi versions or type usages + type = internalSchema.type || 'unknown'; + } + + array.push({ + path, + type, + }); } return array; } + +/** + * Returns a more accurate type from complex schema definitions. + * + * For example, conditional values resolve to type `any` when the nested value is only ever a `string`. + * + * @param internalSchema + * @param path of current schema + * @returns schema type + */ +function prettyPrintType(schema?: SchemaLike, path: string[] = []): string { + // takes array of possible values and de-dups and joins + return [...new Set([prettyPrintTypeParts(schema, false, path)].flat())].filter(Boolean).join('|'); +} + +/** + * Recursively collects all possible nested schema types. + */ +function prettyPrintTypeParts( + schema?: SchemaLike, + optional = false, + path: string[] = [] +): string | string[] { + if (!isSchema(schema)) { + if (schema === null) return 'null'; + return `${schema ?? 'unknown'}${optional ? '?' : ''}`; + } + + const isOptionalType = optional || schema._flags?.presence === 'optional'; + // For explicit custom schema.never + if (schema._flags?.presence === 'forbidden') return 'never'; + // For offeringBasedSchema, schema.when, schema.conditional + if (schema.$_terms?.whens?.length > 0) + return (schema.$_terms.whens as WhenOptions[]).flatMap((when) => + [when?.then, when?.otherwise].flatMap((s) => prettyPrintTypeParts(s, isOptionalType, path)) + ); + // schema.oneOf, schema.allOf, etc. + if (schema.$_terms?.matches?.length > 0) + return (schema.$_terms.matches as CustomHelpers[]).flatMap((s) => + prettyPrintTypeParts(s.schema, isOptionalType, path) + ); + // schema.literal + if (schema._flags?.only && (schema as any)._valids?._values?.size > 0) + return [...(schema as any)._valids._values.keys()].flatMap((v) => + prettyPrintTypeParts(v, isOptionalType, path) + ); + + return `${schema?.type || 'unknown'}${isOptionalType ? '?' : ''}`; +} diff --git a/packages/kbn-data-service/src/search/tabify/tabify_docs.ts b/packages/kbn-data-service/src/search/tabify/tabify_docs.ts index ceb60b7492d92..5f8912c32ae20 100644 --- a/packages/kbn-data-service/src/search/tabify/tabify_docs.ts +++ b/packages/kbn-data-service/src/search/tabify/tabify_docs.ts @@ -48,7 +48,7 @@ function flattenAccum( params?: TabifyDocsOptions ) { for (const k in obj) { - if (!obj.hasOwnProperty(k)) { + if (!Object.hasOwn(obj, k)) { continue; } const val = obj[k]; @@ -114,7 +114,7 @@ export function flattenHit(hit: Hit, indexPattern?: DataView, params?: TabifyDoc // merged, since we would otherwise duplicate values, since ignore_field_values and _source // contain the same values. for (const fieldName in hit.ignored_field_values) { - if (!hit.ignored_field_values.hasOwnProperty(fieldName)) { + if (!Object.hasOwn(hit.ignored_field_values, fieldName)) { continue; } const fieldValue = hit.ignored_field_values[fieldName]; diff --git a/packages/kbn-discover-utils/index.ts b/packages/kbn-discover-utils/index.ts index 65f95a46235e8..656d3e1cf0fec 100644 --- a/packages/kbn-discover-utils/index.ts +++ b/packages/kbn-discover-utils/index.ts @@ -44,6 +44,7 @@ export { isNestedFieldParent, isLegacyTableEnabled, usePager, + calcFieldCounts, getLogLevelColor, getLogLevelCoalescedValue, getLogLevelCoalescedValueLabel, diff --git a/src/plugins/discover/public/application/main/utils/calc_field_counts.test.ts b/packages/kbn-discover-utils/src/utils/calc_field_counts.test.ts similarity index 95% rename from src/plugins/discover/public/application/main/utils/calc_field_counts.test.ts rename to packages/kbn-discover-utils/src/utils/calc_field_counts.test.ts index c1740cf3a4fd4..d9ab0a2e14bb8 100644 --- a/src/plugins/discover/public/application/main/utils/calc_field_counts.test.ts +++ b/packages/kbn-discover-utils/src/utils/calc_field_counts.test.ts @@ -7,7 +7,7 @@ */ import { calcFieldCounts } from './calc_field_counts'; -import { buildDataTableRecord } from '@kbn/discover-utils'; +import { buildDataTableRecord } from './build_data_record'; describe('calcFieldCounts', () => { test('returns valid field count data', async () => { diff --git a/src/plugins/discover/public/application/main/utils/calc_field_counts.ts b/packages/kbn-discover-utils/src/utils/calc_field_counts.ts similarity index 92% rename from src/plugins/discover/public/application/main/utils/calc_field_counts.ts rename to packages/kbn-discover-utils/src/utils/calc_field_counts.ts index 8f4fe80762795..5d218c17eff34 100644 --- a/src/plugins/discover/public/application/main/utils/calc_field_counts.ts +++ b/packages/kbn-discover-utils/src/utils/calc_field_counts.ts @@ -5,7 +5,7 @@ * in compliance with, at your election, the Elastic License 2.0 or the Server * Side Public License, v 1. */ -import type { DataTableRecord } from '@kbn/discover-utils/types'; +import type { DataTableRecord } from '../types'; /** * This function is calculating stats of the available fields, for usage in sidebar and sharing diff --git a/packages/kbn-discover-utils/src/utils/index.ts b/packages/kbn-discover-utils/src/utils/index.ts index 399d4e8ba298e..fd368beda5d7c 100644 --- a/packages/kbn-discover-utils/src/utils/index.ts +++ b/packages/kbn-discover-utils/src/utils/index.ts @@ -15,4 +15,5 @@ export * from './get_log_document_overview'; export * from './get_message_field_with_fallbacks'; export * from './get_should_show_field_handler'; export * from './nested_fields'; +export * from './calc_field_counts'; export { isLegacyTableEnabled } from './is_legacy_table_enabled'; diff --git a/packages/kbn-es-archiver/src/lib/indices/__mocks__/stubs.ts b/packages/kbn-es-archiver/src/lib/indices/__mocks__/stubs.ts index 1bfbc80f52a19..f6b602b734bd0 100644 --- a/packages/kbn-es-archiver/src/lib/indices/__mocks__/stubs.ts +++ b/packages/kbn-es-archiver/src/lib/indices/__mocks__/stubs.ts @@ -121,7 +121,7 @@ export const createStubClient = ( return { body: { ok: true } }; }), create: sinon.spy(async ({ index }) => { - if (existingIndices.includes(index) || aliases.hasOwnProperty(index)) { + if (existingIndices.includes(index) || Object.hasOwn(aliases, index)) { throw createEsClientError('resource_already_exists_exception'); } else { existingIndices.push(index); diff --git a/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml b/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml index b05bb0de2f2c8..3c008407d5c46 100644 --- a/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml +++ b/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml @@ -47,6 +47,7 @@ viewer: - feature_siem.endpoint_list_read - feature_securitySolutionCases.read - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.read - feature_builtInAlerts.read - feature_osquery.read @@ -124,6 +125,7 @@ editor: - feature_siem.file_operations_all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.read - feature_builtInAlerts.all - feature_osquery.all @@ -171,6 +173,7 @@ t1_analyst: - feature_siem.endpoint_list_read - feature_securitySolutionCases.read - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.read - feature_builtInAlerts.read - feature_osquery.read @@ -224,6 +227,7 @@ t2_analyst: - feature_siem.endpoint_list_read - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.read - feature_builtInAlerts.read - feature_osquery.read @@ -292,6 +296,7 @@ t3_analyst: - feature_siem.scan_operations_all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.read - feature_builtInAlerts.all - feature_osquery.all @@ -352,6 +357,7 @@ threat_intelligence_analyst: - feature_siem.blocklist_all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.read - feature_builtInAlerts.read - feature_osquery.all @@ -418,6 +424,7 @@ rule_author: - feature_siem.actions_log_management_read - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.read - feature_builtInAlerts.all - feature_osquery.all @@ -488,6 +495,7 @@ soc_manager: - feature_siem.scan_operations_all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.all - feature_builtInAlerts.all - feature_osquery.all @@ -546,6 +554,7 @@ detections_admin: - feature_siem.crud_alerts - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.all - feature_builtInAlerts.all - feature_dev_tools.all @@ -603,6 +612,7 @@ platform_engineer: - feature_siem.actions_log_management_read - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.all - feature_builtInAlerts.all - feature_fleet.all @@ -674,6 +684,7 @@ endpoint_operations_analyst: - feature_siem.scan_operations_all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.all - feature_builtInAlerts.all - feature_osquery.all @@ -747,6 +758,7 @@ endpoint_policy_manager: - feature_siem.blocklist_all # Elastic Defend Policy Management - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all + - feature_securitySolutionAttackDiscovery.all - feature_actions.all - feature_builtInAlerts.all - feature_osquery.all diff --git a/packages/kbn-es/src/serverless_resources/security_roles.json b/packages/kbn-es/src/serverless_resources/security_roles.json index 8ba9dc4c6bc73..0554853b82df9 100644 --- a/packages/kbn-es/src/serverless_resources/security_roles.json +++ b/packages/kbn-es/src/serverless_resources/security_roles.json @@ -34,6 +34,7 @@ "ml": ["read"], "siem": ["read", "read_alerts"], "securitySolutionAssistant": ["all"], + "securitySolutionAttackDiscovery": ["all"], "securitySolutionCases": ["read"], "actions": ["read"], "builtInAlerts": ["read"] @@ -80,6 +81,7 @@ "ml": ["read"], "siem": ["read", "read_alerts"], "securitySolutionAssistant": ["all"], + "securitySolutionAttackDiscovery": ["all"], "securitySolutionCases": ["read"], "actions": ["read"], "builtInAlerts": ["read"] @@ -145,6 +147,7 @@ ], "securitySolutionCases": ["all"], "securitySolutionAssistant": ["all"], + "securitySolutionAttackDiscovery": ["all"], "actions": ["read"], "builtInAlerts": ["all"], "osquery": ["all"], @@ -201,6 +204,7 @@ "ml": ["read"], "siem": ["all", "read_alerts", "crud_alerts"], "securitySolutionAssistant": ["all"], + "securitySolutionAttackDiscovery": ["all"], "securitySolutionCases": ["all"], "actions": ["read"], "builtInAlerts": ["all"] @@ -253,6 +257,7 @@ "ml": ["read"], "siem": ["all", "read_alerts", "crud_alerts"], "securitySolutionAssistant": ["all"], + "securitySolutionAttackDiscovery": ["all"], "securitySolutionCases": ["all"], "actions": ["all"], "builtInAlerts": ["all"] @@ -300,6 +305,7 @@ "ml": ["all"], "siem": ["all", "read_alerts", "crud_alerts"], "securitySolutionAssistant": ["all"], + "securitySolutionAttackDiscovery": ["all"], "securitySolutionCases": ["all"], "actions": ["read"], "builtInAlerts": ["all"], @@ -354,6 +360,7 @@ "ml": ["all"], "siem": ["all", "read_alerts", "crud_alerts"], "securitySolutionAssistant": ["all"], + "securitySolutionAttackDiscovery": ["all"], "securitySolutionCases": ["all"], "actions": ["all"], "builtInAlerts": ["all"] diff --git a/packages/kbn-eslint-config/.eslintrc.js b/packages/kbn-eslint-config/.eslintrc.js index 1391c842b235a..028309aa05774 100644 --- a/packages/kbn-eslint-config/.eslintrc.js +++ b/packages/kbn-eslint-config/.eslintrc.js @@ -312,5 +312,9 @@ module.exports = { '@kbn/imports/uniform_imports': 'error', '@kbn/imports/no_unused_imports': 'error', '@kbn/imports/no_boundary_crossing': 'error', + + 'no-new-func': 'error', + 'no-implied-eval': 'error', + 'no-prototype-builtins': 'error', }, }; diff --git a/packages/kbn-esql-ast/src/antlr/esql_lexer.g4 b/packages/kbn-esql-ast/src/antlr/esql_lexer.g4 index f5d535e430b62..f9aa94252ee4d 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_lexer.g4 +++ b/packages/kbn-esql-ast/src/antlr/esql_lexer.g4 @@ -30,6 +30,7 @@ SHOW : 'show' -> pushMode(SHOW_MODE); SORT : 'sort' -> pushMode(EXPRESSION_MODE); STATS : 'stats' -> pushMode(EXPRESSION_MODE); WHERE : 'where' -> pushMode(EXPRESSION_MODE); +MATCH : 'match' -> pushMode(EXPRESSION_MODE); UNKNOWN_CMD : ~[ \r\n\t[\]/]+ -> pushMode(EXPRESSION_MODE); LINE_COMMENT @@ -145,7 +146,7 @@ IS: 'is'; LAST : 'last'; LIKE: 'like'; LP : '('; -MATCH: 'match'; +MATCH_OPERATOR: 'match'; NOT : 'not'; NULL : 'null'; NULLS : 'nulls'; diff --git a/packages/kbn-esql-ast/src/antlr/esql_lexer.interp b/packages/kbn-esql-ast/src/antlr/esql_lexer.interp index 2eb135a257955..079b01d721517 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_lexer.interp +++ b/packages/kbn-esql-ast/src/antlr/esql_lexer.interp @@ -28,6 +28,7 @@ null null null null +null '|' null null @@ -47,7 +48,7 @@ null 'last' 'like' '(' -'match' +null 'not' 'null' 'nulls' @@ -148,6 +149,7 @@ SHOW SORT STATS WHERE +MATCH UNKNOWN_CMD LINE_COMMENT MULTILINE_COMMENT @@ -175,7 +177,7 @@ IS LAST LIKE LP -MATCH +MATCH_OPERATOR NOT NULL NULLS @@ -275,6 +277,7 @@ SHOW SORT STATS WHERE +MATCH UNKNOWN_CMD LINE_COMMENT MULTILINE_COMMENT @@ -315,7 +318,7 @@ IS LAST LIKE LP -MATCH +MATCH_OPERATOR NOT NULL NULLS @@ -474,4 +477,4 @@ METRICS_MODE CLOSING_METRICS_MODE atn: -[4, 0, 125, 1458, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 2, 0, 7, 0, 2, 1, 7, 1, 2, 2, 7, 2, 2, 3, 7, 3, 2, 4, 7, 4, 2, 5, 7, 5, 2, 6, 7, 6, 2, 7, 7, 7, 2, 8, 7, 8, 2, 9, 7, 9, 2, 10, 7, 10, 2, 11, 7, 11, 2, 12, 7, 12, 2, 13, 7, 13, 2, 14, 7, 14, 2, 15, 7, 15, 2, 16, 7, 16, 2, 17, 7, 17, 2, 18, 7, 18, 2, 19, 7, 19, 2, 20, 7, 20, 2, 21, 7, 21, 2, 22, 7, 22, 2, 23, 7, 23, 2, 24, 7, 24, 2, 25, 7, 25, 2, 26, 7, 26, 2, 27, 7, 27, 2, 28, 7, 28, 2, 29, 7, 29, 2, 30, 7, 30, 2, 31, 7, 31, 2, 32, 7, 32, 2, 33, 7, 33, 2, 34, 7, 34, 2, 35, 7, 35, 2, 36, 7, 36, 2, 37, 7, 37, 2, 38, 7, 38, 2, 39, 7, 39, 2, 40, 7, 40, 2, 41, 7, 41, 2, 42, 7, 42, 2, 43, 7, 43, 2, 44, 7, 44, 2, 45, 7, 45, 2, 46, 7, 46, 2, 47, 7, 47, 2, 48, 7, 48, 2, 49, 7, 49, 2, 50, 7, 50, 2, 51, 7, 51, 2, 52, 7, 52, 2, 53, 7, 53, 2, 54, 7, 54, 2, 55, 7, 55, 2, 56, 7, 56, 2, 57, 7, 57, 2, 58, 7, 58, 2, 59, 7, 59, 2, 60, 7, 60, 2, 61, 7, 61, 2, 62, 7, 62, 2, 63, 7, 63, 2, 64, 7, 64, 2, 65, 7, 65, 2, 66, 7, 66, 2, 67, 7, 67, 2, 68, 7, 68, 2, 69, 7, 69, 2, 70, 7, 70, 2, 71, 7, 71, 2, 72, 7, 72, 2, 73, 7, 73, 2, 74, 7, 74, 2, 75, 7, 75, 2, 76, 7, 76, 2, 77, 7, 77, 2, 78, 7, 78, 2, 79, 7, 79, 2, 80, 7, 80, 2, 81, 7, 81, 2, 82, 7, 82, 2, 83, 7, 83, 2, 84, 7, 84, 2, 85, 7, 85, 2, 86, 7, 86, 2, 87, 7, 87, 2, 88, 7, 88, 2, 89, 7, 89, 2, 90, 7, 90, 2, 91, 7, 91, 2, 92, 7, 92, 2, 93, 7, 93, 2, 94, 7, 94, 2, 95, 7, 95, 2, 96, 7, 96, 2, 97, 7, 97, 2, 98, 7, 98, 2, 99, 7, 99, 2, 100, 7, 100, 2, 101, 7, 101, 2, 102, 7, 102, 2, 103, 7, 103, 2, 104, 7, 104, 2, 105, 7, 105, 2, 106, 7, 106, 2, 107, 7, 107, 2, 108, 7, 108, 2, 109, 7, 109, 2, 110, 7, 110, 2, 111, 7, 111, 2, 112, 7, 112, 2, 113, 7, 113, 2, 114, 7, 114, 2, 115, 7, 115, 2, 116, 7, 116, 2, 117, 7, 117, 2, 118, 7, 118, 2, 119, 7, 119, 2, 120, 7, 120, 2, 121, 7, 121, 2, 122, 7, 122, 2, 123, 7, 123, 2, 124, 7, 124, 2, 125, 7, 125, 2, 126, 7, 126, 2, 127, 7, 127, 2, 128, 7, 128, 2, 129, 7, 129, 2, 130, 7, 130, 2, 131, 7, 131, 2, 132, 7, 132, 2, 133, 7, 133, 2, 134, 7, 134, 2, 135, 7, 135, 2, 136, 7, 136, 2, 137, 7, 137, 2, 138, 7, 138, 2, 139, 7, 139, 2, 140, 7, 140, 2, 141, 7, 141, 2, 142, 7, 142, 2, 143, 7, 143, 2, 144, 7, 144, 2, 145, 7, 145, 2, 146, 7, 146, 2, 147, 7, 147, 2, 148, 7, 148, 2, 149, 7, 149, 2, 150, 7, 150, 2, 151, 7, 151, 2, 152, 7, 152, 2, 153, 7, 153, 2, 154, 7, 154, 2, 155, 7, 155, 2, 156, 7, 156, 2, 157, 7, 157, 2, 158, 7, 158, 2, 159, 7, 159, 2, 160, 7, 160, 2, 161, 7, 161, 2, 162, 7, 162, 2, 163, 7, 163, 2, 164, 7, 164, 2, 165, 7, 165, 2, 166, 7, 166, 2, 167, 7, 167, 2, 168, 7, 168, 2, 169, 7, 169, 2, 170, 7, 170, 2, 171, 7, 171, 2, 172, 7, 172, 2, 173, 7, 173, 2, 174, 7, 174, 2, 175, 7, 175, 2, 176, 7, 176, 2, 177, 7, 177, 2, 178, 7, 178, 2, 179, 7, 179, 2, 180, 7, 180, 2, 181, 7, 181, 2, 182, 7, 182, 2, 183, 7, 183, 2, 184, 7, 184, 2, 185, 7, 185, 2, 186, 7, 186, 2, 187, 7, 187, 2, 188, 7, 188, 2, 189, 7, 189, 2, 190, 7, 190, 2, 191, 7, 191, 2, 192, 7, 192, 2, 193, 7, 193, 2, 194, 7, 194, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 8, 1, 8, 1, 8, 1, 8, 1, 8, 1, 8, 1, 8, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 15, 1, 15, 1, 15, 1, 15, 1, 15, 1, 15, 1, 16, 1, 16, 1, 16, 1, 16, 1, 16, 1, 16, 1, 16, 1, 17, 1, 17, 1, 17, 1, 17, 1, 17, 1, 17, 1, 17, 1, 18, 1, 18, 1, 18, 1, 18, 1, 18, 1, 18, 1, 18, 1, 18, 1, 19, 1, 19, 1, 19, 1, 19, 1, 19, 1, 19, 1, 19, 1, 19, 1, 20, 4, 20, 577, 8, 20, 11, 20, 12, 20, 578, 1, 20, 1, 20, 1, 21, 1, 21, 1, 21, 1, 21, 5, 21, 587, 8, 21, 10, 21, 12, 21, 590, 9, 21, 1, 21, 3, 21, 593, 8, 21, 1, 21, 3, 21, 596, 8, 21, 1, 21, 1, 21, 1, 22, 1, 22, 1, 22, 1, 22, 1, 22, 5, 22, 605, 8, 22, 10, 22, 12, 22, 608, 9, 22, 1, 22, 1, 22, 1, 22, 1, 22, 1, 22, 1, 23, 4, 23, 616, 8, 23, 11, 23, 12, 23, 617, 1, 23, 1, 23, 1, 24, 1, 24, 1, 24, 3, 24, 625, 8, 24, 1, 25, 4, 25, 628, 8, 25, 11, 25, 12, 25, 629, 1, 26, 1, 26, 1, 26, 1, 26, 1, 26, 1, 27, 1, 27, 1, 27, 1, 27, 1, 27, 1, 28, 1, 28, 1, 28, 1, 28, 1, 29, 1, 29, 1, 29, 1, 29, 1, 30, 1, 30, 1, 30, 1, 30, 1, 31, 1, 31, 1, 31, 1, 31, 1, 32, 1, 32, 1, 33, 1, 33, 1, 34, 1, 34, 1, 34, 1, 35, 1, 35, 1, 36, 1, 36, 3, 36, 669, 8, 36, 1, 36, 4, 36, 672, 8, 36, 11, 36, 12, 36, 673, 1, 37, 1, 37, 1, 38, 1, 38, 1, 39, 1, 39, 1, 39, 3, 39, 683, 8, 39, 1, 40, 1, 40, 1, 41, 1, 41, 1, 41, 3, 41, 690, 8, 41, 1, 42, 1, 42, 1, 42, 5, 42, 695, 8, 42, 10, 42, 12, 42, 698, 9, 42, 1, 42, 1, 42, 1, 42, 1, 42, 1, 42, 1, 42, 5, 42, 706, 8, 42, 10, 42, 12, 42, 709, 9, 42, 1, 42, 1, 42, 1, 42, 1, 42, 1, 42, 3, 42, 716, 8, 42, 1, 42, 3, 42, 719, 8, 42, 3, 42, 721, 8, 42, 1, 43, 4, 43, 724, 8, 43, 11, 43, 12, 43, 725, 1, 44, 4, 44, 729, 8, 44, 11, 44, 12, 44, 730, 1, 44, 1, 44, 5, 44, 735, 8, 44, 10, 44, 12, 44, 738, 9, 44, 1, 44, 1, 44, 4, 44, 742, 8, 44, 11, 44, 12, 44, 743, 1, 44, 4, 44, 747, 8, 44, 11, 44, 12, 44, 748, 1, 44, 1, 44, 5, 44, 753, 8, 44, 10, 44, 12, 44, 756, 9, 44, 3, 44, 758, 8, 44, 1, 44, 1, 44, 1, 44, 1, 44, 4, 44, 764, 8, 44, 11, 44, 12, 44, 765, 1, 44, 1, 44, 3, 44, 770, 8, 44, 1, 45, 1, 45, 1, 45, 1, 46, 1, 46, 1, 46, 1, 46, 1, 47, 1, 47, 1, 47, 1, 47, 1, 48, 1, 48, 1, 49, 1, 49, 1, 49, 1, 50, 1, 50, 1, 51, 1, 51, 1, 51, 1, 51, 1, 51, 1, 52, 1, 52, 1, 53, 1, 53, 1, 53, 1, 53, 1, 53, 1, 53, 1, 54, 1, 54, 1, 54, 1, 54, 1, 54, 1, 54, 1, 55, 1, 55, 1, 55, 1, 56, 1, 56, 1, 56, 1, 57, 1, 57, 1, 57, 1, 57, 1, 57, 1, 58, 1, 58, 1, 58, 1, 58, 1, 58, 1, 59, 1, 59, 1, 60, 1, 60, 1, 60, 1, 60, 1, 60, 1, 60, 1, 61, 1, 61, 1, 61, 1, 61, 1, 62, 1, 62, 1, 62, 1, 62, 1, 62, 1, 63, 1, 63, 1, 63, 1, 63, 1, 63, 1, 63, 1, 64, 1, 64, 1, 64, 1, 65, 1, 65, 1, 66, 1, 66, 1, 66, 1, 66, 1, 66, 1, 66, 1, 67, 1, 67, 1, 68, 1, 68, 1, 68, 1, 68, 1, 68, 1, 69, 1, 69, 1, 69, 1, 70, 1, 70, 1, 70, 1, 71, 1, 71, 1, 71, 1, 72, 1, 72, 1, 73, 1, 73, 1, 73, 1, 74, 1, 74, 1, 75, 1, 75, 1, 75, 1, 76, 1, 76, 1, 77, 1, 77, 1, 78, 1, 78, 1, 79, 1, 79, 1, 80, 1, 80, 1, 81, 1, 81, 1, 81, 5, 81, 898, 8, 81, 10, 81, 12, 81, 901, 9, 81, 1, 81, 1, 81, 4, 81, 905, 8, 81, 11, 81, 12, 81, 906, 3, 81, 909, 8, 81, 1, 82, 1, 82, 1, 82, 1, 82, 1, 82, 1, 83, 1, 83, 1, 83, 1, 83, 1, 83, 1, 84, 1, 84, 5, 84, 923, 8, 84, 10, 84, 12, 84, 926, 9, 84, 1, 84, 1, 84, 3, 84, 930, 8, 84, 1, 84, 4, 84, 933, 8, 84, 11, 84, 12, 84, 934, 3, 84, 937, 8, 84, 1, 85, 1, 85, 4, 85, 941, 8, 85, 11, 85, 12, 85, 942, 1, 85, 1, 85, 1, 86, 1, 86, 1, 87, 1, 87, 1, 87, 1, 87, 1, 88, 1, 88, 1, 88, 1, 88, 1, 89, 1, 89, 1, 89, 1, 89, 1, 90, 1, 90, 1, 90, 1, 90, 1, 90, 1, 91, 1, 91, 1, 91, 1, 91, 1, 92, 1, 92, 1, 92, 1, 92, 1, 93, 1, 93, 1, 93, 1, 93, 1, 94, 1, 94, 1, 94, 1, 94, 1, 95, 1, 95, 1, 95, 1, 95, 1, 96, 1, 96, 1, 96, 1, 96, 1, 96, 1, 96, 1, 96, 1, 96, 1, 96, 1, 97, 1, 97, 1, 97, 1, 97, 1, 98, 1, 98, 1, 98, 1, 98, 1, 99, 1, 99, 1, 99, 1, 99, 1, 100, 1, 100, 1, 100, 1, 100, 1, 101, 1, 101, 1, 101, 1, 101, 1, 102, 1, 102, 1, 102, 1, 102, 1, 102, 1, 103, 1, 103, 1, 103, 1, 103, 1, 104, 1, 104, 1, 104, 1, 104, 1, 105, 1, 105, 1, 105, 1, 105, 3, 105, 1032, 8, 105, 1, 106, 1, 106, 3, 106, 1036, 8, 106, 1, 106, 5, 106, 1039, 8, 106, 10, 106, 12, 106, 1042, 9, 106, 1, 106, 1, 106, 3, 106, 1046, 8, 106, 1, 106, 4, 106, 1049, 8, 106, 11, 106, 12, 106, 1050, 3, 106, 1053, 8, 106, 1, 107, 1, 107, 4, 107, 1057, 8, 107, 11, 107, 12, 107, 1058, 1, 108, 1, 108, 1, 108, 1, 108, 1, 109, 1, 109, 1, 109, 1, 109, 1, 110, 1, 110, 1, 110, 1, 110, 1, 111, 1, 111, 1, 111, 1, 111, 1, 111, 1, 112, 1, 112, 1, 112, 1, 112, 1, 113, 1, 113, 1, 113, 1, 113, 1, 114, 1, 114, 1, 114, 1, 114, 1, 115, 1, 115, 1, 115, 1, 116, 1, 116, 1, 116, 1, 116, 1, 117, 1, 117, 1, 117, 1, 117, 1, 118, 1, 118, 1, 118, 1, 118, 1, 119, 1, 119, 1, 119, 1, 119, 1, 120, 1, 120, 1, 120, 1, 120, 1, 120, 1, 121, 1, 121, 1, 121, 1, 121, 1, 121, 1, 122, 1, 122, 1, 122, 1, 122, 1, 122, 1, 123, 1, 123, 1, 123, 1, 123, 1, 123, 1, 123, 1, 123, 1, 124, 1, 124, 1, 125, 4, 125, 1134, 8, 125, 11, 125, 12, 125, 1135, 1, 125, 1, 125, 3, 125, 1140, 8, 125, 1, 125, 4, 125, 1143, 8, 125, 11, 125, 12, 125, 1144, 1, 126, 1, 126, 1, 126, 1, 126, 1, 127, 1, 127, 1, 127, 1, 127, 1, 128, 1, 128, 1, 128, 1, 128, 1, 129, 1, 129, 1, 129, 1, 129, 1, 130, 1, 130, 1, 130, 1, 130, 1, 130, 1, 130, 1, 131, 1, 131, 1, 131, 1, 131, 1, 132, 1, 132, 1, 132, 1, 132, 1, 133, 1, 133, 1, 133, 1, 133, 1, 134, 1, 134, 1, 134, 1, 134, 1, 135, 1, 135, 1, 135, 1, 135, 1, 136, 1, 136, 1, 136, 1, 136, 1, 137, 1, 137, 1, 137, 1, 137, 1, 138, 1, 138, 1, 138, 1, 138, 1, 139, 1, 139, 1, 139, 1, 139, 1, 140, 1, 140, 1, 140, 1, 140, 1, 140, 1, 141, 1, 141, 1, 141, 1, 141, 1, 142, 1, 142, 1, 142, 1, 142, 1, 143, 1, 143, 1, 143, 1, 143, 1, 144, 1, 144, 1, 144, 1, 144, 1, 144, 1, 145, 1, 145, 1, 145, 1, 145, 1, 146, 1, 146, 1, 146, 1, 146, 1, 147, 1, 147, 1, 147, 1, 147, 1, 148, 1, 148, 1, 148, 1, 148, 1, 149, 1, 149, 1, 149, 1, 149, 1, 150, 1, 150, 1, 150, 1, 150, 1, 150, 1, 150, 1, 151, 1, 151, 1, 151, 1, 151, 1, 152, 1, 152, 1, 152, 1, 152, 1, 153, 1, 153, 1, 153, 1, 153, 1, 154, 1, 154, 1, 154, 1, 154, 1, 155, 1, 155, 1, 155, 1, 155, 1, 156, 1, 156, 1, 156, 1, 156, 1, 157, 1, 157, 1, 157, 1, 157, 1, 157, 1, 158, 1, 158, 1, 158, 1, 158, 1, 159, 1, 159, 1, 159, 1, 159, 1, 160, 1, 160, 1, 160, 1, 160, 1, 161, 1, 161, 1, 161, 1, 161, 1, 162, 1, 162, 1, 162, 1, 162, 1, 163, 1, 163, 1, 163, 1, 163, 1, 164, 1, 164, 1, 164, 1, 164, 1, 164, 1, 165, 1, 165, 1, 165, 1, 165, 1, 165, 1, 166, 1, 166, 1, 166, 1, 166, 1, 167, 1, 167, 1, 167, 1, 167, 1, 168, 1, 168, 1, 168, 1, 168, 1, 169, 1, 169, 1, 169, 1, 169, 1, 169, 1, 170, 1, 170, 1, 170, 1, 170, 1, 170, 1, 170, 1, 170, 1, 170, 1, 170, 1, 170, 1, 171, 1, 171, 1, 171, 1, 171, 1, 172, 1, 172, 1, 172, 1, 172, 1, 173, 1, 173, 1, 173, 1, 173, 1, 174, 1, 174, 1, 174, 1, 174, 1, 174, 1, 175, 1, 175, 1, 176, 1, 176, 1, 176, 1, 176, 1, 176, 4, 176, 1367, 8, 176, 11, 176, 12, 176, 1368, 1, 177, 1, 177, 1, 177, 1, 177, 1, 178, 1, 178, 1, 178, 1, 178, 1, 179, 1, 179, 1, 179, 1, 179, 1, 180, 1, 180, 1, 180, 1, 180, 1, 180, 1, 181, 1, 181, 1, 181, 1, 181, 1, 181, 1, 181, 1, 182, 1, 182, 1, 182, 1, 182, 1, 182, 1, 182, 1, 183, 1, 183, 1, 183, 1, 183, 1, 184, 1, 184, 1, 184, 1, 184, 1, 185, 1, 185, 1, 185, 1, 185, 1, 186, 1, 186, 1, 186, 1, 186, 1, 186, 1, 186, 1, 187, 1, 187, 1, 187, 1, 187, 1, 187, 1, 187, 1, 188, 1, 188, 1, 188, 1, 188, 1, 189, 1, 189, 1, 189, 1, 189, 1, 190, 1, 190, 1, 190, 1, 190, 1, 191, 1, 191, 1, 191, 1, 191, 1, 191, 1, 191, 1, 192, 1, 192, 1, 192, 1, 192, 1, 192, 1, 192, 1, 193, 1, 193, 1, 193, 1, 193, 1, 193, 1, 193, 1, 194, 1, 194, 1, 194, 1, 194, 1, 194, 2, 606, 707, 0, 195, 16, 1, 18, 2, 20, 3, 22, 4, 24, 5, 26, 6, 28, 7, 30, 8, 32, 9, 34, 10, 36, 11, 38, 12, 40, 13, 42, 14, 44, 15, 46, 16, 48, 17, 50, 18, 52, 19, 54, 20, 56, 21, 58, 22, 60, 23, 62, 24, 64, 0, 66, 25, 68, 0, 70, 0, 72, 26, 74, 27, 76, 28, 78, 29, 80, 0, 82, 0, 84, 0, 86, 0, 88, 0, 90, 0, 92, 0, 94, 0, 96, 0, 98, 0, 100, 30, 102, 31, 104, 32, 106, 33, 108, 34, 110, 35, 112, 36, 114, 37, 116, 38, 118, 39, 120, 40, 122, 41, 124, 42, 126, 43, 128, 44, 130, 45, 132, 46, 134, 47, 136, 48, 138, 49, 140, 50, 142, 51, 144, 52, 146, 53, 148, 54, 150, 55, 152, 56, 154, 57, 156, 58, 158, 59, 160, 60, 162, 61, 164, 62, 166, 63, 168, 64, 170, 65, 172, 66, 174, 67, 176, 68, 178, 69, 180, 70, 182, 71, 184, 72, 186, 0, 188, 73, 190, 74, 192, 75, 194, 76, 196, 0, 198, 0, 200, 0, 202, 0, 204, 0, 206, 0, 208, 77, 210, 0, 212, 0, 214, 78, 216, 79, 218, 80, 220, 0, 222, 0, 224, 0, 226, 0, 228, 0, 230, 81, 232, 82, 234, 83, 236, 84, 238, 0, 240, 0, 242, 0, 244, 0, 246, 85, 248, 0, 250, 86, 252, 87, 254, 88, 256, 0, 258, 0, 260, 89, 262, 90, 264, 0, 266, 91, 268, 0, 270, 92, 272, 93, 274, 94, 276, 0, 278, 0, 280, 0, 282, 0, 284, 0, 286, 0, 288, 0, 290, 95, 292, 96, 294, 97, 296, 0, 298, 0, 300, 0, 302, 0, 304, 0, 306, 0, 308, 0, 310, 98, 312, 99, 314, 100, 316, 0, 318, 0, 320, 0, 322, 0, 324, 101, 326, 102, 328, 103, 330, 0, 332, 0, 334, 0, 336, 0, 338, 104, 340, 105, 342, 106, 344, 0, 346, 107, 348, 108, 350, 109, 352, 110, 354, 0, 356, 111, 358, 112, 360, 113, 362, 114, 364, 0, 366, 115, 368, 116, 370, 117, 372, 118, 374, 119, 376, 0, 378, 0, 380, 0, 382, 120, 384, 121, 386, 122, 388, 0, 390, 0, 392, 123, 394, 124, 396, 125, 398, 0, 400, 0, 402, 0, 404, 0, 16, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 35, 2, 0, 68, 68, 100, 100, 2, 0, 73, 73, 105, 105, 2, 0, 83, 83, 115, 115, 2, 0, 69, 69, 101, 101, 2, 0, 67, 67, 99, 99, 2, 0, 84, 84, 116, 116, 2, 0, 82, 82, 114, 114, 2, 0, 79, 79, 111, 111, 2, 0, 80, 80, 112, 112, 2, 0, 78, 78, 110, 110, 2, 0, 72, 72, 104, 104, 2, 0, 86, 86, 118, 118, 2, 0, 65, 65, 97, 97, 2, 0, 76, 76, 108, 108, 2, 0, 88, 88, 120, 120, 2, 0, 70, 70, 102, 102, 2, 0, 77, 77, 109, 109, 2, 0, 71, 71, 103, 103, 2, 0, 75, 75, 107, 107, 2, 0, 85, 85, 117, 117, 2, 0, 87, 87, 119, 119, 6, 0, 9, 10, 13, 13, 32, 32, 47, 47, 91, 91, 93, 93, 2, 0, 10, 10, 13, 13, 3, 0, 9, 10, 13, 13, 32, 32, 11, 0, 9, 10, 13, 13, 32, 32, 34, 34, 44, 44, 47, 47, 58, 58, 61, 61, 91, 91, 93, 93, 124, 124, 2, 0, 42, 42, 47, 47, 1, 0, 48, 57, 2, 0, 65, 90, 97, 122, 8, 0, 34, 34, 78, 78, 82, 82, 84, 84, 92, 92, 110, 110, 114, 114, 116, 116, 4, 0, 10, 10, 13, 13, 34, 34, 92, 92, 2, 0, 43, 43, 45, 45, 1, 0, 96, 96, 2, 0, 66, 66, 98, 98, 2, 0, 89, 89, 121, 121, 11, 0, 9, 10, 13, 13, 32, 32, 34, 35, 44, 44, 47, 47, 58, 58, 60, 60, 62, 63, 92, 92, 124, 124, 1484, 0, 16, 1, 0, 0, 0, 0, 18, 1, 0, 0, 0, 0, 20, 1, 0, 0, 0, 0, 22, 1, 0, 0, 0, 0, 24, 1, 0, 0, 0, 0, 26, 1, 0, 0, 0, 0, 28, 1, 0, 0, 0, 0, 30, 1, 0, 0, 0, 0, 32, 1, 0, 0, 0, 0, 34, 1, 0, 0, 0, 0, 36, 1, 0, 0, 0, 0, 38, 1, 0, 0, 0, 0, 40, 1, 0, 0, 0, 0, 42, 1, 0, 0, 0, 0, 44, 1, 0, 0, 0, 0, 46, 1, 0, 0, 0, 0, 48, 1, 0, 0, 0, 0, 50, 1, 0, 0, 0, 0, 52, 1, 0, 0, 0, 0, 54, 1, 0, 0, 0, 0, 56, 1, 0, 0, 0, 0, 58, 1, 0, 0, 0, 0, 60, 1, 0, 0, 0, 0, 62, 1, 0, 0, 0, 0, 66, 1, 0, 0, 0, 1, 68, 1, 0, 0, 0, 1, 70, 1, 0, 0, 0, 1, 72, 1, 0, 0, 0, 1, 74, 1, 0, 0, 0, 1, 76, 1, 0, 0, 0, 2, 78, 1, 0, 0, 0, 2, 100, 1, 0, 0, 0, 2, 102, 1, 0, 0, 0, 2, 104, 1, 0, 0, 0, 2, 106, 1, 0, 0, 0, 2, 108, 1, 0, 0, 0, 2, 110, 1, 0, 0, 0, 2, 112, 1, 0, 0, 0, 2, 114, 1, 0, 0, 0, 2, 116, 1, 0, 0, 0, 2, 118, 1, 0, 0, 0, 2, 120, 1, 0, 0, 0, 2, 122, 1, 0, 0, 0, 2, 124, 1, 0, 0, 0, 2, 126, 1, 0, 0, 0, 2, 128, 1, 0, 0, 0, 2, 130, 1, 0, 0, 0, 2, 132, 1, 0, 0, 0, 2, 134, 1, 0, 0, 0, 2, 136, 1, 0, 0, 0, 2, 138, 1, 0, 0, 0, 2, 140, 1, 0, 0, 0, 2, 142, 1, 0, 0, 0, 2, 144, 1, 0, 0, 0, 2, 146, 1, 0, 0, 0, 2, 148, 1, 0, 0, 0, 2, 150, 1, 0, 0, 0, 2, 152, 1, 0, 0, 0, 2, 154, 1, 0, 0, 0, 2, 156, 1, 0, 0, 0, 2, 158, 1, 0, 0, 0, 2, 160, 1, 0, 0, 0, 2, 162, 1, 0, 0, 0, 2, 164, 1, 0, 0, 0, 2, 166, 1, 0, 0, 0, 2, 168, 1, 0, 0, 0, 2, 170, 1, 0, 0, 0, 2, 172, 1, 0, 0, 0, 2, 174, 1, 0, 0, 0, 2, 176, 1, 0, 0, 0, 2, 178, 1, 0, 0, 0, 2, 180, 1, 0, 0, 0, 2, 182, 1, 0, 0, 0, 2, 184, 1, 0, 0, 0, 2, 188, 1, 0, 0, 0, 2, 190, 1, 0, 0, 0, 2, 192, 1, 0, 0, 0, 2, 194, 1, 0, 0, 0, 3, 196, 1, 0, 0, 0, 3, 198, 1, 0, 0, 0, 3, 200, 1, 0, 0, 0, 3, 202, 1, 0, 0, 0, 3, 204, 1, 0, 0, 0, 3, 206, 1, 0, 0, 0, 3, 208, 1, 0, 0, 0, 3, 210, 1, 0, 0, 0, 3, 212, 1, 0, 0, 0, 3, 214, 1, 0, 0, 0, 3, 216, 1, 0, 0, 0, 3, 218, 1, 0, 0, 0, 4, 220, 1, 0, 0, 0, 4, 222, 1, 0, 0, 0, 4, 224, 1, 0, 0, 0, 4, 230, 1, 0, 0, 0, 4, 232, 1, 0, 0, 0, 4, 234, 1, 0, 0, 0, 4, 236, 1, 0, 0, 0, 5, 238, 1, 0, 0, 0, 5, 240, 1, 0, 0, 0, 5, 242, 1, 0, 0, 0, 5, 244, 1, 0, 0, 0, 5, 246, 1, 0, 0, 0, 5, 248, 1, 0, 0, 0, 5, 250, 1, 0, 0, 0, 5, 252, 1, 0, 0, 0, 5, 254, 1, 0, 0, 0, 6, 256, 1, 0, 0, 0, 6, 258, 1, 0, 0, 0, 6, 260, 1, 0, 0, 0, 6, 262, 1, 0, 0, 0, 6, 266, 1, 0, 0, 0, 6, 268, 1, 0, 0, 0, 6, 270, 1, 0, 0, 0, 6, 272, 1, 0, 0, 0, 6, 274, 1, 0, 0, 0, 7, 276, 1, 0, 0, 0, 7, 278, 1, 0, 0, 0, 7, 280, 1, 0, 0, 0, 7, 282, 1, 0, 0, 0, 7, 284, 1, 0, 0, 0, 7, 286, 1, 0, 0, 0, 7, 288, 1, 0, 0, 0, 7, 290, 1, 0, 0, 0, 7, 292, 1, 0, 0, 0, 7, 294, 1, 0, 0, 0, 8, 296, 1, 0, 0, 0, 8, 298, 1, 0, 0, 0, 8, 300, 1, 0, 0, 0, 8, 302, 1, 0, 0, 0, 8, 304, 1, 0, 0, 0, 8, 306, 1, 0, 0, 0, 8, 308, 1, 0, 0, 0, 8, 310, 1, 0, 0, 0, 8, 312, 1, 0, 0, 0, 8, 314, 1, 0, 0, 0, 9, 316, 1, 0, 0, 0, 9, 318, 1, 0, 0, 0, 9, 320, 1, 0, 0, 0, 9, 322, 1, 0, 0, 0, 9, 324, 1, 0, 0, 0, 9, 326, 1, 0, 0, 0, 9, 328, 1, 0, 0, 0, 10, 330, 1, 0, 0, 0, 10, 332, 1, 0, 0, 0, 10, 334, 1, 0, 0, 0, 10, 336, 1, 0, 0, 0, 10, 338, 1, 0, 0, 0, 10, 340, 1, 0, 0, 0, 10, 342, 1, 0, 0, 0, 11, 344, 1, 0, 0, 0, 11, 346, 1, 0, 0, 0, 11, 348, 1, 0, 0, 0, 11, 350, 1, 0, 0, 0, 11, 352, 1, 0, 0, 0, 12, 354, 1, 0, 0, 0, 12, 356, 1, 0, 0, 0, 12, 358, 1, 0, 0, 0, 12, 360, 1, 0, 0, 0, 12, 362, 1, 0, 0, 0, 13, 364, 1, 0, 0, 0, 13, 366, 1, 0, 0, 0, 13, 368, 1, 0, 0, 0, 13, 370, 1, 0, 0, 0, 13, 372, 1, 0, 0, 0, 13, 374, 1, 0, 0, 0, 14, 376, 1, 0, 0, 0, 14, 378, 1, 0, 0, 0, 14, 380, 1, 0, 0, 0, 14, 382, 1, 0, 0, 0, 14, 384, 1, 0, 0, 0, 14, 386, 1, 0, 0, 0, 15, 388, 1, 0, 0, 0, 15, 390, 1, 0, 0, 0, 15, 392, 1, 0, 0, 0, 15, 394, 1, 0, 0, 0, 15, 396, 1, 0, 0, 0, 15, 398, 1, 0, 0, 0, 15, 400, 1, 0, 0, 0, 15, 402, 1, 0, 0, 0, 15, 404, 1, 0, 0, 0, 16, 406, 1, 0, 0, 0, 18, 416, 1, 0, 0, 0, 20, 423, 1, 0, 0, 0, 22, 432, 1, 0, 0, 0, 24, 439, 1, 0, 0, 0, 26, 449, 1, 0, 0, 0, 28, 456, 1, 0, 0, 0, 30, 463, 1, 0, 0, 0, 32, 477, 1, 0, 0, 0, 34, 484, 1, 0, 0, 0, 36, 492, 1, 0, 0, 0, 38, 501, 1, 0, 0, 0, 40, 508, 1, 0, 0, 0, 42, 518, 1, 0, 0, 0, 44, 530, 1, 0, 0, 0, 46, 539, 1, 0, 0, 0, 48, 545, 1, 0, 0, 0, 50, 552, 1, 0, 0, 0, 52, 559, 1, 0, 0, 0, 54, 567, 1, 0, 0, 0, 56, 576, 1, 0, 0, 0, 58, 582, 1, 0, 0, 0, 60, 599, 1, 0, 0, 0, 62, 615, 1, 0, 0, 0, 64, 624, 1, 0, 0, 0, 66, 627, 1, 0, 0, 0, 68, 631, 1, 0, 0, 0, 70, 636, 1, 0, 0, 0, 72, 641, 1, 0, 0, 0, 74, 645, 1, 0, 0, 0, 76, 649, 1, 0, 0, 0, 78, 653, 1, 0, 0, 0, 80, 657, 1, 0, 0, 0, 82, 659, 1, 0, 0, 0, 84, 661, 1, 0, 0, 0, 86, 664, 1, 0, 0, 0, 88, 666, 1, 0, 0, 0, 90, 675, 1, 0, 0, 0, 92, 677, 1, 0, 0, 0, 94, 682, 1, 0, 0, 0, 96, 684, 1, 0, 0, 0, 98, 689, 1, 0, 0, 0, 100, 720, 1, 0, 0, 0, 102, 723, 1, 0, 0, 0, 104, 769, 1, 0, 0, 0, 106, 771, 1, 0, 0, 0, 108, 774, 1, 0, 0, 0, 110, 778, 1, 0, 0, 0, 112, 782, 1, 0, 0, 0, 114, 784, 1, 0, 0, 0, 116, 787, 1, 0, 0, 0, 118, 789, 1, 0, 0, 0, 120, 794, 1, 0, 0, 0, 122, 796, 1, 0, 0, 0, 124, 802, 1, 0, 0, 0, 126, 808, 1, 0, 0, 0, 128, 811, 1, 0, 0, 0, 130, 814, 1, 0, 0, 0, 132, 819, 1, 0, 0, 0, 134, 824, 1, 0, 0, 0, 136, 826, 1, 0, 0, 0, 138, 832, 1, 0, 0, 0, 140, 836, 1, 0, 0, 0, 142, 841, 1, 0, 0, 0, 144, 847, 1, 0, 0, 0, 146, 850, 1, 0, 0, 0, 148, 852, 1, 0, 0, 0, 150, 858, 1, 0, 0, 0, 152, 860, 1, 0, 0, 0, 154, 865, 1, 0, 0, 0, 156, 868, 1, 0, 0, 0, 158, 871, 1, 0, 0, 0, 160, 874, 1, 0, 0, 0, 162, 876, 1, 0, 0, 0, 164, 879, 1, 0, 0, 0, 166, 881, 1, 0, 0, 0, 168, 884, 1, 0, 0, 0, 170, 886, 1, 0, 0, 0, 172, 888, 1, 0, 0, 0, 174, 890, 1, 0, 0, 0, 176, 892, 1, 0, 0, 0, 178, 908, 1, 0, 0, 0, 180, 910, 1, 0, 0, 0, 182, 915, 1, 0, 0, 0, 184, 936, 1, 0, 0, 0, 186, 938, 1, 0, 0, 0, 188, 946, 1, 0, 0, 0, 190, 948, 1, 0, 0, 0, 192, 952, 1, 0, 0, 0, 194, 956, 1, 0, 0, 0, 196, 960, 1, 0, 0, 0, 198, 965, 1, 0, 0, 0, 200, 969, 1, 0, 0, 0, 202, 973, 1, 0, 0, 0, 204, 977, 1, 0, 0, 0, 206, 981, 1, 0, 0, 0, 208, 985, 1, 0, 0, 0, 210, 994, 1, 0, 0, 0, 212, 998, 1, 0, 0, 0, 214, 1002, 1, 0, 0, 0, 216, 1006, 1, 0, 0, 0, 218, 1010, 1, 0, 0, 0, 220, 1014, 1, 0, 0, 0, 222, 1019, 1, 0, 0, 0, 224, 1023, 1, 0, 0, 0, 226, 1031, 1, 0, 0, 0, 228, 1052, 1, 0, 0, 0, 230, 1056, 1, 0, 0, 0, 232, 1060, 1, 0, 0, 0, 234, 1064, 1, 0, 0, 0, 236, 1068, 1, 0, 0, 0, 238, 1072, 1, 0, 0, 0, 240, 1077, 1, 0, 0, 0, 242, 1081, 1, 0, 0, 0, 244, 1085, 1, 0, 0, 0, 246, 1089, 1, 0, 0, 0, 248, 1092, 1, 0, 0, 0, 250, 1096, 1, 0, 0, 0, 252, 1100, 1, 0, 0, 0, 254, 1104, 1, 0, 0, 0, 256, 1108, 1, 0, 0, 0, 258, 1113, 1, 0, 0, 0, 260, 1118, 1, 0, 0, 0, 262, 1123, 1, 0, 0, 0, 264, 1130, 1, 0, 0, 0, 266, 1139, 1, 0, 0, 0, 268, 1146, 1, 0, 0, 0, 270, 1150, 1, 0, 0, 0, 272, 1154, 1, 0, 0, 0, 274, 1158, 1, 0, 0, 0, 276, 1162, 1, 0, 0, 0, 278, 1168, 1, 0, 0, 0, 280, 1172, 1, 0, 0, 0, 282, 1176, 1, 0, 0, 0, 284, 1180, 1, 0, 0, 0, 286, 1184, 1, 0, 0, 0, 288, 1188, 1, 0, 0, 0, 290, 1192, 1, 0, 0, 0, 292, 1196, 1, 0, 0, 0, 294, 1200, 1, 0, 0, 0, 296, 1204, 1, 0, 0, 0, 298, 1209, 1, 0, 0, 0, 300, 1213, 1, 0, 0, 0, 302, 1217, 1, 0, 0, 0, 304, 1221, 1, 0, 0, 0, 306, 1226, 1, 0, 0, 0, 308, 1230, 1, 0, 0, 0, 310, 1234, 1, 0, 0, 0, 312, 1238, 1, 0, 0, 0, 314, 1242, 1, 0, 0, 0, 316, 1246, 1, 0, 0, 0, 318, 1252, 1, 0, 0, 0, 320, 1256, 1, 0, 0, 0, 322, 1260, 1, 0, 0, 0, 324, 1264, 1, 0, 0, 0, 326, 1268, 1, 0, 0, 0, 328, 1272, 1, 0, 0, 0, 330, 1276, 1, 0, 0, 0, 332, 1281, 1, 0, 0, 0, 334, 1285, 1, 0, 0, 0, 336, 1289, 1, 0, 0, 0, 338, 1293, 1, 0, 0, 0, 340, 1297, 1, 0, 0, 0, 342, 1301, 1, 0, 0, 0, 344, 1305, 1, 0, 0, 0, 346, 1310, 1, 0, 0, 0, 348, 1315, 1, 0, 0, 0, 350, 1319, 1, 0, 0, 0, 352, 1323, 1, 0, 0, 0, 354, 1327, 1, 0, 0, 0, 356, 1332, 1, 0, 0, 0, 358, 1342, 1, 0, 0, 0, 360, 1346, 1, 0, 0, 0, 362, 1350, 1, 0, 0, 0, 364, 1354, 1, 0, 0, 0, 366, 1359, 1, 0, 0, 0, 368, 1366, 1, 0, 0, 0, 370, 1370, 1, 0, 0, 0, 372, 1374, 1, 0, 0, 0, 374, 1378, 1, 0, 0, 0, 376, 1382, 1, 0, 0, 0, 378, 1387, 1, 0, 0, 0, 380, 1393, 1, 0, 0, 0, 382, 1399, 1, 0, 0, 0, 384, 1403, 1, 0, 0, 0, 386, 1407, 1, 0, 0, 0, 388, 1411, 1, 0, 0, 0, 390, 1417, 1, 0, 0, 0, 392, 1423, 1, 0, 0, 0, 394, 1427, 1, 0, 0, 0, 396, 1431, 1, 0, 0, 0, 398, 1435, 1, 0, 0, 0, 400, 1441, 1, 0, 0, 0, 402, 1447, 1, 0, 0, 0, 404, 1453, 1, 0, 0, 0, 406, 407, 7, 0, 0, 0, 407, 408, 7, 1, 0, 0, 408, 409, 7, 2, 0, 0, 409, 410, 7, 2, 0, 0, 410, 411, 7, 3, 0, 0, 411, 412, 7, 4, 0, 0, 412, 413, 7, 5, 0, 0, 413, 414, 1, 0, 0, 0, 414, 415, 6, 0, 0, 0, 415, 17, 1, 0, 0, 0, 416, 417, 7, 0, 0, 0, 417, 418, 7, 6, 0, 0, 418, 419, 7, 7, 0, 0, 419, 420, 7, 8, 0, 0, 420, 421, 1, 0, 0, 0, 421, 422, 6, 1, 1, 0, 422, 19, 1, 0, 0, 0, 423, 424, 7, 3, 0, 0, 424, 425, 7, 9, 0, 0, 425, 426, 7, 6, 0, 0, 426, 427, 7, 1, 0, 0, 427, 428, 7, 4, 0, 0, 428, 429, 7, 10, 0, 0, 429, 430, 1, 0, 0, 0, 430, 431, 6, 2, 2, 0, 431, 21, 1, 0, 0, 0, 432, 433, 7, 3, 0, 0, 433, 434, 7, 11, 0, 0, 434, 435, 7, 12, 0, 0, 435, 436, 7, 13, 0, 0, 436, 437, 1, 0, 0, 0, 437, 438, 6, 3, 0, 0, 438, 23, 1, 0, 0, 0, 439, 440, 7, 3, 0, 0, 440, 441, 7, 14, 0, 0, 441, 442, 7, 8, 0, 0, 442, 443, 7, 13, 0, 0, 443, 444, 7, 12, 0, 0, 444, 445, 7, 1, 0, 0, 445, 446, 7, 9, 0, 0, 446, 447, 1, 0, 0, 0, 447, 448, 6, 4, 3, 0, 448, 25, 1, 0, 0, 0, 449, 450, 7, 15, 0, 0, 450, 451, 7, 6, 0, 0, 451, 452, 7, 7, 0, 0, 452, 453, 7, 16, 0, 0, 453, 454, 1, 0, 0, 0, 454, 455, 6, 5, 4, 0, 455, 27, 1, 0, 0, 0, 456, 457, 7, 17, 0, 0, 457, 458, 7, 6, 0, 0, 458, 459, 7, 7, 0, 0, 459, 460, 7, 18, 0, 0, 460, 461, 1, 0, 0, 0, 461, 462, 6, 6, 0, 0, 462, 29, 1, 0, 0, 0, 463, 464, 7, 1, 0, 0, 464, 465, 7, 9, 0, 0, 465, 466, 7, 13, 0, 0, 466, 467, 7, 1, 0, 0, 467, 468, 7, 9, 0, 0, 468, 469, 7, 3, 0, 0, 469, 470, 7, 2, 0, 0, 470, 471, 7, 5, 0, 0, 471, 472, 7, 12, 0, 0, 472, 473, 7, 5, 0, 0, 473, 474, 7, 2, 0, 0, 474, 475, 1, 0, 0, 0, 475, 476, 6, 7, 0, 0, 476, 31, 1, 0, 0, 0, 477, 478, 7, 18, 0, 0, 478, 479, 7, 3, 0, 0, 479, 480, 7, 3, 0, 0, 480, 481, 7, 8, 0, 0, 481, 482, 1, 0, 0, 0, 482, 483, 6, 8, 1, 0, 483, 33, 1, 0, 0, 0, 484, 485, 7, 13, 0, 0, 485, 486, 7, 1, 0, 0, 486, 487, 7, 16, 0, 0, 487, 488, 7, 1, 0, 0, 488, 489, 7, 5, 0, 0, 489, 490, 1, 0, 0, 0, 490, 491, 6, 9, 0, 0, 491, 35, 1, 0, 0, 0, 492, 493, 7, 13, 0, 0, 493, 494, 7, 7, 0, 0, 494, 495, 7, 7, 0, 0, 495, 496, 7, 18, 0, 0, 496, 497, 7, 19, 0, 0, 497, 498, 7, 8, 0, 0, 498, 499, 1, 0, 0, 0, 499, 500, 6, 10, 5, 0, 500, 37, 1, 0, 0, 0, 501, 502, 7, 16, 0, 0, 502, 503, 7, 3, 0, 0, 503, 504, 7, 5, 0, 0, 504, 505, 7, 12, 0, 0, 505, 506, 1, 0, 0, 0, 506, 507, 6, 11, 6, 0, 507, 39, 1, 0, 0, 0, 508, 509, 7, 16, 0, 0, 509, 510, 7, 3, 0, 0, 510, 511, 7, 5, 0, 0, 511, 512, 7, 6, 0, 0, 512, 513, 7, 1, 0, 0, 513, 514, 7, 4, 0, 0, 514, 515, 7, 2, 0, 0, 515, 516, 1, 0, 0, 0, 516, 517, 6, 12, 7, 0, 517, 41, 1, 0, 0, 0, 518, 519, 7, 16, 0, 0, 519, 520, 7, 11, 0, 0, 520, 521, 5, 95, 0, 0, 521, 522, 7, 3, 0, 0, 522, 523, 7, 14, 0, 0, 523, 524, 7, 8, 0, 0, 524, 525, 7, 12, 0, 0, 525, 526, 7, 9, 0, 0, 526, 527, 7, 0, 0, 0, 527, 528, 1, 0, 0, 0, 528, 529, 6, 13, 8, 0, 529, 43, 1, 0, 0, 0, 530, 531, 7, 6, 0, 0, 531, 532, 7, 3, 0, 0, 532, 533, 7, 9, 0, 0, 533, 534, 7, 12, 0, 0, 534, 535, 7, 16, 0, 0, 535, 536, 7, 3, 0, 0, 536, 537, 1, 0, 0, 0, 537, 538, 6, 14, 9, 0, 538, 45, 1, 0, 0, 0, 539, 540, 7, 6, 0, 0, 540, 541, 7, 7, 0, 0, 541, 542, 7, 20, 0, 0, 542, 543, 1, 0, 0, 0, 543, 544, 6, 15, 0, 0, 544, 47, 1, 0, 0, 0, 545, 546, 7, 2, 0, 0, 546, 547, 7, 10, 0, 0, 547, 548, 7, 7, 0, 0, 548, 549, 7, 20, 0, 0, 549, 550, 1, 0, 0, 0, 550, 551, 6, 16, 10, 0, 551, 49, 1, 0, 0, 0, 552, 553, 7, 2, 0, 0, 553, 554, 7, 7, 0, 0, 554, 555, 7, 6, 0, 0, 555, 556, 7, 5, 0, 0, 556, 557, 1, 0, 0, 0, 557, 558, 6, 17, 0, 0, 558, 51, 1, 0, 0, 0, 559, 560, 7, 2, 0, 0, 560, 561, 7, 5, 0, 0, 561, 562, 7, 12, 0, 0, 562, 563, 7, 5, 0, 0, 563, 564, 7, 2, 0, 0, 564, 565, 1, 0, 0, 0, 565, 566, 6, 18, 0, 0, 566, 53, 1, 0, 0, 0, 567, 568, 7, 20, 0, 0, 568, 569, 7, 10, 0, 0, 569, 570, 7, 3, 0, 0, 570, 571, 7, 6, 0, 0, 571, 572, 7, 3, 0, 0, 572, 573, 1, 0, 0, 0, 573, 574, 6, 19, 0, 0, 574, 55, 1, 0, 0, 0, 575, 577, 8, 21, 0, 0, 576, 575, 1, 0, 0, 0, 577, 578, 1, 0, 0, 0, 578, 576, 1, 0, 0, 0, 578, 579, 1, 0, 0, 0, 579, 580, 1, 0, 0, 0, 580, 581, 6, 20, 0, 0, 581, 57, 1, 0, 0, 0, 582, 583, 5, 47, 0, 0, 583, 584, 5, 47, 0, 0, 584, 588, 1, 0, 0, 0, 585, 587, 8, 22, 0, 0, 586, 585, 1, 0, 0, 0, 587, 590, 1, 0, 0, 0, 588, 586, 1, 0, 0, 0, 588, 589, 1, 0, 0, 0, 589, 592, 1, 0, 0, 0, 590, 588, 1, 0, 0, 0, 591, 593, 5, 13, 0, 0, 592, 591, 1, 0, 0, 0, 592, 593, 1, 0, 0, 0, 593, 595, 1, 0, 0, 0, 594, 596, 5, 10, 0, 0, 595, 594, 1, 0, 0, 0, 595, 596, 1, 0, 0, 0, 596, 597, 1, 0, 0, 0, 597, 598, 6, 21, 11, 0, 598, 59, 1, 0, 0, 0, 599, 600, 5, 47, 0, 0, 600, 601, 5, 42, 0, 0, 601, 606, 1, 0, 0, 0, 602, 605, 3, 60, 22, 0, 603, 605, 9, 0, 0, 0, 604, 602, 1, 0, 0, 0, 604, 603, 1, 0, 0, 0, 605, 608, 1, 0, 0, 0, 606, 607, 1, 0, 0, 0, 606, 604, 1, 0, 0, 0, 607, 609, 1, 0, 0, 0, 608, 606, 1, 0, 0, 0, 609, 610, 5, 42, 0, 0, 610, 611, 5, 47, 0, 0, 611, 612, 1, 0, 0, 0, 612, 613, 6, 22, 11, 0, 613, 61, 1, 0, 0, 0, 614, 616, 7, 23, 0, 0, 615, 614, 1, 0, 0, 0, 616, 617, 1, 0, 0, 0, 617, 615, 1, 0, 0, 0, 617, 618, 1, 0, 0, 0, 618, 619, 1, 0, 0, 0, 619, 620, 6, 23, 11, 0, 620, 63, 1, 0, 0, 0, 621, 625, 8, 24, 0, 0, 622, 623, 5, 47, 0, 0, 623, 625, 8, 25, 0, 0, 624, 621, 1, 0, 0, 0, 624, 622, 1, 0, 0, 0, 625, 65, 1, 0, 0, 0, 626, 628, 3, 64, 24, 0, 627, 626, 1, 0, 0, 0, 628, 629, 1, 0, 0, 0, 629, 627, 1, 0, 0, 0, 629, 630, 1, 0, 0, 0, 630, 67, 1, 0, 0, 0, 631, 632, 3, 180, 82, 0, 632, 633, 1, 0, 0, 0, 633, 634, 6, 26, 12, 0, 634, 635, 6, 26, 13, 0, 635, 69, 1, 0, 0, 0, 636, 637, 3, 78, 31, 0, 637, 638, 1, 0, 0, 0, 638, 639, 6, 27, 14, 0, 639, 640, 6, 27, 15, 0, 640, 71, 1, 0, 0, 0, 641, 642, 3, 62, 23, 0, 642, 643, 1, 0, 0, 0, 643, 644, 6, 28, 11, 0, 644, 73, 1, 0, 0, 0, 645, 646, 3, 58, 21, 0, 646, 647, 1, 0, 0, 0, 647, 648, 6, 29, 11, 0, 648, 75, 1, 0, 0, 0, 649, 650, 3, 60, 22, 0, 650, 651, 1, 0, 0, 0, 651, 652, 6, 30, 11, 0, 652, 77, 1, 0, 0, 0, 653, 654, 5, 124, 0, 0, 654, 655, 1, 0, 0, 0, 655, 656, 6, 31, 15, 0, 656, 79, 1, 0, 0, 0, 657, 658, 7, 26, 0, 0, 658, 81, 1, 0, 0, 0, 659, 660, 7, 27, 0, 0, 660, 83, 1, 0, 0, 0, 661, 662, 5, 92, 0, 0, 662, 663, 7, 28, 0, 0, 663, 85, 1, 0, 0, 0, 664, 665, 8, 29, 0, 0, 665, 87, 1, 0, 0, 0, 666, 668, 7, 3, 0, 0, 667, 669, 7, 30, 0, 0, 668, 667, 1, 0, 0, 0, 668, 669, 1, 0, 0, 0, 669, 671, 1, 0, 0, 0, 670, 672, 3, 80, 32, 0, 671, 670, 1, 0, 0, 0, 672, 673, 1, 0, 0, 0, 673, 671, 1, 0, 0, 0, 673, 674, 1, 0, 0, 0, 674, 89, 1, 0, 0, 0, 675, 676, 5, 64, 0, 0, 676, 91, 1, 0, 0, 0, 677, 678, 5, 96, 0, 0, 678, 93, 1, 0, 0, 0, 679, 683, 8, 31, 0, 0, 680, 681, 5, 96, 0, 0, 681, 683, 5, 96, 0, 0, 682, 679, 1, 0, 0, 0, 682, 680, 1, 0, 0, 0, 683, 95, 1, 0, 0, 0, 684, 685, 5, 95, 0, 0, 685, 97, 1, 0, 0, 0, 686, 690, 3, 82, 33, 0, 687, 690, 3, 80, 32, 0, 688, 690, 3, 96, 40, 0, 689, 686, 1, 0, 0, 0, 689, 687, 1, 0, 0, 0, 689, 688, 1, 0, 0, 0, 690, 99, 1, 0, 0, 0, 691, 696, 5, 34, 0, 0, 692, 695, 3, 84, 34, 0, 693, 695, 3, 86, 35, 0, 694, 692, 1, 0, 0, 0, 694, 693, 1, 0, 0, 0, 695, 698, 1, 0, 0, 0, 696, 694, 1, 0, 0, 0, 696, 697, 1, 0, 0, 0, 697, 699, 1, 0, 0, 0, 698, 696, 1, 0, 0, 0, 699, 721, 5, 34, 0, 0, 700, 701, 5, 34, 0, 0, 701, 702, 5, 34, 0, 0, 702, 703, 5, 34, 0, 0, 703, 707, 1, 0, 0, 0, 704, 706, 8, 22, 0, 0, 705, 704, 1, 0, 0, 0, 706, 709, 1, 0, 0, 0, 707, 708, 1, 0, 0, 0, 707, 705, 1, 0, 0, 0, 708, 710, 1, 0, 0, 0, 709, 707, 1, 0, 0, 0, 710, 711, 5, 34, 0, 0, 711, 712, 5, 34, 0, 0, 712, 713, 5, 34, 0, 0, 713, 715, 1, 0, 0, 0, 714, 716, 5, 34, 0, 0, 715, 714, 1, 0, 0, 0, 715, 716, 1, 0, 0, 0, 716, 718, 1, 0, 0, 0, 717, 719, 5, 34, 0, 0, 718, 717, 1, 0, 0, 0, 718, 719, 1, 0, 0, 0, 719, 721, 1, 0, 0, 0, 720, 691, 1, 0, 0, 0, 720, 700, 1, 0, 0, 0, 721, 101, 1, 0, 0, 0, 722, 724, 3, 80, 32, 0, 723, 722, 1, 0, 0, 0, 724, 725, 1, 0, 0, 0, 725, 723, 1, 0, 0, 0, 725, 726, 1, 0, 0, 0, 726, 103, 1, 0, 0, 0, 727, 729, 3, 80, 32, 0, 728, 727, 1, 0, 0, 0, 729, 730, 1, 0, 0, 0, 730, 728, 1, 0, 0, 0, 730, 731, 1, 0, 0, 0, 731, 732, 1, 0, 0, 0, 732, 736, 3, 120, 52, 0, 733, 735, 3, 80, 32, 0, 734, 733, 1, 0, 0, 0, 735, 738, 1, 0, 0, 0, 736, 734, 1, 0, 0, 0, 736, 737, 1, 0, 0, 0, 737, 770, 1, 0, 0, 0, 738, 736, 1, 0, 0, 0, 739, 741, 3, 120, 52, 0, 740, 742, 3, 80, 32, 0, 741, 740, 1, 0, 0, 0, 742, 743, 1, 0, 0, 0, 743, 741, 1, 0, 0, 0, 743, 744, 1, 0, 0, 0, 744, 770, 1, 0, 0, 0, 745, 747, 3, 80, 32, 0, 746, 745, 1, 0, 0, 0, 747, 748, 1, 0, 0, 0, 748, 746, 1, 0, 0, 0, 748, 749, 1, 0, 0, 0, 749, 757, 1, 0, 0, 0, 750, 754, 3, 120, 52, 0, 751, 753, 3, 80, 32, 0, 752, 751, 1, 0, 0, 0, 753, 756, 1, 0, 0, 0, 754, 752, 1, 0, 0, 0, 754, 755, 1, 0, 0, 0, 755, 758, 1, 0, 0, 0, 756, 754, 1, 0, 0, 0, 757, 750, 1, 0, 0, 0, 757, 758, 1, 0, 0, 0, 758, 759, 1, 0, 0, 0, 759, 760, 3, 88, 36, 0, 760, 770, 1, 0, 0, 0, 761, 763, 3, 120, 52, 0, 762, 764, 3, 80, 32, 0, 763, 762, 1, 0, 0, 0, 764, 765, 1, 0, 0, 0, 765, 763, 1, 0, 0, 0, 765, 766, 1, 0, 0, 0, 766, 767, 1, 0, 0, 0, 767, 768, 3, 88, 36, 0, 768, 770, 1, 0, 0, 0, 769, 728, 1, 0, 0, 0, 769, 739, 1, 0, 0, 0, 769, 746, 1, 0, 0, 0, 769, 761, 1, 0, 0, 0, 770, 105, 1, 0, 0, 0, 771, 772, 7, 32, 0, 0, 772, 773, 7, 33, 0, 0, 773, 107, 1, 0, 0, 0, 774, 775, 7, 12, 0, 0, 775, 776, 7, 9, 0, 0, 776, 777, 7, 0, 0, 0, 777, 109, 1, 0, 0, 0, 778, 779, 7, 12, 0, 0, 779, 780, 7, 2, 0, 0, 780, 781, 7, 4, 0, 0, 781, 111, 1, 0, 0, 0, 782, 783, 5, 61, 0, 0, 783, 113, 1, 0, 0, 0, 784, 785, 5, 58, 0, 0, 785, 786, 5, 58, 0, 0, 786, 115, 1, 0, 0, 0, 787, 788, 5, 44, 0, 0, 788, 117, 1, 0, 0, 0, 789, 790, 7, 0, 0, 0, 790, 791, 7, 3, 0, 0, 791, 792, 7, 2, 0, 0, 792, 793, 7, 4, 0, 0, 793, 119, 1, 0, 0, 0, 794, 795, 5, 46, 0, 0, 795, 121, 1, 0, 0, 0, 796, 797, 7, 15, 0, 0, 797, 798, 7, 12, 0, 0, 798, 799, 7, 13, 0, 0, 799, 800, 7, 2, 0, 0, 800, 801, 7, 3, 0, 0, 801, 123, 1, 0, 0, 0, 802, 803, 7, 15, 0, 0, 803, 804, 7, 1, 0, 0, 804, 805, 7, 6, 0, 0, 805, 806, 7, 2, 0, 0, 806, 807, 7, 5, 0, 0, 807, 125, 1, 0, 0, 0, 808, 809, 7, 1, 0, 0, 809, 810, 7, 9, 0, 0, 810, 127, 1, 0, 0, 0, 811, 812, 7, 1, 0, 0, 812, 813, 7, 2, 0, 0, 813, 129, 1, 0, 0, 0, 814, 815, 7, 13, 0, 0, 815, 816, 7, 12, 0, 0, 816, 817, 7, 2, 0, 0, 817, 818, 7, 5, 0, 0, 818, 131, 1, 0, 0, 0, 819, 820, 7, 13, 0, 0, 820, 821, 7, 1, 0, 0, 821, 822, 7, 18, 0, 0, 822, 823, 7, 3, 0, 0, 823, 133, 1, 0, 0, 0, 824, 825, 5, 40, 0, 0, 825, 135, 1, 0, 0, 0, 826, 827, 7, 16, 0, 0, 827, 828, 7, 12, 0, 0, 828, 829, 7, 5, 0, 0, 829, 830, 7, 4, 0, 0, 830, 831, 7, 10, 0, 0, 831, 137, 1, 0, 0, 0, 832, 833, 7, 9, 0, 0, 833, 834, 7, 7, 0, 0, 834, 835, 7, 5, 0, 0, 835, 139, 1, 0, 0, 0, 836, 837, 7, 9, 0, 0, 837, 838, 7, 19, 0, 0, 838, 839, 7, 13, 0, 0, 839, 840, 7, 13, 0, 0, 840, 141, 1, 0, 0, 0, 841, 842, 7, 9, 0, 0, 842, 843, 7, 19, 0, 0, 843, 844, 7, 13, 0, 0, 844, 845, 7, 13, 0, 0, 845, 846, 7, 2, 0, 0, 846, 143, 1, 0, 0, 0, 847, 848, 7, 7, 0, 0, 848, 849, 7, 6, 0, 0, 849, 145, 1, 0, 0, 0, 850, 851, 5, 63, 0, 0, 851, 147, 1, 0, 0, 0, 852, 853, 7, 6, 0, 0, 853, 854, 7, 13, 0, 0, 854, 855, 7, 1, 0, 0, 855, 856, 7, 18, 0, 0, 856, 857, 7, 3, 0, 0, 857, 149, 1, 0, 0, 0, 858, 859, 5, 41, 0, 0, 859, 151, 1, 0, 0, 0, 860, 861, 7, 5, 0, 0, 861, 862, 7, 6, 0, 0, 862, 863, 7, 19, 0, 0, 863, 864, 7, 3, 0, 0, 864, 153, 1, 0, 0, 0, 865, 866, 5, 61, 0, 0, 866, 867, 5, 61, 0, 0, 867, 155, 1, 0, 0, 0, 868, 869, 5, 61, 0, 0, 869, 870, 5, 126, 0, 0, 870, 157, 1, 0, 0, 0, 871, 872, 5, 33, 0, 0, 872, 873, 5, 61, 0, 0, 873, 159, 1, 0, 0, 0, 874, 875, 5, 60, 0, 0, 875, 161, 1, 0, 0, 0, 876, 877, 5, 60, 0, 0, 877, 878, 5, 61, 0, 0, 878, 163, 1, 0, 0, 0, 879, 880, 5, 62, 0, 0, 880, 165, 1, 0, 0, 0, 881, 882, 5, 62, 0, 0, 882, 883, 5, 61, 0, 0, 883, 167, 1, 0, 0, 0, 884, 885, 5, 43, 0, 0, 885, 169, 1, 0, 0, 0, 886, 887, 5, 45, 0, 0, 887, 171, 1, 0, 0, 0, 888, 889, 5, 42, 0, 0, 889, 173, 1, 0, 0, 0, 890, 891, 5, 47, 0, 0, 891, 175, 1, 0, 0, 0, 892, 893, 5, 37, 0, 0, 893, 177, 1, 0, 0, 0, 894, 895, 3, 146, 65, 0, 895, 899, 3, 82, 33, 0, 896, 898, 3, 98, 41, 0, 897, 896, 1, 0, 0, 0, 898, 901, 1, 0, 0, 0, 899, 897, 1, 0, 0, 0, 899, 900, 1, 0, 0, 0, 900, 909, 1, 0, 0, 0, 901, 899, 1, 0, 0, 0, 902, 904, 3, 146, 65, 0, 903, 905, 3, 80, 32, 0, 904, 903, 1, 0, 0, 0, 905, 906, 1, 0, 0, 0, 906, 904, 1, 0, 0, 0, 906, 907, 1, 0, 0, 0, 907, 909, 1, 0, 0, 0, 908, 894, 1, 0, 0, 0, 908, 902, 1, 0, 0, 0, 909, 179, 1, 0, 0, 0, 910, 911, 5, 91, 0, 0, 911, 912, 1, 0, 0, 0, 912, 913, 6, 82, 0, 0, 913, 914, 6, 82, 0, 0, 914, 181, 1, 0, 0, 0, 915, 916, 5, 93, 0, 0, 916, 917, 1, 0, 0, 0, 917, 918, 6, 83, 15, 0, 918, 919, 6, 83, 15, 0, 919, 183, 1, 0, 0, 0, 920, 924, 3, 82, 33, 0, 921, 923, 3, 98, 41, 0, 922, 921, 1, 0, 0, 0, 923, 926, 1, 0, 0, 0, 924, 922, 1, 0, 0, 0, 924, 925, 1, 0, 0, 0, 925, 937, 1, 0, 0, 0, 926, 924, 1, 0, 0, 0, 927, 930, 3, 96, 40, 0, 928, 930, 3, 90, 37, 0, 929, 927, 1, 0, 0, 0, 929, 928, 1, 0, 0, 0, 930, 932, 1, 0, 0, 0, 931, 933, 3, 98, 41, 0, 932, 931, 1, 0, 0, 0, 933, 934, 1, 0, 0, 0, 934, 932, 1, 0, 0, 0, 934, 935, 1, 0, 0, 0, 935, 937, 1, 0, 0, 0, 936, 920, 1, 0, 0, 0, 936, 929, 1, 0, 0, 0, 937, 185, 1, 0, 0, 0, 938, 940, 3, 92, 38, 0, 939, 941, 3, 94, 39, 0, 940, 939, 1, 0, 0, 0, 941, 942, 1, 0, 0, 0, 942, 940, 1, 0, 0, 0, 942, 943, 1, 0, 0, 0, 943, 944, 1, 0, 0, 0, 944, 945, 3, 92, 38, 0, 945, 187, 1, 0, 0, 0, 946, 947, 3, 186, 85, 0, 947, 189, 1, 0, 0, 0, 948, 949, 3, 58, 21, 0, 949, 950, 1, 0, 0, 0, 950, 951, 6, 87, 11, 0, 951, 191, 1, 0, 0, 0, 952, 953, 3, 60, 22, 0, 953, 954, 1, 0, 0, 0, 954, 955, 6, 88, 11, 0, 955, 193, 1, 0, 0, 0, 956, 957, 3, 62, 23, 0, 957, 958, 1, 0, 0, 0, 958, 959, 6, 89, 11, 0, 959, 195, 1, 0, 0, 0, 960, 961, 3, 78, 31, 0, 961, 962, 1, 0, 0, 0, 962, 963, 6, 90, 14, 0, 963, 964, 6, 90, 15, 0, 964, 197, 1, 0, 0, 0, 965, 966, 3, 180, 82, 0, 966, 967, 1, 0, 0, 0, 967, 968, 6, 91, 12, 0, 968, 199, 1, 0, 0, 0, 969, 970, 3, 182, 83, 0, 970, 971, 1, 0, 0, 0, 971, 972, 6, 92, 16, 0, 972, 201, 1, 0, 0, 0, 973, 974, 3, 366, 175, 0, 974, 975, 1, 0, 0, 0, 975, 976, 6, 93, 17, 0, 976, 203, 1, 0, 0, 0, 977, 978, 3, 116, 50, 0, 978, 979, 1, 0, 0, 0, 979, 980, 6, 94, 18, 0, 980, 205, 1, 0, 0, 0, 981, 982, 3, 112, 48, 0, 982, 983, 1, 0, 0, 0, 983, 984, 6, 95, 19, 0, 984, 207, 1, 0, 0, 0, 985, 986, 7, 16, 0, 0, 986, 987, 7, 3, 0, 0, 987, 988, 7, 5, 0, 0, 988, 989, 7, 12, 0, 0, 989, 990, 7, 0, 0, 0, 990, 991, 7, 12, 0, 0, 991, 992, 7, 5, 0, 0, 992, 993, 7, 12, 0, 0, 993, 209, 1, 0, 0, 0, 994, 995, 3, 66, 25, 0, 995, 996, 1, 0, 0, 0, 996, 997, 6, 97, 20, 0, 997, 211, 1, 0, 0, 0, 998, 999, 3, 100, 42, 0, 999, 1000, 1, 0, 0, 0, 1000, 1001, 6, 98, 21, 0, 1001, 213, 1, 0, 0, 0, 1002, 1003, 3, 58, 21, 0, 1003, 1004, 1, 0, 0, 0, 1004, 1005, 6, 99, 11, 0, 1005, 215, 1, 0, 0, 0, 1006, 1007, 3, 60, 22, 0, 1007, 1008, 1, 0, 0, 0, 1008, 1009, 6, 100, 11, 0, 1009, 217, 1, 0, 0, 0, 1010, 1011, 3, 62, 23, 0, 1011, 1012, 1, 0, 0, 0, 1012, 1013, 6, 101, 11, 0, 1013, 219, 1, 0, 0, 0, 1014, 1015, 3, 78, 31, 0, 1015, 1016, 1, 0, 0, 0, 1016, 1017, 6, 102, 14, 0, 1017, 1018, 6, 102, 15, 0, 1018, 221, 1, 0, 0, 0, 1019, 1020, 3, 120, 52, 0, 1020, 1021, 1, 0, 0, 0, 1021, 1022, 6, 103, 22, 0, 1022, 223, 1, 0, 0, 0, 1023, 1024, 3, 116, 50, 0, 1024, 1025, 1, 0, 0, 0, 1025, 1026, 6, 104, 18, 0, 1026, 225, 1, 0, 0, 0, 1027, 1032, 3, 82, 33, 0, 1028, 1032, 3, 80, 32, 0, 1029, 1032, 3, 96, 40, 0, 1030, 1032, 3, 172, 78, 0, 1031, 1027, 1, 0, 0, 0, 1031, 1028, 1, 0, 0, 0, 1031, 1029, 1, 0, 0, 0, 1031, 1030, 1, 0, 0, 0, 1032, 227, 1, 0, 0, 0, 1033, 1036, 3, 82, 33, 0, 1034, 1036, 3, 172, 78, 0, 1035, 1033, 1, 0, 0, 0, 1035, 1034, 1, 0, 0, 0, 1036, 1040, 1, 0, 0, 0, 1037, 1039, 3, 226, 105, 0, 1038, 1037, 1, 0, 0, 0, 1039, 1042, 1, 0, 0, 0, 1040, 1038, 1, 0, 0, 0, 1040, 1041, 1, 0, 0, 0, 1041, 1053, 1, 0, 0, 0, 1042, 1040, 1, 0, 0, 0, 1043, 1046, 3, 96, 40, 0, 1044, 1046, 3, 90, 37, 0, 1045, 1043, 1, 0, 0, 0, 1045, 1044, 1, 0, 0, 0, 1046, 1048, 1, 0, 0, 0, 1047, 1049, 3, 226, 105, 0, 1048, 1047, 1, 0, 0, 0, 1049, 1050, 1, 0, 0, 0, 1050, 1048, 1, 0, 0, 0, 1050, 1051, 1, 0, 0, 0, 1051, 1053, 1, 0, 0, 0, 1052, 1035, 1, 0, 0, 0, 1052, 1045, 1, 0, 0, 0, 1053, 229, 1, 0, 0, 0, 1054, 1057, 3, 228, 106, 0, 1055, 1057, 3, 186, 85, 0, 1056, 1054, 1, 0, 0, 0, 1056, 1055, 1, 0, 0, 0, 1057, 1058, 1, 0, 0, 0, 1058, 1056, 1, 0, 0, 0, 1058, 1059, 1, 0, 0, 0, 1059, 231, 1, 0, 0, 0, 1060, 1061, 3, 58, 21, 0, 1061, 1062, 1, 0, 0, 0, 1062, 1063, 6, 108, 11, 0, 1063, 233, 1, 0, 0, 0, 1064, 1065, 3, 60, 22, 0, 1065, 1066, 1, 0, 0, 0, 1066, 1067, 6, 109, 11, 0, 1067, 235, 1, 0, 0, 0, 1068, 1069, 3, 62, 23, 0, 1069, 1070, 1, 0, 0, 0, 1070, 1071, 6, 110, 11, 0, 1071, 237, 1, 0, 0, 0, 1072, 1073, 3, 78, 31, 0, 1073, 1074, 1, 0, 0, 0, 1074, 1075, 6, 111, 14, 0, 1075, 1076, 6, 111, 15, 0, 1076, 239, 1, 0, 0, 0, 1077, 1078, 3, 112, 48, 0, 1078, 1079, 1, 0, 0, 0, 1079, 1080, 6, 112, 19, 0, 1080, 241, 1, 0, 0, 0, 1081, 1082, 3, 116, 50, 0, 1082, 1083, 1, 0, 0, 0, 1083, 1084, 6, 113, 18, 0, 1084, 243, 1, 0, 0, 0, 1085, 1086, 3, 120, 52, 0, 1086, 1087, 1, 0, 0, 0, 1087, 1088, 6, 114, 22, 0, 1088, 245, 1, 0, 0, 0, 1089, 1090, 7, 12, 0, 0, 1090, 1091, 7, 2, 0, 0, 1091, 247, 1, 0, 0, 0, 1092, 1093, 3, 230, 107, 0, 1093, 1094, 1, 0, 0, 0, 1094, 1095, 6, 116, 23, 0, 1095, 249, 1, 0, 0, 0, 1096, 1097, 3, 58, 21, 0, 1097, 1098, 1, 0, 0, 0, 1098, 1099, 6, 117, 11, 0, 1099, 251, 1, 0, 0, 0, 1100, 1101, 3, 60, 22, 0, 1101, 1102, 1, 0, 0, 0, 1102, 1103, 6, 118, 11, 0, 1103, 253, 1, 0, 0, 0, 1104, 1105, 3, 62, 23, 0, 1105, 1106, 1, 0, 0, 0, 1106, 1107, 6, 119, 11, 0, 1107, 255, 1, 0, 0, 0, 1108, 1109, 3, 78, 31, 0, 1109, 1110, 1, 0, 0, 0, 1110, 1111, 6, 120, 14, 0, 1111, 1112, 6, 120, 15, 0, 1112, 257, 1, 0, 0, 0, 1113, 1114, 3, 180, 82, 0, 1114, 1115, 1, 0, 0, 0, 1115, 1116, 6, 121, 12, 0, 1116, 1117, 6, 121, 24, 0, 1117, 259, 1, 0, 0, 0, 1118, 1119, 7, 7, 0, 0, 1119, 1120, 7, 9, 0, 0, 1120, 1121, 1, 0, 0, 0, 1121, 1122, 6, 122, 25, 0, 1122, 261, 1, 0, 0, 0, 1123, 1124, 7, 20, 0, 0, 1124, 1125, 7, 1, 0, 0, 1125, 1126, 7, 5, 0, 0, 1126, 1127, 7, 10, 0, 0, 1127, 1128, 1, 0, 0, 0, 1128, 1129, 6, 123, 25, 0, 1129, 263, 1, 0, 0, 0, 1130, 1131, 8, 34, 0, 0, 1131, 265, 1, 0, 0, 0, 1132, 1134, 3, 264, 124, 0, 1133, 1132, 1, 0, 0, 0, 1134, 1135, 1, 0, 0, 0, 1135, 1133, 1, 0, 0, 0, 1135, 1136, 1, 0, 0, 0, 1136, 1137, 1, 0, 0, 0, 1137, 1138, 3, 366, 175, 0, 1138, 1140, 1, 0, 0, 0, 1139, 1133, 1, 0, 0, 0, 1139, 1140, 1, 0, 0, 0, 1140, 1142, 1, 0, 0, 0, 1141, 1143, 3, 264, 124, 0, 1142, 1141, 1, 0, 0, 0, 1143, 1144, 1, 0, 0, 0, 1144, 1142, 1, 0, 0, 0, 1144, 1145, 1, 0, 0, 0, 1145, 267, 1, 0, 0, 0, 1146, 1147, 3, 266, 125, 0, 1147, 1148, 1, 0, 0, 0, 1148, 1149, 6, 126, 26, 0, 1149, 269, 1, 0, 0, 0, 1150, 1151, 3, 58, 21, 0, 1151, 1152, 1, 0, 0, 0, 1152, 1153, 6, 127, 11, 0, 1153, 271, 1, 0, 0, 0, 1154, 1155, 3, 60, 22, 0, 1155, 1156, 1, 0, 0, 0, 1156, 1157, 6, 128, 11, 0, 1157, 273, 1, 0, 0, 0, 1158, 1159, 3, 62, 23, 0, 1159, 1160, 1, 0, 0, 0, 1160, 1161, 6, 129, 11, 0, 1161, 275, 1, 0, 0, 0, 1162, 1163, 3, 78, 31, 0, 1163, 1164, 1, 0, 0, 0, 1164, 1165, 6, 130, 14, 0, 1165, 1166, 6, 130, 15, 0, 1166, 1167, 6, 130, 15, 0, 1167, 277, 1, 0, 0, 0, 1168, 1169, 3, 112, 48, 0, 1169, 1170, 1, 0, 0, 0, 1170, 1171, 6, 131, 19, 0, 1171, 279, 1, 0, 0, 0, 1172, 1173, 3, 116, 50, 0, 1173, 1174, 1, 0, 0, 0, 1174, 1175, 6, 132, 18, 0, 1175, 281, 1, 0, 0, 0, 1176, 1177, 3, 120, 52, 0, 1177, 1178, 1, 0, 0, 0, 1178, 1179, 6, 133, 22, 0, 1179, 283, 1, 0, 0, 0, 1180, 1181, 3, 262, 123, 0, 1181, 1182, 1, 0, 0, 0, 1182, 1183, 6, 134, 27, 0, 1183, 285, 1, 0, 0, 0, 1184, 1185, 3, 230, 107, 0, 1185, 1186, 1, 0, 0, 0, 1186, 1187, 6, 135, 23, 0, 1187, 287, 1, 0, 0, 0, 1188, 1189, 3, 188, 86, 0, 1189, 1190, 1, 0, 0, 0, 1190, 1191, 6, 136, 28, 0, 1191, 289, 1, 0, 0, 0, 1192, 1193, 3, 58, 21, 0, 1193, 1194, 1, 0, 0, 0, 1194, 1195, 6, 137, 11, 0, 1195, 291, 1, 0, 0, 0, 1196, 1197, 3, 60, 22, 0, 1197, 1198, 1, 0, 0, 0, 1198, 1199, 6, 138, 11, 0, 1199, 293, 1, 0, 0, 0, 1200, 1201, 3, 62, 23, 0, 1201, 1202, 1, 0, 0, 0, 1202, 1203, 6, 139, 11, 0, 1203, 295, 1, 0, 0, 0, 1204, 1205, 3, 78, 31, 0, 1205, 1206, 1, 0, 0, 0, 1206, 1207, 6, 140, 14, 0, 1207, 1208, 6, 140, 15, 0, 1208, 297, 1, 0, 0, 0, 1209, 1210, 3, 366, 175, 0, 1210, 1211, 1, 0, 0, 0, 1211, 1212, 6, 141, 17, 0, 1212, 299, 1, 0, 0, 0, 1213, 1214, 3, 116, 50, 0, 1214, 1215, 1, 0, 0, 0, 1215, 1216, 6, 142, 18, 0, 1216, 301, 1, 0, 0, 0, 1217, 1218, 3, 120, 52, 0, 1218, 1219, 1, 0, 0, 0, 1219, 1220, 6, 143, 22, 0, 1220, 303, 1, 0, 0, 0, 1221, 1222, 3, 260, 122, 0, 1222, 1223, 1, 0, 0, 0, 1223, 1224, 6, 144, 29, 0, 1224, 1225, 6, 144, 30, 0, 1225, 305, 1, 0, 0, 0, 1226, 1227, 3, 66, 25, 0, 1227, 1228, 1, 0, 0, 0, 1228, 1229, 6, 145, 20, 0, 1229, 307, 1, 0, 0, 0, 1230, 1231, 3, 100, 42, 0, 1231, 1232, 1, 0, 0, 0, 1232, 1233, 6, 146, 21, 0, 1233, 309, 1, 0, 0, 0, 1234, 1235, 3, 58, 21, 0, 1235, 1236, 1, 0, 0, 0, 1236, 1237, 6, 147, 11, 0, 1237, 311, 1, 0, 0, 0, 1238, 1239, 3, 60, 22, 0, 1239, 1240, 1, 0, 0, 0, 1240, 1241, 6, 148, 11, 0, 1241, 313, 1, 0, 0, 0, 1242, 1243, 3, 62, 23, 0, 1243, 1244, 1, 0, 0, 0, 1244, 1245, 6, 149, 11, 0, 1245, 315, 1, 0, 0, 0, 1246, 1247, 3, 78, 31, 0, 1247, 1248, 1, 0, 0, 0, 1248, 1249, 6, 150, 14, 0, 1249, 1250, 6, 150, 15, 0, 1250, 1251, 6, 150, 15, 0, 1251, 317, 1, 0, 0, 0, 1252, 1253, 3, 116, 50, 0, 1253, 1254, 1, 0, 0, 0, 1254, 1255, 6, 151, 18, 0, 1255, 319, 1, 0, 0, 0, 1256, 1257, 3, 120, 52, 0, 1257, 1258, 1, 0, 0, 0, 1258, 1259, 6, 152, 22, 0, 1259, 321, 1, 0, 0, 0, 1260, 1261, 3, 230, 107, 0, 1261, 1262, 1, 0, 0, 0, 1262, 1263, 6, 153, 23, 0, 1263, 323, 1, 0, 0, 0, 1264, 1265, 3, 58, 21, 0, 1265, 1266, 1, 0, 0, 0, 1266, 1267, 6, 154, 11, 0, 1267, 325, 1, 0, 0, 0, 1268, 1269, 3, 60, 22, 0, 1269, 1270, 1, 0, 0, 0, 1270, 1271, 6, 155, 11, 0, 1271, 327, 1, 0, 0, 0, 1272, 1273, 3, 62, 23, 0, 1273, 1274, 1, 0, 0, 0, 1274, 1275, 6, 156, 11, 0, 1275, 329, 1, 0, 0, 0, 1276, 1277, 3, 78, 31, 0, 1277, 1278, 1, 0, 0, 0, 1278, 1279, 6, 157, 14, 0, 1279, 1280, 6, 157, 15, 0, 1280, 331, 1, 0, 0, 0, 1281, 1282, 3, 120, 52, 0, 1282, 1283, 1, 0, 0, 0, 1283, 1284, 6, 158, 22, 0, 1284, 333, 1, 0, 0, 0, 1285, 1286, 3, 188, 86, 0, 1286, 1287, 1, 0, 0, 0, 1287, 1288, 6, 159, 28, 0, 1288, 335, 1, 0, 0, 0, 1289, 1290, 3, 184, 84, 0, 1290, 1291, 1, 0, 0, 0, 1291, 1292, 6, 160, 31, 0, 1292, 337, 1, 0, 0, 0, 1293, 1294, 3, 58, 21, 0, 1294, 1295, 1, 0, 0, 0, 1295, 1296, 6, 161, 11, 0, 1296, 339, 1, 0, 0, 0, 1297, 1298, 3, 60, 22, 0, 1298, 1299, 1, 0, 0, 0, 1299, 1300, 6, 162, 11, 0, 1300, 341, 1, 0, 0, 0, 1301, 1302, 3, 62, 23, 0, 1302, 1303, 1, 0, 0, 0, 1303, 1304, 6, 163, 11, 0, 1304, 343, 1, 0, 0, 0, 1305, 1306, 3, 78, 31, 0, 1306, 1307, 1, 0, 0, 0, 1307, 1308, 6, 164, 14, 0, 1308, 1309, 6, 164, 15, 0, 1309, 345, 1, 0, 0, 0, 1310, 1311, 7, 1, 0, 0, 1311, 1312, 7, 9, 0, 0, 1312, 1313, 7, 15, 0, 0, 1313, 1314, 7, 7, 0, 0, 1314, 347, 1, 0, 0, 0, 1315, 1316, 3, 58, 21, 0, 1316, 1317, 1, 0, 0, 0, 1317, 1318, 6, 166, 11, 0, 1318, 349, 1, 0, 0, 0, 1319, 1320, 3, 60, 22, 0, 1320, 1321, 1, 0, 0, 0, 1321, 1322, 6, 167, 11, 0, 1322, 351, 1, 0, 0, 0, 1323, 1324, 3, 62, 23, 0, 1324, 1325, 1, 0, 0, 0, 1325, 1326, 6, 168, 11, 0, 1326, 353, 1, 0, 0, 0, 1327, 1328, 3, 78, 31, 0, 1328, 1329, 1, 0, 0, 0, 1329, 1330, 6, 169, 14, 0, 1330, 1331, 6, 169, 15, 0, 1331, 355, 1, 0, 0, 0, 1332, 1333, 7, 15, 0, 0, 1333, 1334, 7, 19, 0, 0, 1334, 1335, 7, 9, 0, 0, 1335, 1336, 7, 4, 0, 0, 1336, 1337, 7, 5, 0, 0, 1337, 1338, 7, 1, 0, 0, 1338, 1339, 7, 7, 0, 0, 1339, 1340, 7, 9, 0, 0, 1340, 1341, 7, 2, 0, 0, 1341, 357, 1, 0, 0, 0, 1342, 1343, 3, 58, 21, 0, 1343, 1344, 1, 0, 0, 0, 1344, 1345, 6, 171, 11, 0, 1345, 359, 1, 0, 0, 0, 1346, 1347, 3, 60, 22, 0, 1347, 1348, 1, 0, 0, 0, 1348, 1349, 6, 172, 11, 0, 1349, 361, 1, 0, 0, 0, 1350, 1351, 3, 62, 23, 0, 1351, 1352, 1, 0, 0, 0, 1352, 1353, 6, 173, 11, 0, 1353, 363, 1, 0, 0, 0, 1354, 1355, 3, 182, 83, 0, 1355, 1356, 1, 0, 0, 0, 1356, 1357, 6, 174, 16, 0, 1357, 1358, 6, 174, 15, 0, 1358, 365, 1, 0, 0, 0, 1359, 1360, 5, 58, 0, 0, 1360, 367, 1, 0, 0, 0, 1361, 1367, 3, 90, 37, 0, 1362, 1367, 3, 80, 32, 0, 1363, 1367, 3, 120, 52, 0, 1364, 1367, 3, 82, 33, 0, 1365, 1367, 3, 96, 40, 0, 1366, 1361, 1, 0, 0, 0, 1366, 1362, 1, 0, 0, 0, 1366, 1363, 1, 0, 0, 0, 1366, 1364, 1, 0, 0, 0, 1366, 1365, 1, 0, 0, 0, 1367, 1368, 1, 0, 0, 0, 1368, 1366, 1, 0, 0, 0, 1368, 1369, 1, 0, 0, 0, 1369, 369, 1, 0, 0, 0, 1370, 1371, 3, 58, 21, 0, 1371, 1372, 1, 0, 0, 0, 1372, 1373, 6, 177, 11, 0, 1373, 371, 1, 0, 0, 0, 1374, 1375, 3, 60, 22, 0, 1375, 1376, 1, 0, 0, 0, 1376, 1377, 6, 178, 11, 0, 1377, 373, 1, 0, 0, 0, 1378, 1379, 3, 62, 23, 0, 1379, 1380, 1, 0, 0, 0, 1380, 1381, 6, 179, 11, 0, 1381, 375, 1, 0, 0, 0, 1382, 1383, 3, 78, 31, 0, 1383, 1384, 1, 0, 0, 0, 1384, 1385, 6, 180, 14, 0, 1385, 1386, 6, 180, 15, 0, 1386, 377, 1, 0, 0, 0, 1387, 1388, 3, 66, 25, 0, 1388, 1389, 1, 0, 0, 0, 1389, 1390, 6, 181, 20, 0, 1390, 1391, 6, 181, 15, 0, 1391, 1392, 6, 181, 32, 0, 1392, 379, 1, 0, 0, 0, 1393, 1394, 3, 100, 42, 0, 1394, 1395, 1, 0, 0, 0, 1395, 1396, 6, 182, 21, 0, 1396, 1397, 6, 182, 15, 0, 1397, 1398, 6, 182, 32, 0, 1398, 381, 1, 0, 0, 0, 1399, 1400, 3, 58, 21, 0, 1400, 1401, 1, 0, 0, 0, 1401, 1402, 6, 183, 11, 0, 1402, 383, 1, 0, 0, 0, 1403, 1404, 3, 60, 22, 0, 1404, 1405, 1, 0, 0, 0, 1405, 1406, 6, 184, 11, 0, 1406, 385, 1, 0, 0, 0, 1407, 1408, 3, 62, 23, 0, 1408, 1409, 1, 0, 0, 0, 1409, 1410, 6, 185, 11, 0, 1410, 387, 1, 0, 0, 0, 1411, 1412, 3, 366, 175, 0, 1412, 1413, 1, 0, 0, 0, 1413, 1414, 6, 186, 17, 0, 1414, 1415, 6, 186, 15, 0, 1415, 1416, 6, 186, 7, 0, 1416, 389, 1, 0, 0, 0, 1417, 1418, 3, 116, 50, 0, 1418, 1419, 1, 0, 0, 0, 1419, 1420, 6, 187, 18, 0, 1420, 1421, 6, 187, 15, 0, 1421, 1422, 6, 187, 7, 0, 1422, 391, 1, 0, 0, 0, 1423, 1424, 3, 58, 21, 0, 1424, 1425, 1, 0, 0, 0, 1425, 1426, 6, 188, 11, 0, 1426, 393, 1, 0, 0, 0, 1427, 1428, 3, 60, 22, 0, 1428, 1429, 1, 0, 0, 0, 1429, 1430, 6, 189, 11, 0, 1430, 395, 1, 0, 0, 0, 1431, 1432, 3, 62, 23, 0, 1432, 1433, 1, 0, 0, 0, 1433, 1434, 6, 190, 11, 0, 1434, 397, 1, 0, 0, 0, 1435, 1436, 3, 188, 86, 0, 1436, 1437, 1, 0, 0, 0, 1437, 1438, 6, 191, 15, 0, 1438, 1439, 6, 191, 0, 0, 1439, 1440, 6, 191, 28, 0, 1440, 399, 1, 0, 0, 0, 1441, 1442, 3, 184, 84, 0, 1442, 1443, 1, 0, 0, 0, 1443, 1444, 6, 192, 15, 0, 1444, 1445, 6, 192, 0, 0, 1445, 1446, 6, 192, 31, 0, 1446, 401, 1, 0, 0, 0, 1447, 1448, 3, 106, 45, 0, 1448, 1449, 1, 0, 0, 0, 1449, 1450, 6, 193, 15, 0, 1450, 1451, 6, 193, 0, 0, 1451, 1452, 6, 193, 33, 0, 1452, 403, 1, 0, 0, 0, 1453, 1454, 3, 78, 31, 0, 1454, 1455, 1, 0, 0, 0, 1455, 1456, 6, 194, 14, 0, 1456, 1457, 6, 194, 15, 0, 1457, 405, 1, 0, 0, 0, 65, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 578, 588, 592, 595, 604, 606, 617, 624, 629, 668, 673, 682, 689, 694, 696, 707, 715, 718, 720, 725, 730, 736, 743, 748, 754, 757, 765, 769, 899, 906, 908, 924, 929, 934, 936, 942, 1031, 1035, 1040, 1045, 1050, 1052, 1056, 1058, 1135, 1139, 1144, 1366, 1368, 34, 5, 2, 0, 5, 4, 0, 5, 6, 0, 5, 1, 0, 5, 3, 0, 5, 8, 0, 5, 12, 0, 5, 14, 0, 5, 10, 0, 5, 5, 0, 5, 11, 0, 0, 1, 0, 7, 70, 0, 5, 0, 0, 7, 29, 0, 4, 0, 0, 7, 71, 0, 7, 115, 0, 7, 38, 0, 7, 36, 0, 7, 25, 0, 7, 30, 0, 7, 40, 0, 7, 81, 0, 5, 13, 0, 5, 7, 0, 7, 91, 0, 7, 90, 0, 7, 73, 0, 7, 89, 0, 5, 9, 0, 7, 72, 0, 5, 15, 0, 7, 33, 0] \ No newline at end of file +[4, 0, 126, 1468, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 6, -1, 2, 0, 7, 0, 2, 1, 7, 1, 2, 2, 7, 2, 2, 3, 7, 3, 2, 4, 7, 4, 2, 5, 7, 5, 2, 6, 7, 6, 2, 7, 7, 7, 2, 8, 7, 8, 2, 9, 7, 9, 2, 10, 7, 10, 2, 11, 7, 11, 2, 12, 7, 12, 2, 13, 7, 13, 2, 14, 7, 14, 2, 15, 7, 15, 2, 16, 7, 16, 2, 17, 7, 17, 2, 18, 7, 18, 2, 19, 7, 19, 2, 20, 7, 20, 2, 21, 7, 21, 2, 22, 7, 22, 2, 23, 7, 23, 2, 24, 7, 24, 2, 25, 7, 25, 2, 26, 7, 26, 2, 27, 7, 27, 2, 28, 7, 28, 2, 29, 7, 29, 2, 30, 7, 30, 2, 31, 7, 31, 2, 32, 7, 32, 2, 33, 7, 33, 2, 34, 7, 34, 2, 35, 7, 35, 2, 36, 7, 36, 2, 37, 7, 37, 2, 38, 7, 38, 2, 39, 7, 39, 2, 40, 7, 40, 2, 41, 7, 41, 2, 42, 7, 42, 2, 43, 7, 43, 2, 44, 7, 44, 2, 45, 7, 45, 2, 46, 7, 46, 2, 47, 7, 47, 2, 48, 7, 48, 2, 49, 7, 49, 2, 50, 7, 50, 2, 51, 7, 51, 2, 52, 7, 52, 2, 53, 7, 53, 2, 54, 7, 54, 2, 55, 7, 55, 2, 56, 7, 56, 2, 57, 7, 57, 2, 58, 7, 58, 2, 59, 7, 59, 2, 60, 7, 60, 2, 61, 7, 61, 2, 62, 7, 62, 2, 63, 7, 63, 2, 64, 7, 64, 2, 65, 7, 65, 2, 66, 7, 66, 2, 67, 7, 67, 2, 68, 7, 68, 2, 69, 7, 69, 2, 70, 7, 70, 2, 71, 7, 71, 2, 72, 7, 72, 2, 73, 7, 73, 2, 74, 7, 74, 2, 75, 7, 75, 2, 76, 7, 76, 2, 77, 7, 77, 2, 78, 7, 78, 2, 79, 7, 79, 2, 80, 7, 80, 2, 81, 7, 81, 2, 82, 7, 82, 2, 83, 7, 83, 2, 84, 7, 84, 2, 85, 7, 85, 2, 86, 7, 86, 2, 87, 7, 87, 2, 88, 7, 88, 2, 89, 7, 89, 2, 90, 7, 90, 2, 91, 7, 91, 2, 92, 7, 92, 2, 93, 7, 93, 2, 94, 7, 94, 2, 95, 7, 95, 2, 96, 7, 96, 2, 97, 7, 97, 2, 98, 7, 98, 2, 99, 7, 99, 2, 100, 7, 100, 2, 101, 7, 101, 2, 102, 7, 102, 2, 103, 7, 103, 2, 104, 7, 104, 2, 105, 7, 105, 2, 106, 7, 106, 2, 107, 7, 107, 2, 108, 7, 108, 2, 109, 7, 109, 2, 110, 7, 110, 2, 111, 7, 111, 2, 112, 7, 112, 2, 113, 7, 113, 2, 114, 7, 114, 2, 115, 7, 115, 2, 116, 7, 116, 2, 117, 7, 117, 2, 118, 7, 118, 2, 119, 7, 119, 2, 120, 7, 120, 2, 121, 7, 121, 2, 122, 7, 122, 2, 123, 7, 123, 2, 124, 7, 124, 2, 125, 7, 125, 2, 126, 7, 126, 2, 127, 7, 127, 2, 128, 7, 128, 2, 129, 7, 129, 2, 130, 7, 130, 2, 131, 7, 131, 2, 132, 7, 132, 2, 133, 7, 133, 2, 134, 7, 134, 2, 135, 7, 135, 2, 136, 7, 136, 2, 137, 7, 137, 2, 138, 7, 138, 2, 139, 7, 139, 2, 140, 7, 140, 2, 141, 7, 141, 2, 142, 7, 142, 2, 143, 7, 143, 2, 144, 7, 144, 2, 145, 7, 145, 2, 146, 7, 146, 2, 147, 7, 147, 2, 148, 7, 148, 2, 149, 7, 149, 2, 150, 7, 150, 2, 151, 7, 151, 2, 152, 7, 152, 2, 153, 7, 153, 2, 154, 7, 154, 2, 155, 7, 155, 2, 156, 7, 156, 2, 157, 7, 157, 2, 158, 7, 158, 2, 159, 7, 159, 2, 160, 7, 160, 2, 161, 7, 161, 2, 162, 7, 162, 2, 163, 7, 163, 2, 164, 7, 164, 2, 165, 7, 165, 2, 166, 7, 166, 2, 167, 7, 167, 2, 168, 7, 168, 2, 169, 7, 169, 2, 170, 7, 170, 2, 171, 7, 171, 2, 172, 7, 172, 2, 173, 7, 173, 2, 174, 7, 174, 2, 175, 7, 175, 2, 176, 7, 176, 2, 177, 7, 177, 2, 178, 7, 178, 2, 179, 7, 179, 2, 180, 7, 180, 2, 181, 7, 181, 2, 182, 7, 182, 2, 183, 7, 183, 2, 184, 7, 184, 2, 185, 7, 185, 2, 186, 7, 186, 2, 187, 7, 187, 2, 188, 7, 188, 2, 189, 7, 189, 2, 190, 7, 190, 2, 191, 7, 191, 2, 192, 7, 192, 2, 193, 7, 193, 2, 194, 7, 194, 2, 195, 7, 195, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 4, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 7, 1, 8, 1, 8, 1, 8, 1, 8, 1, 8, 1, 8, 1, 8, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 12, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 13, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 14, 1, 15, 1, 15, 1, 15, 1, 15, 1, 15, 1, 15, 1, 16, 1, 16, 1, 16, 1, 16, 1, 16, 1, 16, 1, 16, 1, 17, 1, 17, 1, 17, 1, 17, 1, 17, 1, 17, 1, 17, 1, 18, 1, 18, 1, 18, 1, 18, 1, 18, 1, 18, 1, 18, 1, 18, 1, 19, 1, 19, 1, 19, 1, 19, 1, 19, 1, 19, 1, 19, 1, 19, 1, 20, 1, 20, 1, 20, 1, 20, 1, 20, 1, 20, 1, 20, 1, 20, 1, 21, 4, 21, 587, 8, 21, 11, 21, 12, 21, 588, 1, 21, 1, 21, 1, 22, 1, 22, 1, 22, 1, 22, 5, 22, 597, 8, 22, 10, 22, 12, 22, 600, 9, 22, 1, 22, 3, 22, 603, 8, 22, 1, 22, 3, 22, 606, 8, 22, 1, 22, 1, 22, 1, 23, 1, 23, 1, 23, 1, 23, 1, 23, 5, 23, 615, 8, 23, 10, 23, 12, 23, 618, 9, 23, 1, 23, 1, 23, 1, 23, 1, 23, 1, 23, 1, 24, 4, 24, 626, 8, 24, 11, 24, 12, 24, 627, 1, 24, 1, 24, 1, 25, 1, 25, 1, 25, 3, 25, 635, 8, 25, 1, 26, 4, 26, 638, 8, 26, 11, 26, 12, 26, 639, 1, 27, 1, 27, 1, 27, 1, 27, 1, 27, 1, 28, 1, 28, 1, 28, 1, 28, 1, 28, 1, 29, 1, 29, 1, 29, 1, 29, 1, 30, 1, 30, 1, 30, 1, 30, 1, 31, 1, 31, 1, 31, 1, 31, 1, 32, 1, 32, 1, 32, 1, 32, 1, 33, 1, 33, 1, 34, 1, 34, 1, 35, 1, 35, 1, 35, 1, 36, 1, 36, 1, 37, 1, 37, 3, 37, 679, 8, 37, 1, 37, 4, 37, 682, 8, 37, 11, 37, 12, 37, 683, 1, 38, 1, 38, 1, 39, 1, 39, 1, 40, 1, 40, 1, 40, 3, 40, 693, 8, 40, 1, 41, 1, 41, 1, 42, 1, 42, 1, 42, 3, 42, 700, 8, 42, 1, 43, 1, 43, 1, 43, 5, 43, 705, 8, 43, 10, 43, 12, 43, 708, 9, 43, 1, 43, 1, 43, 1, 43, 1, 43, 1, 43, 1, 43, 5, 43, 716, 8, 43, 10, 43, 12, 43, 719, 9, 43, 1, 43, 1, 43, 1, 43, 1, 43, 1, 43, 3, 43, 726, 8, 43, 1, 43, 3, 43, 729, 8, 43, 3, 43, 731, 8, 43, 1, 44, 4, 44, 734, 8, 44, 11, 44, 12, 44, 735, 1, 45, 4, 45, 739, 8, 45, 11, 45, 12, 45, 740, 1, 45, 1, 45, 5, 45, 745, 8, 45, 10, 45, 12, 45, 748, 9, 45, 1, 45, 1, 45, 4, 45, 752, 8, 45, 11, 45, 12, 45, 753, 1, 45, 4, 45, 757, 8, 45, 11, 45, 12, 45, 758, 1, 45, 1, 45, 5, 45, 763, 8, 45, 10, 45, 12, 45, 766, 9, 45, 3, 45, 768, 8, 45, 1, 45, 1, 45, 1, 45, 1, 45, 4, 45, 774, 8, 45, 11, 45, 12, 45, 775, 1, 45, 1, 45, 3, 45, 780, 8, 45, 1, 46, 1, 46, 1, 46, 1, 47, 1, 47, 1, 47, 1, 47, 1, 48, 1, 48, 1, 48, 1, 48, 1, 49, 1, 49, 1, 50, 1, 50, 1, 50, 1, 51, 1, 51, 1, 52, 1, 52, 1, 52, 1, 52, 1, 52, 1, 53, 1, 53, 1, 54, 1, 54, 1, 54, 1, 54, 1, 54, 1, 54, 1, 55, 1, 55, 1, 55, 1, 55, 1, 55, 1, 55, 1, 56, 1, 56, 1, 56, 1, 57, 1, 57, 1, 57, 1, 58, 1, 58, 1, 58, 1, 58, 1, 58, 1, 59, 1, 59, 1, 59, 1, 59, 1, 59, 1, 60, 1, 60, 1, 61, 1, 61, 1, 61, 1, 61, 1, 61, 1, 61, 1, 62, 1, 62, 1, 62, 1, 62, 1, 63, 1, 63, 1, 63, 1, 63, 1, 63, 1, 64, 1, 64, 1, 64, 1, 64, 1, 64, 1, 64, 1, 65, 1, 65, 1, 65, 1, 66, 1, 66, 1, 67, 1, 67, 1, 67, 1, 67, 1, 67, 1, 67, 1, 68, 1, 68, 1, 69, 1, 69, 1, 69, 1, 69, 1, 69, 1, 70, 1, 70, 1, 70, 1, 71, 1, 71, 1, 71, 1, 72, 1, 72, 1, 72, 1, 73, 1, 73, 1, 74, 1, 74, 1, 74, 1, 75, 1, 75, 1, 76, 1, 76, 1, 76, 1, 77, 1, 77, 1, 78, 1, 78, 1, 79, 1, 79, 1, 80, 1, 80, 1, 81, 1, 81, 1, 82, 1, 82, 1, 82, 5, 82, 908, 8, 82, 10, 82, 12, 82, 911, 9, 82, 1, 82, 1, 82, 4, 82, 915, 8, 82, 11, 82, 12, 82, 916, 3, 82, 919, 8, 82, 1, 83, 1, 83, 1, 83, 1, 83, 1, 83, 1, 84, 1, 84, 1, 84, 1, 84, 1, 84, 1, 85, 1, 85, 5, 85, 933, 8, 85, 10, 85, 12, 85, 936, 9, 85, 1, 85, 1, 85, 3, 85, 940, 8, 85, 1, 85, 4, 85, 943, 8, 85, 11, 85, 12, 85, 944, 3, 85, 947, 8, 85, 1, 86, 1, 86, 4, 86, 951, 8, 86, 11, 86, 12, 86, 952, 1, 86, 1, 86, 1, 87, 1, 87, 1, 88, 1, 88, 1, 88, 1, 88, 1, 89, 1, 89, 1, 89, 1, 89, 1, 90, 1, 90, 1, 90, 1, 90, 1, 91, 1, 91, 1, 91, 1, 91, 1, 91, 1, 92, 1, 92, 1, 92, 1, 92, 1, 93, 1, 93, 1, 93, 1, 93, 1, 94, 1, 94, 1, 94, 1, 94, 1, 95, 1, 95, 1, 95, 1, 95, 1, 96, 1, 96, 1, 96, 1, 96, 1, 97, 1, 97, 1, 97, 1, 97, 1, 97, 1, 97, 1, 97, 1, 97, 1, 97, 1, 98, 1, 98, 1, 98, 1, 98, 1, 99, 1, 99, 1, 99, 1, 99, 1, 100, 1, 100, 1, 100, 1, 100, 1, 101, 1, 101, 1, 101, 1, 101, 1, 102, 1, 102, 1, 102, 1, 102, 1, 103, 1, 103, 1, 103, 1, 103, 1, 103, 1, 104, 1, 104, 1, 104, 1, 104, 1, 105, 1, 105, 1, 105, 1, 105, 1, 106, 1, 106, 1, 106, 1, 106, 3, 106, 1042, 8, 106, 1, 107, 1, 107, 3, 107, 1046, 8, 107, 1, 107, 5, 107, 1049, 8, 107, 10, 107, 12, 107, 1052, 9, 107, 1, 107, 1, 107, 3, 107, 1056, 8, 107, 1, 107, 4, 107, 1059, 8, 107, 11, 107, 12, 107, 1060, 3, 107, 1063, 8, 107, 1, 108, 1, 108, 4, 108, 1067, 8, 108, 11, 108, 12, 108, 1068, 1, 109, 1, 109, 1, 109, 1, 109, 1, 110, 1, 110, 1, 110, 1, 110, 1, 111, 1, 111, 1, 111, 1, 111, 1, 112, 1, 112, 1, 112, 1, 112, 1, 112, 1, 113, 1, 113, 1, 113, 1, 113, 1, 114, 1, 114, 1, 114, 1, 114, 1, 115, 1, 115, 1, 115, 1, 115, 1, 116, 1, 116, 1, 116, 1, 117, 1, 117, 1, 117, 1, 117, 1, 118, 1, 118, 1, 118, 1, 118, 1, 119, 1, 119, 1, 119, 1, 119, 1, 120, 1, 120, 1, 120, 1, 120, 1, 121, 1, 121, 1, 121, 1, 121, 1, 121, 1, 122, 1, 122, 1, 122, 1, 122, 1, 122, 1, 123, 1, 123, 1, 123, 1, 123, 1, 123, 1, 124, 1, 124, 1, 124, 1, 124, 1, 124, 1, 124, 1, 124, 1, 125, 1, 125, 1, 126, 4, 126, 1144, 8, 126, 11, 126, 12, 126, 1145, 1, 126, 1, 126, 3, 126, 1150, 8, 126, 1, 126, 4, 126, 1153, 8, 126, 11, 126, 12, 126, 1154, 1, 127, 1, 127, 1, 127, 1, 127, 1, 128, 1, 128, 1, 128, 1, 128, 1, 129, 1, 129, 1, 129, 1, 129, 1, 130, 1, 130, 1, 130, 1, 130, 1, 131, 1, 131, 1, 131, 1, 131, 1, 131, 1, 131, 1, 132, 1, 132, 1, 132, 1, 132, 1, 133, 1, 133, 1, 133, 1, 133, 1, 134, 1, 134, 1, 134, 1, 134, 1, 135, 1, 135, 1, 135, 1, 135, 1, 136, 1, 136, 1, 136, 1, 136, 1, 137, 1, 137, 1, 137, 1, 137, 1, 138, 1, 138, 1, 138, 1, 138, 1, 139, 1, 139, 1, 139, 1, 139, 1, 140, 1, 140, 1, 140, 1, 140, 1, 141, 1, 141, 1, 141, 1, 141, 1, 141, 1, 142, 1, 142, 1, 142, 1, 142, 1, 143, 1, 143, 1, 143, 1, 143, 1, 144, 1, 144, 1, 144, 1, 144, 1, 145, 1, 145, 1, 145, 1, 145, 1, 145, 1, 146, 1, 146, 1, 146, 1, 146, 1, 147, 1, 147, 1, 147, 1, 147, 1, 148, 1, 148, 1, 148, 1, 148, 1, 149, 1, 149, 1, 149, 1, 149, 1, 150, 1, 150, 1, 150, 1, 150, 1, 151, 1, 151, 1, 151, 1, 151, 1, 151, 1, 151, 1, 152, 1, 152, 1, 152, 1, 152, 1, 153, 1, 153, 1, 153, 1, 153, 1, 154, 1, 154, 1, 154, 1, 154, 1, 155, 1, 155, 1, 155, 1, 155, 1, 156, 1, 156, 1, 156, 1, 156, 1, 157, 1, 157, 1, 157, 1, 157, 1, 158, 1, 158, 1, 158, 1, 158, 1, 158, 1, 159, 1, 159, 1, 159, 1, 159, 1, 160, 1, 160, 1, 160, 1, 160, 1, 161, 1, 161, 1, 161, 1, 161, 1, 162, 1, 162, 1, 162, 1, 162, 1, 163, 1, 163, 1, 163, 1, 163, 1, 164, 1, 164, 1, 164, 1, 164, 1, 165, 1, 165, 1, 165, 1, 165, 1, 165, 1, 166, 1, 166, 1, 166, 1, 166, 1, 166, 1, 167, 1, 167, 1, 167, 1, 167, 1, 168, 1, 168, 1, 168, 1, 168, 1, 169, 1, 169, 1, 169, 1, 169, 1, 170, 1, 170, 1, 170, 1, 170, 1, 170, 1, 171, 1, 171, 1, 171, 1, 171, 1, 171, 1, 171, 1, 171, 1, 171, 1, 171, 1, 171, 1, 172, 1, 172, 1, 172, 1, 172, 1, 173, 1, 173, 1, 173, 1, 173, 1, 174, 1, 174, 1, 174, 1, 174, 1, 175, 1, 175, 1, 175, 1, 175, 1, 175, 1, 176, 1, 176, 1, 177, 1, 177, 1, 177, 1, 177, 1, 177, 4, 177, 1377, 8, 177, 11, 177, 12, 177, 1378, 1, 178, 1, 178, 1, 178, 1, 178, 1, 179, 1, 179, 1, 179, 1, 179, 1, 180, 1, 180, 1, 180, 1, 180, 1, 181, 1, 181, 1, 181, 1, 181, 1, 181, 1, 182, 1, 182, 1, 182, 1, 182, 1, 182, 1, 182, 1, 183, 1, 183, 1, 183, 1, 183, 1, 183, 1, 183, 1, 184, 1, 184, 1, 184, 1, 184, 1, 185, 1, 185, 1, 185, 1, 185, 1, 186, 1, 186, 1, 186, 1, 186, 1, 187, 1, 187, 1, 187, 1, 187, 1, 187, 1, 187, 1, 188, 1, 188, 1, 188, 1, 188, 1, 188, 1, 188, 1, 189, 1, 189, 1, 189, 1, 189, 1, 190, 1, 190, 1, 190, 1, 190, 1, 191, 1, 191, 1, 191, 1, 191, 1, 192, 1, 192, 1, 192, 1, 192, 1, 192, 1, 192, 1, 193, 1, 193, 1, 193, 1, 193, 1, 193, 1, 193, 1, 194, 1, 194, 1, 194, 1, 194, 1, 194, 1, 194, 1, 195, 1, 195, 1, 195, 1, 195, 1, 195, 2, 616, 717, 0, 196, 16, 1, 18, 2, 20, 3, 22, 4, 24, 5, 26, 6, 28, 7, 30, 8, 32, 9, 34, 10, 36, 11, 38, 12, 40, 13, 42, 14, 44, 15, 46, 16, 48, 17, 50, 18, 52, 19, 54, 20, 56, 21, 58, 22, 60, 23, 62, 24, 64, 25, 66, 0, 68, 26, 70, 0, 72, 0, 74, 27, 76, 28, 78, 29, 80, 30, 82, 0, 84, 0, 86, 0, 88, 0, 90, 0, 92, 0, 94, 0, 96, 0, 98, 0, 100, 0, 102, 31, 104, 32, 106, 33, 108, 34, 110, 35, 112, 36, 114, 37, 116, 38, 118, 39, 120, 40, 122, 41, 124, 42, 126, 43, 128, 44, 130, 45, 132, 46, 134, 47, 136, 48, 138, 49, 140, 50, 142, 51, 144, 52, 146, 53, 148, 54, 150, 55, 152, 56, 154, 57, 156, 58, 158, 59, 160, 60, 162, 61, 164, 62, 166, 63, 168, 64, 170, 65, 172, 66, 174, 67, 176, 68, 178, 69, 180, 70, 182, 71, 184, 72, 186, 73, 188, 0, 190, 74, 192, 75, 194, 76, 196, 77, 198, 0, 200, 0, 202, 0, 204, 0, 206, 0, 208, 0, 210, 78, 212, 0, 214, 0, 216, 79, 218, 80, 220, 81, 222, 0, 224, 0, 226, 0, 228, 0, 230, 0, 232, 82, 234, 83, 236, 84, 238, 85, 240, 0, 242, 0, 244, 0, 246, 0, 248, 86, 250, 0, 252, 87, 254, 88, 256, 89, 258, 0, 260, 0, 262, 90, 264, 91, 266, 0, 268, 92, 270, 0, 272, 93, 274, 94, 276, 95, 278, 0, 280, 0, 282, 0, 284, 0, 286, 0, 288, 0, 290, 0, 292, 96, 294, 97, 296, 98, 298, 0, 300, 0, 302, 0, 304, 0, 306, 0, 308, 0, 310, 0, 312, 99, 314, 100, 316, 101, 318, 0, 320, 0, 322, 0, 324, 0, 326, 102, 328, 103, 330, 104, 332, 0, 334, 0, 336, 0, 338, 0, 340, 105, 342, 106, 344, 107, 346, 0, 348, 108, 350, 109, 352, 110, 354, 111, 356, 0, 358, 112, 360, 113, 362, 114, 364, 115, 366, 0, 368, 116, 370, 117, 372, 118, 374, 119, 376, 120, 378, 0, 380, 0, 382, 0, 384, 121, 386, 122, 388, 123, 390, 0, 392, 0, 394, 124, 396, 125, 398, 126, 400, 0, 402, 0, 404, 0, 406, 0, 16, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 35, 2, 0, 68, 68, 100, 100, 2, 0, 73, 73, 105, 105, 2, 0, 83, 83, 115, 115, 2, 0, 69, 69, 101, 101, 2, 0, 67, 67, 99, 99, 2, 0, 84, 84, 116, 116, 2, 0, 82, 82, 114, 114, 2, 0, 79, 79, 111, 111, 2, 0, 80, 80, 112, 112, 2, 0, 78, 78, 110, 110, 2, 0, 72, 72, 104, 104, 2, 0, 86, 86, 118, 118, 2, 0, 65, 65, 97, 97, 2, 0, 76, 76, 108, 108, 2, 0, 88, 88, 120, 120, 2, 0, 70, 70, 102, 102, 2, 0, 77, 77, 109, 109, 2, 0, 71, 71, 103, 103, 2, 0, 75, 75, 107, 107, 2, 0, 85, 85, 117, 117, 2, 0, 87, 87, 119, 119, 6, 0, 9, 10, 13, 13, 32, 32, 47, 47, 91, 91, 93, 93, 2, 0, 10, 10, 13, 13, 3, 0, 9, 10, 13, 13, 32, 32, 11, 0, 9, 10, 13, 13, 32, 32, 34, 34, 44, 44, 47, 47, 58, 58, 61, 61, 91, 91, 93, 93, 124, 124, 2, 0, 42, 42, 47, 47, 1, 0, 48, 57, 2, 0, 65, 90, 97, 122, 8, 0, 34, 34, 78, 78, 82, 82, 84, 84, 92, 92, 110, 110, 114, 114, 116, 116, 4, 0, 10, 10, 13, 13, 34, 34, 92, 92, 2, 0, 43, 43, 45, 45, 1, 0, 96, 96, 2, 0, 66, 66, 98, 98, 2, 0, 89, 89, 121, 121, 11, 0, 9, 10, 13, 13, 32, 32, 34, 35, 44, 44, 47, 47, 58, 58, 60, 60, 62, 63, 92, 92, 124, 124, 1494, 0, 16, 1, 0, 0, 0, 0, 18, 1, 0, 0, 0, 0, 20, 1, 0, 0, 0, 0, 22, 1, 0, 0, 0, 0, 24, 1, 0, 0, 0, 0, 26, 1, 0, 0, 0, 0, 28, 1, 0, 0, 0, 0, 30, 1, 0, 0, 0, 0, 32, 1, 0, 0, 0, 0, 34, 1, 0, 0, 0, 0, 36, 1, 0, 0, 0, 0, 38, 1, 0, 0, 0, 0, 40, 1, 0, 0, 0, 0, 42, 1, 0, 0, 0, 0, 44, 1, 0, 0, 0, 0, 46, 1, 0, 0, 0, 0, 48, 1, 0, 0, 0, 0, 50, 1, 0, 0, 0, 0, 52, 1, 0, 0, 0, 0, 54, 1, 0, 0, 0, 0, 56, 1, 0, 0, 0, 0, 58, 1, 0, 0, 0, 0, 60, 1, 0, 0, 0, 0, 62, 1, 0, 0, 0, 0, 64, 1, 0, 0, 0, 0, 68, 1, 0, 0, 0, 1, 70, 1, 0, 0, 0, 1, 72, 1, 0, 0, 0, 1, 74, 1, 0, 0, 0, 1, 76, 1, 0, 0, 0, 1, 78, 1, 0, 0, 0, 2, 80, 1, 0, 0, 0, 2, 102, 1, 0, 0, 0, 2, 104, 1, 0, 0, 0, 2, 106, 1, 0, 0, 0, 2, 108, 1, 0, 0, 0, 2, 110, 1, 0, 0, 0, 2, 112, 1, 0, 0, 0, 2, 114, 1, 0, 0, 0, 2, 116, 1, 0, 0, 0, 2, 118, 1, 0, 0, 0, 2, 120, 1, 0, 0, 0, 2, 122, 1, 0, 0, 0, 2, 124, 1, 0, 0, 0, 2, 126, 1, 0, 0, 0, 2, 128, 1, 0, 0, 0, 2, 130, 1, 0, 0, 0, 2, 132, 1, 0, 0, 0, 2, 134, 1, 0, 0, 0, 2, 136, 1, 0, 0, 0, 2, 138, 1, 0, 0, 0, 2, 140, 1, 0, 0, 0, 2, 142, 1, 0, 0, 0, 2, 144, 1, 0, 0, 0, 2, 146, 1, 0, 0, 0, 2, 148, 1, 0, 0, 0, 2, 150, 1, 0, 0, 0, 2, 152, 1, 0, 0, 0, 2, 154, 1, 0, 0, 0, 2, 156, 1, 0, 0, 0, 2, 158, 1, 0, 0, 0, 2, 160, 1, 0, 0, 0, 2, 162, 1, 0, 0, 0, 2, 164, 1, 0, 0, 0, 2, 166, 1, 0, 0, 0, 2, 168, 1, 0, 0, 0, 2, 170, 1, 0, 0, 0, 2, 172, 1, 0, 0, 0, 2, 174, 1, 0, 0, 0, 2, 176, 1, 0, 0, 0, 2, 178, 1, 0, 0, 0, 2, 180, 1, 0, 0, 0, 2, 182, 1, 0, 0, 0, 2, 184, 1, 0, 0, 0, 2, 186, 1, 0, 0, 0, 2, 190, 1, 0, 0, 0, 2, 192, 1, 0, 0, 0, 2, 194, 1, 0, 0, 0, 2, 196, 1, 0, 0, 0, 3, 198, 1, 0, 0, 0, 3, 200, 1, 0, 0, 0, 3, 202, 1, 0, 0, 0, 3, 204, 1, 0, 0, 0, 3, 206, 1, 0, 0, 0, 3, 208, 1, 0, 0, 0, 3, 210, 1, 0, 0, 0, 3, 212, 1, 0, 0, 0, 3, 214, 1, 0, 0, 0, 3, 216, 1, 0, 0, 0, 3, 218, 1, 0, 0, 0, 3, 220, 1, 0, 0, 0, 4, 222, 1, 0, 0, 0, 4, 224, 1, 0, 0, 0, 4, 226, 1, 0, 0, 0, 4, 232, 1, 0, 0, 0, 4, 234, 1, 0, 0, 0, 4, 236, 1, 0, 0, 0, 4, 238, 1, 0, 0, 0, 5, 240, 1, 0, 0, 0, 5, 242, 1, 0, 0, 0, 5, 244, 1, 0, 0, 0, 5, 246, 1, 0, 0, 0, 5, 248, 1, 0, 0, 0, 5, 250, 1, 0, 0, 0, 5, 252, 1, 0, 0, 0, 5, 254, 1, 0, 0, 0, 5, 256, 1, 0, 0, 0, 6, 258, 1, 0, 0, 0, 6, 260, 1, 0, 0, 0, 6, 262, 1, 0, 0, 0, 6, 264, 1, 0, 0, 0, 6, 268, 1, 0, 0, 0, 6, 270, 1, 0, 0, 0, 6, 272, 1, 0, 0, 0, 6, 274, 1, 0, 0, 0, 6, 276, 1, 0, 0, 0, 7, 278, 1, 0, 0, 0, 7, 280, 1, 0, 0, 0, 7, 282, 1, 0, 0, 0, 7, 284, 1, 0, 0, 0, 7, 286, 1, 0, 0, 0, 7, 288, 1, 0, 0, 0, 7, 290, 1, 0, 0, 0, 7, 292, 1, 0, 0, 0, 7, 294, 1, 0, 0, 0, 7, 296, 1, 0, 0, 0, 8, 298, 1, 0, 0, 0, 8, 300, 1, 0, 0, 0, 8, 302, 1, 0, 0, 0, 8, 304, 1, 0, 0, 0, 8, 306, 1, 0, 0, 0, 8, 308, 1, 0, 0, 0, 8, 310, 1, 0, 0, 0, 8, 312, 1, 0, 0, 0, 8, 314, 1, 0, 0, 0, 8, 316, 1, 0, 0, 0, 9, 318, 1, 0, 0, 0, 9, 320, 1, 0, 0, 0, 9, 322, 1, 0, 0, 0, 9, 324, 1, 0, 0, 0, 9, 326, 1, 0, 0, 0, 9, 328, 1, 0, 0, 0, 9, 330, 1, 0, 0, 0, 10, 332, 1, 0, 0, 0, 10, 334, 1, 0, 0, 0, 10, 336, 1, 0, 0, 0, 10, 338, 1, 0, 0, 0, 10, 340, 1, 0, 0, 0, 10, 342, 1, 0, 0, 0, 10, 344, 1, 0, 0, 0, 11, 346, 1, 0, 0, 0, 11, 348, 1, 0, 0, 0, 11, 350, 1, 0, 0, 0, 11, 352, 1, 0, 0, 0, 11, 354, 1, 0, 0, 0, 12, 356, 1, 0, 0, 0, 12, 358, 1, 0, 0, 0, 12, 360, 1, 0, 0, 0, 12, 362, 1, 0, 0, 0, 12, 364, 1, 0, 0, 0, 13, 366, 1, 0, 0, 0, 13, 368, 1, 0, 0, 0, 13, 370, 1, 0, 0, 0, 13, 372, 1, 0, 0, 0, 13, 374, 1, 0, 0, 0, 13, 376, 1, 0, 0, 0, 14, 378, 1, 0, 0, 0, 14, 380, 1, 0, 0, 0, 14, 382, 1, 0, 0, 0, 14, 384, 1, 0, 0, 0, 14, 386, 1, 0, 0, 0, 14, 388, 1, 0, 0, 0, 15, 390, 1, 0, 0, 0, 15, 392, 1, 0, 0, 0, 15, 394, 1, 0, 0, 0, 15, 396, 1, 0, 0, 0, 15, 398, 1, 0, 0, 0, 15, 400, 1, 0, 0, 0, 15, 402, 1, 0, 0, 0, 15, 404, 1, 0, 0, 0, 15, 406, 1, 0, 0, 0, 16, 408, 1, 0, 0, 0, 18, 418, 1, 0, 0, 0, 20, 425, 1, 0, 0, 0, 22, 434, 1, 0, 0, 0, 24, 441, 1, 0, 0, 0, 26, 451, 1, 0, 0, 0, 28, 458, 1, 0, 0, 0, 30, 465, 1, 0, 0, 0, 32, 479, 1, 0, 0, 0, 34, 486, 1, 0, 0, 0, 36, 494, 1, 0, 0, 0, 38, 503, 1, 0, 0, 0, 40, 510, 1, 0, 0, 0, 42, 520, 1, 0, 0, 0, 44, 532, 1, 0, 0, 0, 46, 541, 1, 0, 0, 0, 48, 547, 1, 0, 0, 0, 50, 554, 1, 0, 0, 0, 52, 561, 1, 0, 0, 0, 54, 569, 1, 0, 0, 0, 56, 577, 1, 0, 0, 0, 58, 586, 1, 0, 0, 0, 60, 592, 1, 0, 0, 0, 62, 609, 1, 0, 0, 0, 64, 625, 1, 0, 0, 0, 66, 634, 1, 0, 0, 0, 68, 637, 1, 0, 0, 0, 70, 641, 1, 0, 0, 0, 72, 646, 1, 0, 0, 0, 74, 651, 1, 0, 0, 0, 76, 655, 1, 0, 0, 0, 78, 659, 1, 0, 0, 0, 80, 663, 1, 0, 0, 0, 82, 667, 1, 0, 0, 0, 84, 669, 1, 0, 0, 0, 86, 671, 1, 0, 0, 0, 88, 674, 1, 0, 0, 0, 90, 676, 1, 0, 0, 0, 92, 685, 1, 0, 0, 0, 94, 687, 1, 0, 0, 0, 96, 692, 1, 0, 0, 0, 98, 694, 1, 0, 0, 0, 100, 699, 1, 0, 0, 0, 102, 730, 1, 0, 0, 0, 104, 733, 1, 0, 0, 0, 106, 779, 1, 0, 0, 0, 108, 781, 1, 0, 0, 0, 110, 784, 1, 0, 0, 0, 112, 788, 1, 0, 0, 0, 114, 792, 1, 0, 0, 0, 116, 794, 1, 0, 0, 0, 118, 797, 1, 0, 0, 0, 120, 799, 1, 0, 0, 0, 122, 804, 1, 0, 0, 0, 124, 806, 1, 0, 0, 0, 126, 812, 1, 0, 0, 0, 128, 818, 1, 0, 0, 0, 130, 821, 1, 0, 0, 0, 132, 824, 1, 0, 0, 0, 134, 829, 1, 0, 0, 0, 136, 834, 1, 0, 0, 0, 138, 836, 1, 0, 0, 0, 140, 842, 1, 0, 0, 0, 142, 846, 1, 0, 0, 0, 144, 851, 1, 0, 0, 0, 146, 857, 1, 0, 0, 0, 148, 860, 1, 0, 0, 0, 150, 862, 1, 0, 0, 0, 152, 868, 1, 0, 0, 0, 154, 870, 1, 0, 0, 0, 156, 875, 1, 0, 0, 0, 158, 878, 1, 0, 0, 0, 160, 881, 1, 0, 0, 0, 162, 884, 1, 0, 0, 0, 164, 886, 1, 0, 0, 0, 166, 889, 1, 0, 0, 0, 168, 891, 1, 0, 0, 0, 170, 894, 1, 0, 0, 0, 172, 896, 1, 0, 0, 0, 174, 898, 1, 0, 0, 0, 176, 900, 1, 0, 0, 0, 178, 902, 1, 0, 0, 0, 180, 918, 1, 0, 0, 0, 182, 920, 1, 0, 0, 0, 184, 925, 1, 0, 0, 0, 186, 946, 1, 0, 0, 0, 188, 948, 1, 0, 0, 0, 190, 956, 1, 0, 0, 0, 192, 958, 1, 0, 0, 0, 194, 962, 1, 0, 0, 0, 196, 966, 1, 0, 0, 0, 198, 970, 1, 0, 0, 0, 200, 975, 1, 0, 0, 0, 202, 979, 1, 0, 0, 0, 204, 983, 1, 0, 0, 0, 206, 987, 1, 0, 0, 0, 208, 991, 1, 0, 0, 0, 210, 995, 1, 0, 0, 0, 212, 1004, 1, 0, 0, 0, 214, 1008, 1, 0, 0, 0, 216, 1012, 1, 0, 0, 0, 218, 1016, 1, 0, 0, 0, 220, 1020, 1, 0, 0, 0, 222, 1024, 1, 0, 0, 0, 224, 1029, 1, 0, 0, 0, 226, 1033, 1, 0, 0, 0, 228, 1041, 1, 0, 0, 0, 230, 1062, 1, 0, 0, 0, 232, 1066, 1, 0, 0, 0, 234, 1070, 1, 0, 0, 0, 236, 1074, 1, 0, 0, 0, 238, 1078, 1, 0, 0, 0, 240, 1082, 1, 0, 0, 0, 242, 1087, 1, 0, 0, 0, 244, 1091, 1, 0, 0, 0, 246, 1095, 1, 0, 0, 0, 248, 1099, 1, 0, 0, 0, 250, 1102, 1, 0, 0, 0, 252, 1106, 1, 0, 0, 0, 254, 1110, 1, 0, 0, 0, 256, 1114, 1, 0, 0, 0, 258, 1118, 1, 0, 0, 0, 260, 1123, 1, 0, 0, 0, 262, 1128, 1, 0, 0, 0, 264, 1133, 1, 0, 0, 0, 266, 1140, 1, 0, 0, 0, 268, 1149, 1, 0, 0, 0, 270, 1156, 1, 0, 0, 0, 272, 1160, 1, 0, 0, 0, 274, 1164, 1, 0, 0, 0, 276, 1168, 1, 0, 0, 0, 278, 1172, 1, 0, 0, 0, 280, 1178, 1, 0, 0, 0, 282, 1182, 1, 0, 0, 0, 284, 1186, 1, 0, 0, 0, 286, 1190, 1, 0, 0, 0, 288, 1194, 1, 0, 0, 0, 290, 1198, 1, 0, 0, 0, 292, 1202, 1, 0, 0, 0, 294, 1206, 1, 0, 0, 0, 296, 1210, 1, 0, 0, 0, 298, 1214, 1, 0, 0, 0, 300, 1219, 1, 0, 0, 0, 302, 1223, 1, 0, 0, 0, 304, 1227, 1, 0, 0, 0, 306, 1231, 1, 0, 0, 0, 308, 1236, 1, 0, 0, 0, 310, 1240, 1, 0, 0, 0, 312, 1244, 1, 0, 0, 0, 314, 1248, 1, 0, 0, 0, 316, 1252, 1, 0, 0, 0, 318, 1256, 1, 0, 0, 0, 320, 1262, 1, 0, 0, 0, 322, 1266, 1, 0, 0, 0, 324, 1270, 1, 0, 0, 0, 326, 1274, 1, 0, 0, 0, 328, 1278, 1, 0, 0, 0, 330, 1282, 1, 0, 0, 0, 332, 1286, 1, 0, 0, 0, 334, 1291, 1, 0, 0, 0, 336, 1295, 1, 0, 0, 0, 338, 1299, 1, 0, 0, 0, 340, 1303, 1, 0, 0, 0, 342, 1307, 1, 0, 0, 0, 344, 1311, 1, 0, 0, 0, 346, 1315, 1, 0, 0, 0, 348, 1320, 1, 0, 0, 0, 350, 1325, 1, 0, 0, 0, 352, 1329, 1, 0, 0, 0, 354, 1333, 1, 0, 0, 0, 356, 1337, 1, 0, 0, 0, 358, 1342, 1, 0, 0, 0, 360, 1352, 1, 0, 0, 0, 362, 1356, 1, 0, 0, 0, 364, 1360, 1, 0, 0, 0, 366, 1364, 1, 0, 0, 0, 368, 1369, 1, 0, 0, 0, 370, 1376, 1, 0, 0, 0, 372, 1380, 1, 0, 0, 0, 374, 1384, 1, 0, 0, 0, 376, 1388, 1, 0, 0, 0, 378, 1392, 1, 0, 0, 0, 380, 1397, 1, 0, 0, 0, 382, 1403, 1, 0, 0, 0, 384, 1409, 1, 0, 0, 0, 386, 1413, 1, 0, 0, 0, 388, 1417, 1, 0, 0, 0, 390, 1421, 1, 0, 0, 0, 392, 1427, 1, 0, 0, 0, 394, 1433, 1, 0, 0, 0, 396, 1437, 1, 0, 0, 0, 398, 1441, 1, 0, 0, 0, 400, 1445, 1, 0, 0, 0, 402, 1451, 1, 0, 0, 0, 404, 1457, 1, 0, 0, 0, 406, 1463, 1, 0, 0, 0, 408, 409, 7, 0, 0, 0, 409, 410, 7, 1, 0, 0, 410, 411, 7, 2, 0, 0, 411, 412, 7, 2, 0, 0, 412, 413, 7, 3, 0, 0, 413, 414, 7, 4, 0, 0, 414, 415, 7, 5, 0, 0, 415, 416, 1, 0, 0, 0, 416, 417, 6, 0, 0, 0, 417, 17, 1, 0, 0, 0, 418, 419, 7, 0, 0, 0, 419, 420, 7, 6, 0, 0, 420, 421, 7, 7, 0, 0, 421, 422, 7, 8, 0, 0, 422, 423, 1, 0, 0, 0, 423, 424, 6, 1, 1, 0, 424, 19, 1, 0, 0, 0, 425, 426, 7, 3, 0, 0, 426, 427, 7, 9, 0, 0, 427, 428, 7, 6, 0, 0, 428, 429, 7, 1, 0, 0, 429, 430, 7, 4, 0, 0, 430, 431, 7, 10, 0, 0, 431, 432, 1, 0, 0, 0, 432, 433, 6, 2, 2, 0, 433, 21, 1, 0, 0, 0, 434, 435, 7, 3, 0, 0, 435, 436, 7, 11, 0, 0, 436, 437, 7, 12, 0, 0, 437, 438, 7, 13, 0, 0, 438, 439, 1, 0, 0, 0, 439, 440, 6, 3, 0, 0, 440, 23, 1, 0, 0, 0, 441, 442, 7, 3, 0, 0, 442, 443, 7, 14, 0, 0, 443, 444, 7, 8, 0, 0, 444, 445, 7, 13, 0, 0, 445, 446, 7, 12, 0, 0, 446, 447, 7, 1, 0, 0, 447, 448, 7, 9, 0, 0, 448, 449, 1, 0, 0, 0, 449, 450, 6, 4, 3, 0, 450, 25, 1, 0, 0, 0, 451, 452, 7, 15, 0, 0, 452, 453, 7, 6, 0, 0, 453, 454, 7, 7, 0, 0, 454, 455, 7, 16, 0, 0, 455, 456, 1, 0, 0, 0, 456, 457, 6, 5, 4, 0, 457, 27, 1, 0, 0, 0, 458, 459, 7, 17, 0, 0, 459, 460, 7, 6, 0, 0, 460, 461, 7, 7, 0, 0, 461, 462, 7, 18, 0, 0, 462, 463, 1, 0, 0, 0, 463, 464, 6, 6, 0, 0, 464, 29, 1, 0, 0, 0, 465, 466, 7, 1, 0, 0, 466, 467, 7, 9, 0, 0, 467, 468, 7, 13, 0, 0, 468, 469, 7, 1, 0, 0, 469, 470, 7, 9, 0, 0, 470, 471, 7, 3, 0, 0, 471, 472, 7, 2, 0, 0, 472, 473, 7, 5, 0, 0, 473, 474, 7, 12, 0, 0, 474, 475, 7, 5, 0, 0, 475, 476, 7, 2, 0, 0, 476, 477, 1, 0, 0, 0, 477, 478, 6, 7, 0, 0, 478, 31, 1, 0, 0, 0, 479, 480, 7, 18, 0, 0, 480, 481, 7, 3, 0, 0, 481, 482, 7, 3, 0, 0, 482, 483, 7, 8, 0, 0, 483, 484, 1, 0, 0, 0, 484, 485, 6, 8, 1, 0, 485, 33, 1, 0, 0, 0, 486, 487, 7, 13, 0, 0, 487, 488, 7, 1, 0, 0, 488, 489, 7, 16, 0, 0, 489, 490, 7, 1, 0, 0, 490, 491, 7, 5, 0, 0, 491, 492, 1, 0, 0, 0, 492, 493, 6, 9, 0, 0, 493, 35, 1, 0, 0, 0, 494, 495, 7, 13, 0, 0, 495, 496, 7, 7, 0, 0, 496, 497, 7, 7, 0, 0, 497, 498, 7, 18, 0, 0, 498, 499, 7, 19, 0, 0, 499, 500, 7, 8, 0, 0, 500, 501, 1, 0, 0, 0, 501, 502, 6, 10, 5, 0, 502, 37, 1, 0, 0, 0, 503, 504, 7, 16, 0, 0, 504, 505, 7, 3, 0, 0, 505, 506, 7, 5, 0, 0, 506, 507, 7, 12, 0, 0, 507, 508, 1, 0, 0, 0, 508, 509, 6, 11, 6, 0, 509, 39, 1, 0, 0, 0, 510, 511, 7, 16, 0, 0, 511, 512, 7, 3, 0, 0, 512, 513, 7, 5, 0, 0, 513, 514, 7, 6, 0, 0, 514, 515, 7, 1, 0, 0, 515, 516, 7, 4, 0, 0, 516, 517, 7, 2, 0, 0, 517, 518, 1, 0, 0, 0, 518, 519, 6, 12, 7, 0, 519, 41, 1, 0, 0, 0, 520, 521, 7, 16, 0, 0, 521, 522, 7, 11, 0, 0, 522, 523, 5, 95, 0, 0, 523, 524, 7, 3, 0, 0, 524, 525, 7, 14, 0, 0, 525, 526, 7, 8, 0, 0, 526, 527, 7, 12, 0, 0, 527, 528, 7, 9, 0, 0, 528, 529, 7, 0, 0, 0, 529, 530, 1, 0, 0, 0, 530, 531, 6, 13, 8, 0, 531, 43, 1, 0, 0, 0, 532, 533, 7, 6, 0, 0, 533, 534, 7, 3, 0, 0, 534, 535, 7, 9, 0, 0, 535, 536, 7, 12, 0, 0, 536, 537, 7, 16, 0, 0, 537, 538, 7, 3, 0, 0, 538, 539, 1, 0, 0, 0, 539, 540, 6, 14, 9, 0, 540, 45, 1, 0, 0, 0, 541, 542, 7, 6, 0, 0, 542, 543, 7, 7, 0, 0, 543, 544, 7, 20, 0, 0, 544, 545, 1, 0, 0, 0, 545, 546, 6, 15, 0, 0, 546, 47, 1, 0, 0, 0, 547, 548, 7, 2, 0, 0, 548, 549, 7, 10, 0, 0, 549, 550, 7, 7, 0, 0, 550, 551, 7, 20, 0, 0, 551, 552, 1, 0, 0, 0, 552, 553, 6, 16, 10, 0, 553, 49, 1, 0, 0, 0, 554, 555, 7, 2, 0, 0, 555, 556, 7, 7, 0, 0, 556, 557, 7, 6, 0, 0, 557, 558, 7, 5, 0, 0, 558, 559, 1, 0, 0, 0, 559, 560, 6, 17, 0, 0, 560, 51, 1, 0, 0, 0, 561, 562, 7, 2, 0, 0, 562, 563, 7, 5, 0, 0, 563, 564, 7, 12, 0, 0, 564, 565, 7, 5, 0, 0, 565, 566, 7, 2, 0, 0, 566, 567, 1, 0, 0, 0, 567, 568, 6, 18, 0, 0, 568, 53, 1, 0, 0, 0, 569, 570, 7, 20, 0, 0, 570, 571, 7, 10, 0, 0, 571, 572, 7, 3, 0, 0, 572, 573, 7, 6, 0, 0, 573, 574, 7, 3, 0, 0, 574, 575, 1, 0, 0, 0, 575, 576, 6, 19, 0, 0, 576, 55, 1, 0, 0, 0, 577, 578, 7, 16, 0, 0, 578, 579, 7, 12, 0, 0, 579, 580, 7, 5, 0, 0, 580, 581, 7, 4, 0, 0, 581, 582, 7, 10, 0, 0, 582, 583, 1, 0, 0, 0, 583, 584, 6, 20, 0, 0, 584, 57, 1, 0, 0, 0, 585, 587, 8, 21, 0, 0, 586, 585, 1, 0, 0, 0, 587, 588, 1, 0, 0, 0, 588, 586, 1, 0, 0, 0, 588, 589, 1, 0, 0, 0, 589, 590, 1, 0, 0, 0, 590, 591, 6, 21, 0, 0, 591, 59, 1, 0, 0, 0, 592, 593, 5, 47, 0, 0, 593, 594, 5, 47, 0, 0, 594, 598, 1, 0, 0, 0, 595, 597, 8, 22, 0, 0, 596, 595, 1, 0, 0, 0, 597, 600, 1, 0, 0, 0, 598, 596, 1, 0, 0, 0, 598, 599, 1, 0, 0, 0, 599, 602, 1, 0, 0, 0, 600, 598, 1, 0, 0, 0, 601, 603, 5, 13, 0, 0, 602, 601, 1, 0, 0, 0, 602, 603, 1, 0, 0, 0, 603, 605, 1, 0, 0, 0, 604, 606, 5, 10, 0, 0, 605, 604, 1, 0, 0, 0, 605, 606, 1, 0, 0, 0, 606, 607, 1, 0, 0, 0, 607, 608, 6, 22, 11, 0, 608, 61, 1, 0, 0, 0, 609, 610, 5, 47, 0, 0, 610, 611, 5, 42, 0, 0, 611, 616, 1, 0, 0, 0, 612, 615, 3, 62, 23, 0, 613, 615, 9, 0, 0, 0, 614, 612, 1, 0, 0, 0, 614, 613, 1, 0, 0, 0, 615, 618, 1, 0, 0, 0, 616, 617, 1, 0, 0, 0, 616, 614, 1, 0, 0, 0, 617, 619, 1, 0, 0, 0, 618, 616, 1, 0, 0, 0, 619, 620, 5, 42, 0, 0, 620, 621, 5, 47, 0, 0, 621, 622, 1, 0, 0, 0, 622, 623, 6, 23, 11, 0, 623, 63, 1, 0, 0, 0, 624, 626, 7, 23, 0, 0, 625, 624, 1, 0, 0, 0, 626, 627, 1, 0, 0, 0, 627, 625, 1, 0, 0, 0, 627, 628, 1, 0, 0, 0, 628, 629, 1, 0, 0, 0, 629, 630, 6, 24, 11, 0, 630, 65, 1, 0, 0, 0, 631, 635, 8, 24, 0, 0, 632, 633, 5, 47, 0, 0, 633, 635, 8, 25, 0, 0, 634, 631, 1, 0, 0, 0, 634, 632, 1, 0, 0, 0, 635, 67, 1, 0, 0, 0, 636, 638, 3, 66, 25, 0, 637, 636, 1, 0, 0, 0, 638, 639, 1, 0, 0, 0, 639, 637, 1, 0, 0, 0, 639, 640, 1, 0, 0, 0, 640, 69, 1, 0, 0, 0, 641, 642, 3, 182, 83, 0, 642, 643, 1, 0, 0, 0, 643, 644, 6, 27, 12, 0, 644, 645, 6, 27, 13, 0, 645, 71, 1, 0, 0, 0, 646, 647, 3, 80, 32, 0, 647, 648, 1, 0, 0, 0, 648, 649, 6, 28, 14, 0, 649, 650, 6, 28, 15, 0, 650, 73, 1, 0, 0, 0, 651, 652, 3, 64, 24, 0, 652, 653, 1, 0, 0, 0, 653, 654, 6, 29, 11, 0, 654, 75, 1, 0, 0, 0, 655, 656, 3, 60, 22, 0, 656, 657, 1, 0, 0, 0, 657, 658, 6, 30, 11, 0, 658, 77, 1, 0, 0, 0, 659, 660, 3, 62, 23, 0, 660, 661, 1, 0, 0, 0, 661, 662, 6, 31, 11, 0, 662, 79, 1, 0, 0, 0, 663, 664, 5, 124, 0, 0, 664, 665, 1, 0, 0, 0, 665, 666, 6, 32, 15, 0, 666, 81, 1, 0, 0, 0, 667, 668, 7, 26, 0, 0, 668, 83, 1, 0, 0, 0, 669, 670, 7, 27, 0, 0, 670, 85, 1, 0, 0, 0, 671, 672, 5, 92, 0, 0, 672, 673, 7, 28, 0, 0, 673, 87, 1, 0, 0, 0, 674, 675, 8, 29, 0, 0, 675, 89, 1, 0, 0, 0, 676, 678, 7, 3, 0, 0, 677, 679, 7, 30, 0, 0, 678, 677, 1, 0, 0, 0, 678, 679, 1, 0, 0, 0, 679, 681, 1, 0, 0, 0, 680, 682, 3, 82, 33, 0, 681, 680, 1, 0, 0, 0, 682, 683, 1, 0, 0, 0, 683, 681, 1, 0, 0, 0, 683, 684, 1, 0, 0, 0, 684, 91, 1, 0, 0, 0, 685, 686, 5, 64, 0, 0, 686, 93, 1, 0, 0, 0, 687, 688, 5, 96, 0, 0, 688, 95, 1, 0, 0, 0, 689, 693, 8, 31, 0, 0, 690, 691, 5, 96, 0, 0, 691, 693, 5, 96, 0, 0, 692, 689, 1, 0, 0, 0, 692, 690, 1, 0, 0, 0, 693, 97, 1, 0, 0, 0, 694, 695, 5, 95, 0, 0, 695, 99, 1, 0, 0, 0, 696, 700, 3, 84, 34, 0, 697, 700, 3, 82, 33, 0, 698, 700, 3, 98, 41, 0, 699, 696, 1, 0, 0, 0, 699, 697, 1, 0, 0, 0, 699, 698, 1, 0, 0, 0, 700, 101, 1, 0, 0, 0, 701, 706, 5, 34, 0, 0, 702, 705, 3, 86, 35, 0, 703, 705, 3, 88, 36, 0, 704, 702, 1, 0, 0, 0, 704, 703, 1, 0, 0, 0, 705, 708, 1, 0, 0, 0, 706, 704, 1, 0, 0, 0, 706, 707, 1, 0, 0, 0, 707, 709, 1, 0, 0, 0, 708, 706, 1, 0, 0, 0, 709, 731, 5, 34, 0, 0, 710, 711, 5, 34, 0, 0, 711, 712, 5, 34, 0, 0, 712, 713, 5, 34, 0, 0, 713, 717, 1, 0, 0, 0, 714, 716, 8, 22, 0, 0, 715, 714, 1, 0, 0, 0, 716, 719, 1, 0, 0, 0, 717, 718, 1, 0, 0, 0, 717, 715, 1, 0, 0, 0, 718, 720, 1, 0, 0, 0, 719, 717, 1, 0, 0, 0, 720, 721, 5, 34, 0, 0, 721, 722, 5, 34, 0, 0, 722, 723, 5, 34, 0, 0, 723, 725, 1, 0, 0, 0, 724, 726, 5, 34, 0, 0, 725, 724, 1, 0, 0, 0, 725, 726, 1, 0, 0, 0, 726, 728, 1, 0, 0, 0, 727, 729, 5, 34, 0, 0, 728, 727, 1, 0, 0, 0, 728, 729, 1, 0, 0, 0, 729, 731, 1, 0, 0, 0, 730, 701, 1, 0, 0, 0, 730, 710, 1, 0, 0, 0, 731, 103, 1, 0, 0, 0, 732, 734, 3, 82, 33, 0, 733, 732, 1, 0, 0, 0, 734, 735, 1, 0, 0, 0, 735, 733, 1, 0, 0, 0, 735, 736, 1, 0, 0, 0, 736, 105, 1, 0, 0, 0, 737, 739, 3, 82, 33, 0, 738, 737, 1, 0, 0, 0, 739, 740, 1, 0, 0, 0, 740, 738, 1, 0, 0, 0, 740, 741, 1, 0, 0, 0, 741, 742, 1, 0, 0, 0, 742, 746, 3, 122, 53, 0, 743, 745, 3, 82, 33, 0, 744, 743, 1, 0, 0, 0, 745, 748, 1, 0, 0, 0, 746, 744, 1, 0, 0, 0, 746, 747, 1, 0, 0, 0, 747, 780, 1, 0, 0, 0, 748, 746, 1, 0, 0, 0, 749, 751, 3, 122, 53, 0, 750, 752, 3, 82, 33, 0, 751, 750, 1, 0, 0, 0, 752, 753, 1, 0, 0, 0, 753, 751, 1, 0, 0, 0, 753, 754, 1, 0, 0, 0, 754, 780, 1, 0, 0, 0, 755, 757, 3, 82, 33, 0, 756, 755, 1, 0, 0, 0, 757, 758, 1, 0, 0, 0, 758, 756, 1, 0, 0, 0, 758, 759, 1, 0, 0, 0, 759, 767, 1, 0, 0, 0, 760, 764, 3, 122, 53, 0, 761, 763, 3, 82, 33, 0, 762, 761, 1, 0, 0, 0, 763, 766, 1, 0, 0, 0, 764, 762, 1, 0, 0, 0, 764, 765, 1, 0, 0, 0, 765, 768, 1, 0, 0, 0, 766, 764, 1, 0, 0, 0, 767, 760, 1, 0, 0, 0, 767, 768, 1, 0, 0, 0, 768, 769, 1, 0, 0, 0, 769, 770, 3, 90, 37, 0, 770, 780, 1, 0, 0, 0, 771, 773, 3, 122, 53, 0, 772, 774, 3, 82, 33, 0, 773, 772, 1, 0, 0, 0, 774, 775, 1, 0, 0, 0, 775, 773, 1, 0, 0, 0, 775, 776, 1, 0, 0, 0, 776, 777, 1, 0, 0, 0, 777, 778, 3, 90, 37, 0, 778, 780, 1, 0, 0, 0, 779, 738, 1, 0, 0, 0, 779, 749, 1, 0, 0, 0, 779, 756, 1, 0, 0, 0, 779, 771, 1, 0, 0, 0, 780, 107, 1, 0, 0, 0, 781, 782, 7, 32, 0, 0, 782, 783, 7, 33, 0, 0, 783, 109, 1, 0, 0, 0, 784, 785, 7, 12, 0, 0, 785, 786, 7, 9, 0, 0, 786, 787, 7, 0, 0, 0, 787, 111, 1, 0, 0, 0, 788, 789, 7, 12, 0, 0, 789, 790, 7, 2, 0, 0, 790, 791, 7, 4, 0, 0, 791, 113, 1, 0, 0, 0, 792, 793, 5, 61, 0, 0, 793, 115, 1, 0, 0, 0, 794, 795, 5, 58, 0, 0, 795, 796, 5, 58, 0, 0, 796, 117, 1, 0, 0, 0, 797, 798, 5, 44, 0, 0, 798, 119, 1, 0, 0, 0, 799, 800, 7, 0, 0, 0, 800, 801, 7, 3, 0, 0, 801, 802, 7, 2, 0, 0, 802, 803, 7, 4, 0, 0, 803, 121, 1, 0, 0, 0, 804, 805, 5, 46, 0, 0, 805, 123, 1, 0, 0, 0, 806, 807, 7, 15, 0, 0, 807, 808, 7, 12, 0, 0, 808, 809, 7, 13, 0, 0, 809, 810, 7, 2, 0, 0, 810, 811, 7, 3, 0, 0, 811, 125, 1, 0, 0, 0, 812, 813, 7, 15, 0, 0, 813, 814, 7, 1, 0, 0, 814, 815, 7, 6, 0, 0, 815, 816, 7, 2, 0, 0, 816, 817, 7, 5, 0, 0, 817, 127, 1, 0, 0, 0, 818, 819, 7, 1, 0, 0, 819, 820, 7, 9, 0, 0, 820, 129, 1, 0, 0, 0, 821, 822, 7, 1, 0, 0, 822, 823, 7, 2, 0, 0, 823, 131, 1, 0, 0, 0, 824, 825, 7, 13, 0, 0, 825, 826, 7, 12, 0, 0, 826, 827, 7, 2, 0, 0, 827, 828, 7, 5, 0, 0, 828, 133, 1, 0, 0, 0, 829, 830, 7, 13, 0, 0, 830, 831, 7, 1, 0, 0, 831, 832, 7, 18, 0, 0, 832, 833, 7, 3, 0, 0, 833, 135, 1, 0, 0, 0, 834, 835, 5, 40, 0, 0, 835, 137, 1, 0, 0, 0, 836, 837, 7, 16, 0, 0, 837, 838, 7, 12, 0, 0, 838, 839, 7, 5, 0, 0, 839, 840, 7, 4, 0, 0, 840, 841, 7, 10, 0, 0, 841, 139, 1, 0, 0, 0, 842, 843, 7, 9, 0, 0, 843, 844, 7, 7, 0, 0, 844, 845, 7, 5, 0, 0, 845, 141, 1, 0, 0, 0, 846, 847, 7, 9, 0, 0, 847, 848, 7, 19, 0, 0, 848, 849, 7, 13, 0, 0, 849, 850, 7, 13, 0, 0, 850, 143, 1, 0, 0, 0, 851, 852, 7, 9, 0, 0, 852, 853, 7, 19, 0, 0, 853, 854, 7, 13, 0, 0, 854, 855, 7, 13, 0, 0, 855, 856, 7, 2, 0, 0, 856, 145, 1, 0, 0, 0, 857, 858, 7, 7, 0, 0, 858, 859, 7, 6, 0, 0, 859, 147, 1, 0, 0, 0, 860, 861, 5, 63, 0, 0, 861, 149, 1, 0, 0, 0, 862, 863, 7, 6, 0, 0, 863, 864, 7, 13, 0, 0, 864, 865, 7, 1, 0, 0, 865, 866, 7, 18, 0, 0, 866, 867, 7, 3, 0, 0, 867, 151, 1, 0, 0, 0, 868, 869, 5, 41, 0, 0, 869, 153, 1, 0, 0, 0, 870, 871, 7, 5, 0, 0, 871, 872, 7, 6, 0, 0, 872, 873, 7, 19, 0, 0, 873, 874, 7, 3, 0, 0, 874, 155, 1, 0, 0, 0, 875, 876, 5, 61, 0, 0, 876, 877, 5, 61, 0, 0, 877, 157, 1, 0, 0, 0, 878, 879, 5, 61, 0, 0, 879, 880, 5, 126, 0, 0, 880, 159, 1, 0, 0, 0, 881, 882, 5, 33, 0, 0, 882, 883, 5, 61, 0, 0, 883, 161, 1, 0, 0, 0, 884, 885, 5, 60, 0, 0, 885, 163, 1, 0, 0, 0, 886, 887, 5, 60, 0, 0, 887, 888, 5, 61, 0, 0, 888, 165, 1, 0, 0, 0, 889, 890, 5, 62, 0, 0, 890, 167, 1, 0, 0, 0, 891, 892, 5, 62, 0, 0, 892, 893, 5, 61, 0, 0, 893, 169, 1, 0, 0, 0, 894, 895, 5, 43, 0, 0, 895, 171, 1, 0, 0, 0, 896, 897, 5, 45, 0, 0, 897, 173, 1, 0, 0, 0, 898, 899, 5, 42, 0, 0, 899, 175, 1, 0, 0, 0, 900, 901, 5, 47, 0, 0, 901, 177, 1, 0, 0, 0, 902, 903, 5, 37, 0, 0, 903, 179, 1, 0, 0, 0, 904, 905, 3, 148, 66, 0, 905, 909, 3, 84, 34, 0, 906, 908, 3, 100, 42, 0, 907, 906, 1, 0, 0, 0, 908, 911, 1, 0, 0, 0, 909, 907, 1, 0, 0, 0, 909, 910, 1, 0, 0, 0, 910, 919, 1, 0, 0, 0, 911, 909, 1, 0, 0, 0, 912, 914, 3, 148, 66, 0, 913, 915, 3, 82, 33, 0, 914, 913, 1, 0, 0, 0, 915, 916, 1, 0, 0, 0, 916, 914, 1, 0, 0, 0, 916, 917, 1, 0, 0, 0, 917, 919, 1, 0, 0, 0, 918, 904, 1, 0, 0, 0, 918, 912, 1, 0, 0, 0, 919, 181, 1, 0, 0, 0, 920, 921, 5, 91, 0, 0, 921, 922, 1, 0, 0, 0, 922, 923, 6, 83, 0, 0, 923, 924, 6, 83, 0, 0, 924, 183, 1, 0, 0, 0, 925, 926, 5, 93, 0, 0, 926, 927, 1, 0, 0, 0, 927, 928, 6, 84, 15, 0, 928, 929, 6, 84, 15, 0, 929, 185, 1, 0, 0, 0, 930, 934, 3, 84, 34, 0, 931, 933, 3, 100, 42, 0, 932, 931, 1, 0, 0, 0, 933, 936, 1, 0, 0, 0, 934, 932, 1, 0, 0, 0, 934, 935, 1, 0, 0, 0, 935, 947, 1, 0, 0, 0, 936, 934, 1, 0, 0, 0, 937, 940, 3, 98, 41, 0, 938, 940, 3, 92, 38, 0, 939, 937, 1, 0, 0, 0, 939, 938, 1, 0, 0, 0, 940, 942, 1, 0, 0, 0, 941, 943, 3, 100, 42, 0, 942, 941, 1, 0, 0, 0, 943, 944, 1, 0, 0, 0, 944, 942, 1, 0, 0, 0, 944, 945, 1, 0, 0, 0, 945, 947, 1, 0, 0, 0, 946, 930, 1, 0, 0, 0, 946, 939, 1, 0, 0, 0, 947, 187, 1, 0, 0, 0, 948, 950, 3, 94, 39, 0, 949, 951, 3, 96, 40, 0, 950, 949, 1, 0, 0, 0, 951, 952, 1, 0, 0, 0, 952, 950, 1, 0, 0, 0, 952, 953, 1, 0, 0, 0, 953, 954, 1, 0, 0, 0, 954, 955, 3, 94, 39, 0, 955, 189, 1, 0, 0, 0, 956, 957, 3, 188, 86, 0, 957, 191, 1, 0, 0, 0, 958, 959, 3, 60, 22, 0, 959, 960, 1, 0, 0, 0, 960, 961, 6, 88, 11, 0, 961, 193, 1, 0, 0, 0, 962, 963, 3, 62, 23, 0, 963, 964, 1, 0, 0, 0, 964, 965, 6, 89, 11, 0, 965, 195, 1, 0, 0, 0, 966, 967, 3, 64, 24, 0, 967, 968, 1, 0, 0, 0, 968, 969, 6, 90, 11, 0, 969, 197, 1, 0, 0, 0, 970, 971, 3, 80, 32, 0, 971, 972, 1, 0, 0, 0, 972, 973, 6, 91, 14, 0, 973, 974, 6, 91, 15, 0, 974, 199, 1, 0, 0, 0, 975, 976, 3, 182, 83, 0, 976, 977, 1, 0, 0, 0, 977, 978, 6, 92, 12, 0, 978, 201, 1, 0, 0, 0, 979, 980, 3, 184, 84, 0, 980, 981, 1, 0, 0, 0, 981, 982, 6, 93, 16, 0, 982, 203, 1, 0, 0, 0, 983, 984, 3, 368, 176, 0, 984, 985, 1, 0, 0, 0, 985, 986, 6, 94, 17, 0, 986, 205, 1, 0, 0, 0, 987, 988, 3, 118, 51, 0, 988, 989, 1, 0, 0, 0, 989, 990, 6, 95, 18, 0, 990, 207, 1, 0, 0, 0, 991, 992, 3, 114, 49, 0, 992, 993, 1, 0, 0, 0, 993, 994, 6, 96, 19, 0, 994, 209, 1, 0, 0, 0, 995, 996, 7, 16, 0, 0, 996, 997, 7, 3, 0, 0, 997, 998, 7, 5, 0, 0, 998, 999, 7, 12, 0, 0, 999, 1000, 7, 0, 0, 0, 1000, 1001, 7, 12, 0, 0, 1001, 1002, 7, 5, 0, 0, 1002, 1003, 7, 12, 0, 0, 1003, 211, 1, 0, 0, 0, 1004, 1005, 3, 68, 26, 0, 1005, 1006, 1, 0, 0, 0, 1006, 1007, 6, 98, 20, 0, 1007, 213, 1, 0, 0, 0, 1008, 1009, 3, 102, 43, 0, 1009, 1010, 1, 0, 0, 0, 1010, 1011, 6, 99, 21, 0, 1011, 215, 1, 0, 0, 0, 1012, 1013, 3, 60, 22, 0, 1013, 1014, 1, 0, 0, 0, 1014, 1015, 6, 100, 11, 0, 1015, 217, 1, 0, 0, 0, 1016, 1017, 3, 62, 23, 0, 1017, 1018, 1, 0, 0, 0, 1018, 1019, 6, 101, 11, 0, 1019, 219, 1, 0, 0, 0, 1020, 1021, 3, 64, 24, 0, 1021, 1022, 1, 0, 0, 0, 1022, 1023, 6, 102, 11, 0, 1023, 221, 1, 0, 0, 0, 1024, 1025, 3, 80, 32, 0, 1025, 1026, 1, 0, 0, 0, 1026, 1027, 6, 103, 14, 0, 1027, 1028, 6, 103, 15, 0, 1028, 223, 1, 0, 0, 0, 1029, 1030, 3, 122, 53, 0, 1030, 1031, 1, 0, 0, 0, 1031, 1032, 6, 104, 22, 0, 1032, 225, 1, 0, 0, 0, 1033, 1034, 3, 118, 51, 0, 1034, 1035, 1, 0, 0, 0, 1035, 1036, 6, 105, 18, 0, 1036, 227, 1, 0, 0, 0, 1037, 1042, 3, 84, 34, 0, 1038, 1042, 3, 82, 33, 0, 1039, 1042, 3, 98, 41, 0, 1040, 1042, 3, 174, 79, 0, 1041, 1037, 1, 0, 0, 0, 1041, 1038, 1, 0, 0, 0, 1041, 1039, 1, 0, 0, 0, 1041, 1040, 1, 0, 0, 0, 1042, 229, 1, 0, 0, 0, 1043, 1046, 3, 84, 34, 0, 1044, 1046, 3, 174, 79, 0, 1045, 1043, 1, 0, 0, 0, 1045, 1044, 1, 0, 0, 0, 1046, 1050, 1, 0, 0, 0, 1047, 1049, 3, 228, 106, 0, 1048, 1047, 1, 0, 0, 0, 1049, 1052, 1, 0, 0, 0, 1050, 1048, 1, 0, 0, 0, 1050, 1051, 1, 0, 0, 0, 1051, 1063, 1, 0, 0, 0, 1052, 1050, 1, 0, 0, 0, 1053, 1056, 3, 98, 41, 0, 1054, 1056, 3, 92, 38, 0, 1055, 1053, 1, 0, 0, 0, 1055, 1054, 1, 0, 0, 0, 1056, 1058, 1, 0, 0, 0, 1057, 1059, 3, 228, 106, 0, 1058, 1057, 1, 0, 0, 0, 1059, 1060, 1, 0, 0, 0, 1060, 1058, 1, 0, 0, 0, 1060, 1061, 1, 0, 0, 0, 1061, 1063, 1, 0, 0, 0, 1062, 1045, 1, 0, 0, 0, 1062, 1055, 1, 0, 0, 0, 1063, 231, 1, 0, 0, 0, 1064, 1067, 3, 230, 107, 0, 1065, 1067, 3, 188, 86, 0, 1066, 1064, 1, 0, 0, 0, 1066, 1065, 1, 0, 0, 0, 1067, 1068, 1, 0, 0, 0, 1068, 1066, 1, 0, 0, 0, 1068, 1069, 1, 0, 0, 0, 1069, 233, 1, 0, 0, 0, 1070, 1071, 3, 60, 22, 0, 1071, 1072, 1, 0, 0, 0, 1072, 1073, 6, 109, 11, 0, 1073, 235, 1, 0, 0, 0, 1074, 1075, 3, 62, 23, 0, 1075, 1076, 1, 0, 0, 0, 1076, 1077, 6, 110, 11, 0, 1077, 237, 1, 0, 0, 0, 1078, 1079, 3, 64, 24, 0, 1079, 1080, 1, 0, 0, 0, 1080, 1081, 6, 111, 11, 0, 1081, 239, 1, 0, 0, 0, 1082, 1083, 3, 80, 32, 0, 1083, 1084, 1, 0, 0, 0, 1084, 1085, 6, 112, 14, 0, 1085, 1086, 6, 112, 15, 0, 1086, 241, 1, 0, 0, 0, 1087, 1088, 3, 114, 49, 0, 1088, 1089, 1, 0, 0, 0, 1089, 1090, 6, 113, 19, 0, 1090, 243, 1, 0, 0, 0, 1091, 1092, 3, 118, 51, 0, 1092, 1093, 1, 0, 0, 0, 1093, 1094, 6, 114, 18, 0, 1094, 245, 1, 0, 0, 0, 1095, 1096, 3, 122, 53, 0, 1096, 1097, 1, 0, 0, 0, 1097, 1098, 6, 115, 22, 0, 1098, 247, 1, 0, 0, 0, 1099, 1100, 7, 12, 0, 0, 1100, 1101, 7, 2, 0, 0, 1101, 249, 1, 0, 0, 0, 1102, 1103, 3, 232, 108, 0, 1103, 1104, 1, 0, 0, 0, 1104, 1105, 6, 117, 23, 0, 1105, 251, 1, 0, 0, 0, 1106, 1107, 3, 60, 22, 0, 1107, 1108, 1, 0, 0, 0, 1108, 1109, 6, 118, 11, 0, 1109, 253, 1, 0, 0, 0, 1110, 1111, 3, 62, 23, 0, 1111, 1112, 1, 0, 0, 0, 1112, 1113, 6, 119, 11, 0, 1113, 255, 1, 0, 0, 0, 1114, 1115, 3, 64, 24, 0, 1115, 1116, 1, 0, 0, 0, 1116, 1117, 6, 120, 11, 0, 1117, 257, 1, 0, 0, 0, 1118, 1119, 3, 80, 32, 0, 1119, 1120, 1, 0, 0, 0, 1120, 1121, 6, 121, 14, 0, 1121, 1122, 6, 121, 15, 0, 1122, 259, 1, 0, 0, 0, 1123, 1124, 3, 182, 83, 0, 1124, 1125, 1, 0, 0, 0, 1125, 1126, 6, 122, 12, 0, 1126, 1127, 6, 122, 24, 0, 1127, 261, 1, 0, 0, 0, 1128, 1129, 7, 7, 0, 0, 1129, 1130, 7, 9, 0, 0, 1130, 1131, 1, 0, 0, 0, 1131, 1132, 6, 123, 25, 0, 1132, 263, 1, 0, 0, 0, 1133, 1134, 7, 20, 0, 0, 1134, 1135, 7, 1, 0, 0, 1135, 1136, 7, 5, 0, 0, 1136, 1137, 7, 10, 0, 0, 1137, 1138, 1, 0, 0, 0, 1138, 1139, 6, 124, 25, 0, 1139, 265, 1, 0, 0, 0, 1140, 1141, 8, 34, 0, 0, 1141, 267, 1, 0, 0, 0, 1142, 1144, 3, 266, 125, 0, 1143, 1142, 1, 0, 0, 0, 1144, 1145, 1, 0, 0, 0, 1145, 1143, 1, 0, 0, 0, 1145, 1146, 1, 0, 0, 0, 1146, 1147, 1, 0, 0, 0, 1147, 1148, 3, 368, 176, 0, 1148, 1150, 1, 0, 0, 0, 1149, 1143, 1, 0, 0, 0, 1149, 1150, 1, 0, 0, 0, 1150, 1152, 1, 0, 0, 0, 1151, 1153, 3, 266, 125, 0, 1152, 1151, 1, 0, 0, 0, 1153, 1154, 1, 0, 0, 0, 1154, 1152, 1, 0, 0, 0, 1154, 1155, 1, 0, 0, 0, 1155, 269, 1, 0, 0, 0, 1156, 1157, 3, 268, 126, 0, 1157, 1158, 1, 0, 0, 0, 1158, 1159, 6, 127, 26, 0, 1159, 271, 1, 0, 0, 0, 1160, 1161, 3, 60, 22, 0, 1161, 1162, 1, 0, 0, 0, 1162, 1163, 6, 128, 11, 0, 1163, 273, 1, 0, 0, 0, 1164, 1165, 3, 62, 23, 0, 1165, 1166, 1, 0, 0, 0, 1166, 1167, 6, 129, 11, 0, 1167, 275, 1, 0, 0, 0, 1168, 1169, 3, 64, 24, 0, 1169, 1170, 1, 0, 0, 0, 1170, 1171, 6, 130, 11, 0, 1171, 277, 1, 0, 0, 0, 1172, 1173, 3, 80, 32, 0, 1173, 1174, 1, 0, 0, 0, 1174, 1175, 6, 131, 14, 0, 1175, 1176, 6, 131, 15, 0, 1176, 1177, 6, 131, 15, 0, 1177, 279, 1, 0, 0, 0, 1178, 1179, 3, 114, 49, 0, 1179, 1180, 1, 0, 0, 0, 1180, 1181, 6, 132, 19, 0, 1181, 281, 1, 0, 0, 0, 1182, 1183, 3, 118, 51, 0, 1183, 1184, 1, 0, 0, 0, 1184, 1185, 6, 133, 18, 0, 1185, 283, 1, 0, 0, 0, 1186, 1187, 3, 122, 53, 0, 1187, 1188, 1, 0, 0, 0, 1188, 1189, 6, 134, 22, 0, 1189, 285, 1, 0, 0, 0, 1190, 1191, 3, 264, 124, 0, 1191, 1192, 1, 0, 0, 0, 1192, 1193, 6, 135, 27, 0, 1193, 287, 1, 0, 0, 0, 1194, 1195, 3, 232, 108, 0, 1195, 1196, 1, 0, 0, 0, 1196, 1197, 6, 136, 23, 0, 1197, 289, 1, 0, 0, 0, 1198, 1199, 3, 190, 87, 0, 1199, 1200, 1, 0, 0, 0, 1200, 1201, 6, 137, 28, 0, 1201, 291, 1, 0, 0, 0, 1202, 1203, 3, 60, 22, 0, 1203, 1204, 1, 0, 0, 0, 1204, 1205, 6, 138, 11, 0, 1205, 293, 1, 0, 0, 0, 1206, 1207, 3, 62, 23, 0, 1207, 1208, 1, 0, 0, 0, 1208, 1209, 6, 139, 11, 0, 1209, 295, 1, 0, 0, 0, 1210, 1211, 3, 64, 24, 0, 1211, 1212, 1, 0, 0, 0, 1212, 1213, 6, 140, 11, 0, 1213, 297, 1, 0, 0, 0, 1214, 1215, 3, 80, 32, 0, 1215, 1216, 1, 0, 0, 0, 1216, 1217, 6, 141, 14, 0, 1217, 1218, 6, 141, 15, 0, 1218, 299, 1, 0, 0, 0, 1219, 1220, 3, 368, 176, 0, 1220, 1221, 1, 0, 0, 0, 1221, 1222, 6, 142, 17, 0, 1222, 301, 1, 0, 0, 0, 1223, 1224, 3, 118, 51, 0, 1224, 1225, 1, 0, 0, 0, 1225, 1226, 6, 143, 18, 0, 1226, 303, 1, 0, 0, 0, 1227, 1228, 3, 122, 53, 0, 1228, 1229, 1, 0, 0, 0, 1229, 1230, 6, 144, 22, 0, 1230, 305, 1, 0, 0, 0, 1231, 1232, 3, 262, 123, 0, 1232, 1233, 1, 0, 0, 0, 1233, 1234, 6, 145, 29, 0, 1234, 1235, 6, 145, 30, 0, 1235, 307, 1, 0, 0, 0, 1236, 1237, 3, 68, 26, 0, 1237, 1238, 1, 0, 0, 0, 1238, 1239, 6, 146, 20, 0, 1239, 309, 1, 0, 0, 0, 1240, 1241, 3, 102, 43, 0, 1241, 1242, 1, 0, 0, 0, 1242, 1243, 6, 147, 21, 0, 1243, 311, 1, 0, 0, 0, 1244, 1245, 3, 60, 22, 0, 1245, 1246, 1, 0, 0, 0, 1246, 1247, 6, 148, 11, 0, 1247, 313, 1, 0, 0, 0, 1248, 1249, 3, 62, 23, 0, 1249, 1250, 1, 0, 0, 0, 1250, 1251, 6, 149, 11, 0, 1251, 315, 1, 0, 0, 0, 1252, 1253, 3, 64, 24, 0, 1253, 1254, 1, 0, 0, 0, 1254, 1255, 6, 150, 11, 0, 1255, 317, 1, 0, 0, 0, 1256, 1257, 3, 80, 32, 0, 1257, 1258, 1, 0, 0, 0, 1258, 1259, 6, 151, 14, 0, 1259, 1260, 6, 151, 15, 0, 1260, 1261, 6, 151, 15, 0, 1261, 319, 1, 0, 0, 0, 1262, 1263, 3, 118, 51, 0, 1263, 1264, 1, 0, 0, 0, 1264, 1265, 6, 152, 18, 0, 1265, 321, 1, 0, 0, 0, 1266, 1267, 3, 122, 53, 0, 1267, 1268, 1, 0, 0, 0, 1268, 1269, 6, 153, 22, 0, 1269, 323, 1, 0, 0, 0, 1270, 1271, 3, 232, 108, 0, 1271, 1272, 1, 0, 0, 0, 1272, 1273, 6, 154, 23, 0, 1273, 325, 1, 0, 0, 0, 1274, 1275, 3, 60, 22, 0, 1275, 1276, 1, 0, 0, 0, 1276, 1277, 6, 155, 11, 0, 1277, 327, 1, 0, 0, 0, 1278, 1279, 3, 62, 23, 0, 1279, 1280, 1, 0, 0, 0, 1280, 1281, 6, 156, 11, 0, 1281, 329, 1, 0, 0, 0, 1282, 1283, 3, 64, 24, 0, 1283, 1284, 1, 0, 0, 0, 1284, 1285, 6, 157, 11, 0, 1285, 331, 1, 0, 0, 0, 1286, 1287, 3, 80, 32, 0, 1287, 1288, 1, 0, 0, 0, 1288, 1289, 6, 158, 14, 0, 1289, 1290, 6, 158, 15, 0, 1290, 333, 1, 0, 0, 0, 1291, 1292, 3, 122, 53, 0, 1292, 1293, 1, 0, 0, 0, 1293, 1294, 6, 159, 22, 0, 1294, 335, 1, 0, 0, 0, 1295, 1296, 3, 190, 87, 0, 1296, 1297, 1, 0, 0, 0, 1297, 1298, 6, 160, 28, 0, 1298, 337, 1, 0, 0, 0, 1299, 1300, 3, 186, 85, 0, 1300, 1301, 1, 0, 0, 0, 1301, 1302, 6, 161, 31, 0, 1302, 339, 1, 0, 0, 0, 1303, 1304, 3, 60, 22, 0, 1304, 1305, 1, 0, 0, 0, 1305, 1306, 6, 162, 11, 0, 1306, 341, 1, 0, 0, 0, 1307, 1308, 3, 62, 23, 0, 1308, 1309, 1, 0, 0, 0, 1309, 1310, 6, 163, 11, 0, 1310, 343, 1, 0, 0, 0, 1311, 1312, 3, 64, 24, 0, 1312, 1313, 1, 0, 0, 0, 1313, 1314, 6, 164, 11, 0, 1314, 345, 1, 0, 0, 0, 1315, 1316, 3, 80, 32, 0, 1316, 1317, 1, 0, 0, 0, 1317, 1318, 6, 165, 14, 0, 1318, 1319, 6, 165, 15, 0, 1319, 347, 1, 0, 0, 0, 1320, 1321, 7, 1, 0, 0, 1321, 1322, 7, 9, 0, 0, 1322, 1323, 7, 15, 0, 0, 1323, 1324, 7, 7, 0, 0, 1324, 349, 1, 0, 0, 0, 1325, 1326, 3, 60, 22, 0, 1326, 1327, 1, 0, 0, 0, 1327, 1328, 6, 167, 11, 0, 1328, 351, 1, 0, 0, 0, 1329, 1330, 3, 62, 23, 0, 1330, 1331, 1, 0, 0, 0, 1331, 1332, 6, 168, 11, 0, 1332, 353, 1, 0, 0, 0, 1333, 1334, 3, 64, 24, 0, 1334, 1335, 1, 0, 0, 0, 1335, 1336, 6, 169, 11, 0, 1336, 355, 1, 0, 0, 0, 1337, 1338, 3, 80, 32, 0, 1338, 1339, 1, 0, 0, 0, 1339, 1340, 6, 170, 14, 0, 1340, 1341, 6, 170, 15, 0, 1341, 357, 1, 0, 0, 0, 1342, 1343, 7, 15, 0, 0, 1343, 1344, 7, 19, 0, 0, 1344, 1345, 7, 9, 0, 0, 1345, 1346, 7, 4, 0, 0, 1346, 1347, 7, 5, 0, 0, 1347, 1348, 7, 1, 0, 0, 1348, 1349, 7, 7, 0, 0, 1349, 1350, 7, 9, 0, 0, 1350, 1351, 7, 2, 0, 0, 1351, 359, 1, 0, 0, 0, 1352, 1353, 3, 60, 22, 0, 1353, 1354, 1, 0, 0, 0, 1354, 1355, 6, 172, 11, 0, 1355, 361, 1, 0, 0, 0, 1356, 1357, 3, 62, 23, 0, 1357, 1358, 1, 0, 0, 0, 1358, 1359, 6, 173, 11, 0, 1359, 363, 1, 0, 0, 0, 1360, 1361, 3, 64, 24, 0, 1361, 1362, 1, 0, 0, 0, 1362, 1363, 6, 174, 11, 0, 1363, 365, 1, 0, 0, 0, 1364, 1365, 3, 184, 84, 0, 1365, 1366, 1, 0, 0, 0, 1366, 1367, 6, 175, 16, 0, 1367, 1368, 6, 175, 15, 0, 1368, 367, 1, 0, 0, 0, 1369, 1370, 5, 58, 0, 0, 1370, 369, 1, 0, 0, 0, 1371, 1377, 3, 92, 38, 0, 1372, 1377, 3, 82, 33, 0, 1373, 1377, 3, 122, 53, 0, 1374, 1377, 3, 84, 34, 0, 1375, 1377, 3, 98, 41, 0, 1376, 1371, 1, 0, 0, 0, 1376, 1372, 1, 0, 0, 0, 1376, 1373, 1, 0, 0, 0, 1376, 1374, 1, 0, 0, 0, 1376, 1375, 1, 0, 0, 0, 1377, 1378, 1, 0, 0, 0, 1378, 1376, 1, 0, 0, 0, 1378, 1379, 1, 0, 0, 0, 1379, 371, 1, 0, 0, 0, 1380, 1381, 3, 60, 22, 0, 1381, 1382, 1, 0, 0, 0, 1382, 1383, 6, 178, 11, 0, 1383, 373, 1, 0, 0, 0, 1384, 1385, 3, 62, 23, 0, 1385, 1386, 1, 0, 0, 0, 1386, 1387, 6, 179, 11, 0, 1387, 375, 1, 0, 0, 0, 1388, 1389, 3, 64, 24, 0, 1389, 1390, 1, 0, 0, 0, 1390, 1391, 6, 180, 11, 0, 1391, 377, 1, 0, 0, 0, 1392, 1393, 3, 80, 32, 0, 1393, 1394, 1, 0, 0, 0, 1394, 1395, 6, 181, 14, 0, 1395, 1396, 6, 181, 15, 0, 1396, 379, 1, 0, 0, 0, 1397, 1398, 3, 68, 26, 0, 1398, 1399, 1, 0, 0, 0, 1399, 1400, 6, 182, 20, 0, 1400, 1401, 6, 182, 15, 0, 1401, 1402, 6, 182, 32, 0, 1402, 381, 1, 0, 0, 0, 1403, 1404, 3, 102, 43, 0, 1404, 1405, 1, 0, 0, 0, 1405, 1406, 6, 183, 21, 0, 1406, 1407, 6, 183, 15, 0, 1407, 1408, 6, 183, 32, 0, 1408, 383, 1, 0, 0, 0, 1409, 1410, 3, 60, 22, 0, 1410, 1411, 1, 0, 0, 0, 1411, 1412, 6, 184, 11, 0, 1412, 385, 1, 0, 0, 0, 1413, 1414, 3, 62, 23, 0, 1414, 1415, 1, 0, 0, 0, 1415, 1416, 6, 185, 11, 0, 1416, 387, 1, 0, 0, 0, 1417, 1418, 3, 64, 24, 0, 1418, 1419, 1, 0, 0, 0, 1419, 1420, 6, 186, 11, 0, 1420, 389, 1, 0, 0, 0, 1421, 1422, 3, 368, 176, 0, 1422, 1423, 1, 0, 0, 0, 1423, 1424, 6, 187, 17, 0, 1424, 1425, 6, 187, 15, 0, 1425, 1426, 6, 187, 7, 0, 1426, 391, 1, 0, 0, 0, 1427, 1428, 3, 118, 51, 0, 1428, 1429, 1, 0, 0, 0, 1429, 1430, 6, 188, 18, 0, 1430, 1431, 6, 188, 15, 0, 1431, 1432, 6, 188, 7, 0, 1432, 393, 1, 0, 0, 0, 1433, 1434, 3, 60, 22, 0, 1434, 1435, 1, 0, 0, 0, 1435, 1436, 6, 189, 11, 0, 1436, 395, 1, 0, 0, 0, 1437, 1438, 3, 62, 23, 0, 1438, 1439, 1, 0, 0, 0, 1439, 1440, 6, 190, 11, 0, 1440, 397, 1, 0, 0, 0, 1441, 1442, 3, 64, 24, 0, 1442, 1443, 1, 0, 0, 0, 1443, 1444, 6, 191, 11, 0, 1444, 399, 1, 0, 0, 0, 1445, 1446, 3, 190, 87, 0, 1446, 1447, 1, 0, 0, 0, 1447, 1448, 6, 192, 15, 0, 1448, 1449, 6, 192, 0, 0, 1449, 1450, 6, 192, 28, 0, 1450, 401, 1, 0, 0, 0, 1451, 1452, 3, 186, 85, 0, 1452, 1453, 1, 0, 0, 0, 1453, 1454, 6, 193, 15, 0, 1454, 1455, 6, 193, 0, 0, 1455, 1456, 6, 193, 31, 0, 1456, 403, 1, 0, 0, 0, 1457, 1458, 3, 108, 46, 0, 1458, 1459, 1, 0, 0, 0, 1459, 1460, 6, 194, 15, 0, 1460, 1461, 6, 194, 0, 0, 1461, 1462, 6, 194, 33, 0, 1462, 405, 1, 0, 0, 0, 1463, 1464, 3, 80, 32, 0, 1464, 1465, 1, 0, 0, 0, 1465, 1466, 6, 195, 14, 0, 1466, 1467, 6, 195, 15, 0, 1467, 407, 1, 0, 0, 0, 65, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 588, 598, 602, 605, 614, 616, 627, 634, 639, 678, 683, 692, 699, 704, 706, 717, 725, 728, 730, 735, 740, 746, 753, 758, 764, 767, 775, 779, 909, 916, 918, 934, 939, 944, 946, 952, 1041, 1045, 1050, 1055, 1060, 1062, 1066, 1068, 1145, 1149, 1154, 1376, 1378, 34, 5, 2, 0, 5, 4, 0, 5, 6, 0, 5, 1, 0, 5, 3, 0, 5, 8, 0, 5, 12, 0, 5, 14, 0, 5, 10, 0, 5, 5, 0, 5, 11, 0, 0, 1, 0, 7, 71, 0, 5, 0, 0, 7, 30, 0, 4, 0, 0, 7, 72, 0, 7, 116, 0, 7, 39, 0, 7, 37, 0, 7, 26, 0, 7, 31, 0, 7, 41, 0, 7, 82, 0, 5, 13, 0, 5, 7, 0, 7, 92, 0, 7, 91, 0, 7, 74, 0, 7, 90, 0, 5, 9, 0, 7, 73, 0, 5, 15, 0, 7, 34, 0] \ No newline at end of file diff --git a/packages/kbn-esql-ast/src/antlr/esql_lexer.tokens b/packages/kbn-esql-ast/src/antlr/esql_lexer.tokens index 4cac289a33634..2d4bb481826f5 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_lexer.tokens +++ b/packages/kbn-esql-ast/src/antlr/esql_lexer.tokens @@ -18,111 +18,112 @@ SHOW=17 SORT=18 STATS=19 WHERE=20 -UNKNOWN_CMD=21 -LINE_COMMENT=22 -MULTILINE_COMMENT=23 -WS=24 -UNQUOTED_SOURCE=25 -EXPLAIN_WS=26 -EXPLAIN_LINE_COMMENT=27 -EXPLAIN_MULTILINE_COMMENT=28 -PIPE=29 -QUOTED_STRING=30 -INTEGER_LITERAL=31 -DECIMAL_LITERAL=32 -BY=33 -AND=34 -ASC=35 -ASSIGN=36 -CAST_OP=37 -COMMA=38 -DESC=39 -DOT=40 -FALSE=41 -FIRST=42 -IN=43 -IS=44 -LAST=45 -LIKE=46 -LP=47 -MATCH=48 -NOT=49 -NULL=50 -NULLS=51 -OR=52 -PARAM=53 -RLIKE=54 -RP=55 -TRUE=56 -EQ=57 -CIEQ=58 -NEQ=59 -LT=60 -LTE=61 -GT=62 -GTE=63 -PLUS=64 -MINUS=65 -ASTERISK=66 -SLASH=67 -PERCENT=68 -NAMED_OR_POSITIONAL_PARAM=69 -OPENING_BRACKET=70 -CLOSING_BRACKET=71 -UNQUOTED_IDENTIFIER=72 -QUOTED_IDENTIFIER=73 -EXPR_LINE_COMMENT=74 -EXPR_MULTILINE_COMMENT=75 -EXPR_WS=76 -METADATA=77 -FROM_LINE_COMMENT=78 -FROM_MULTILINE_COMMENT=79 -FROM_WS=80 -ID_PATTERN=81 -PROJECT_LINE_COMMENT=82 -PROJECT_MULTILINE_COMMENT=83 -PROJECT_WS=84 -AS=85 -RENAME_LINE_COMMENT=86 -RENAME_MULTILINE_COMMENT=87 -RENAME_WS=88 -ON=89 -WITH=90 -ENRICH_POLICY_NAME=91 -ENRICH_LINE_COMMENT=92 -ENRICH_MULTILINE_COMMENT=93 -ENRICH_WS=94 -ENRICH_FIELD_LINE_COMMENT=95 -ENRICH_FIELD_MULTILINE_COMMENT=96 -ENRICH_FIELD_WS=97 -LOOKUP_LINE_COMMENT=98 -LOOKUP_MULTILINE_COMMENT=99 -LOOKUP_WS=100 -LOOKUP_FIELD_LINE_COMMENT=101 -LOOKUP_FIELD_MULTILINE_COMMENT=102 -LOOKUP_FIELD_WS=103 -MVEXPAND_LINE_COMMENT=104 -MVEXPAND_MULTILINE_COMMENT=105 -MVEXPAND_WS=106 -INFO=107 -SHOW_LINE_COMMENT=108 -SHOW_MULTILINE_COMMENT=109 -SHOW_WS=110 -FUNCTIONS=111 -META_LINE_COMMENT=112 -META_MULTILINE_COMMENT=113 -META_WS=114 -COLON=115 -SETTING=116 -SETTING_LINE_COMMENT=117 -SETTTING_MULTILINE_COMMENT=118 -SETTING_WS=119 -METRICS_LINE_COMMENT=120 -METRICS_MULTILINE_COMMENT=121 -METRICS_WS=122 -CLOSING_METRICS_LINE_COMMENT=123 -CLOSING_METRICS_MULTILINE_COMMENT=124 -CLOSING_METRICS_WS=125 +MATCH=21 +UNKNOWN_CMD=22 +LINE_COMMENT=23 +MULTILINE_COMMENT=24 +WS=25 +UNQUOTED_SOURCE=26 +EXPLAIN_WS=27 +EXPLAIN_LINE_COMMENT=28 +EXPLAIN_MULTILINE_COMMENT=29 +PIPE=30 +QUOTED_STRING=31 +INTEGER_LITERAL=32 +DECIMAL_LITERAL=33 +BY=34 +AND=35 +ASC=36 +ASSIGN=37 +CAST_OP=38 +COMMA=39 +DESC=40 +DOT=41 +FALSE=42 +FIRST=43 +IN=44 +IS=45 +LAST=46 +LIKE=47 +LP=48 +MATCH_OPERATOR=49 +NOT=50 +NULL=51 +NULLS=52 +OR=53 +PARAM=54 +RLIKE=55 +RP=56 +TRUE=57 +EQ=58 +CIEQ=59 +NEQ=60 +LT=61 +LTE=62 +GT=63 +GTE=64 +PLUS=65 +MINUS=66 +ASTERISK=67 +SLASH=68 +PERCENT=69 +NAMED_OR_POSITIONAL_PARAM=70 +OPENING_BRACKET=71 +CLOSING_BRACKET=72 +UNQUOTED_IDENTIFIER=73 +QUOTED_IDENTIFIER=74 +EXPR_LINE_COMMENT=75 +EXPR_MULTILINE_COMMENT=76 +EXPR_WS=77 +METADATA=78 +FROM_LINE_COMMENT=79 +FROM_MULTILINE_COMMENT=80 +FROM_WS=81 +ID_PATTERN=82 +PROJECT_LINE_COMMENT=83 +PROJECT_MULTILINE_COMMENT=84 +PROJECT_WS=85 +AS=86 +RENAME_LINE_COMMENT=87 +RENAME_MULTILINE_COMMENT=88 +RENAME_WS=89 +ON=90 +WITH=91 +ENRICH_POLICY_NAME=92 +ENRICH_LINE_COMMENT=93 +ENRICH_MULTILINE_COMMENT=94 +ENRICH_WS=95 +ENRICH_FIELD_LINE_COMMENT=96 +ENRICH_FIELD_MULTILINE_COMMENT=97 +ENRICH_FIELD_WS=98 +LOOKUP_LINE_COMMENT=99 +LOOKUP_MULTILINE_COMMENT=100 +LOOKUP_WS=101 +LOOKUP_FIELD_LINE_COMMENT=102 +LOOKUP_FIELD_MULTILINE_COMMENT=103 +LOOKUP_FIELD_WS=104 +MVEXPAND_LINE_COMMENT=105 +MVEXPAND_MULTILINE_COMMENT=106 +MVEXPAND_WS=107 +INFO=108 +SHOW_LINE_COMMENT=109 +SHOW_MULTILINE_COMMENT=110 +SHOW_WS=111 +FUNCTIONS=112 +META_LINE_COMMENT=113 +META_MULTILINE_COMMENT=114 +META_WS=115 +COLON=116 +SETTING=117 +SETTING_LINE_COMMENT=118 +SETTTING_MULTILINE_COMMENT=119 +SETTING_WS=120 +METRICS_LINE_COMMENT=121 +METRICS_MULTILINE_COMMENT=122 +METRICS_WS=123 +CLOSING_METRICS_LINE_COMMENT=124 +CLOSING_METRICS_MULTILINE_COMMENT=125 +CLOSING_METRICS_WS=126 'dissect'=1 'drop'=2 'enrich'=3 @@ -143,48 +144,47 @@ CLOSING_METRICS_WS=125 'sort'=18 'stats'=19 'where'=20 -'|'=29 -'by'=33 -'and'=34 -'asc'=35 -'='=36 -'::'=37 -','=38 -'desc'=39 -'.'=40 -'false'=41 -'first'=42 -'in'=43 -'is'=44 -'last'=45 -'like'=46 -'('=47 -'match'=48 -'not'=49 -'null'=50 -'nulls'=51 -'or'=52 -'?'=53 -'rlike'=54 -')'=55 -'true'=56 -'=='=57 -'=~'=58 -'!='=59 -'<'=60 -'<='=61 -'>'=62 -'>='=63 -'+'=64 -'-'=65 -'*'=66 -'/'=67 -'%'=68 -']'=71 -'metadata'=77 -'as'=85 -'on'=89 -'with'=90 -'info'=107 -'functions'=111 -':'=115 +'|'=30 +'by'=34 +'and'=35 +'asc'=36 +'='=37 +'::'=38 +','=39 +'desc'=40 +'.'=41 +'false'=42 +'first'=43 +'in'=44 +'is'=45 +'last'=46 +'like'=47 +'('=48 +'not'=50 +'null'=51 +'nulls'=52 +'or'=53 +'?'=54 +'rlike'=55 +')'=56 +'true'=57 +'=='=58 +'=~'=59 +'!='=60 +'<'=61 +'<='=62 +'>'=63 +'>='=64 +'+'=65 +'-'=66 +'*'=67 +'/'=68 +'%'=69 +']'=72 +'metadata'=78 +'as'=86 +'on'=90 +'with'=91 +'info'=108 +'functions'=112 +':'=116 diff --git a/packages/kbn-esql-ast/src/antlr/esql_lexer.ts b/packages/kbn-esql-ast/src/antlr/esql_lexer.ts index eb10e461fab5f..179382f9f736e 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_lexer.ts +++ b/packages/kbn-esql-ast/src/antlr/esql_lexer.ts @@ -1,5 +1,5 @@ // @ts-nocheck -// Generated from src/antlr/esql_lexer.g4 by ANTLR 4.13.1 +// Generated from src/antlr/esql_lexer.g4 by ANTLR 4.13.2 // noinspection ES6UnusedImports,JSUnusedGlobalSymbols,JSUnusedLocalSymbols import { ATN, @@ -33,111 +33,112 @@ export default class esql_lexer extends Lexer { public static readonly SORT = 18; public static readonly STATS = 19; public static readonly WHERE = 20; - public static readonly UNKNOWN_CMD = 21; - public static readonly LINE_COMMENT = 22; - public static readonly MULTILINE_COMMENT = 23; - public static readonly WS = 24; - public static readonly UNQUOTED_SOURCE = 25; - public static readonly EXPLAIN_WS = 26; - public static readonly EXPLAIN_LINE_COMMENT = 27; - public static readonly EXPLAIN_MULTILINE_COMMENT = 28; - public static readonly PIPE = 29; - public static readonly QUOTED_STRING = 30; - public static readonly INTEGER_LITERAL = 31; - public static readonly DECIMAL_LITERAL = 32; - public static readonly BY = 33; - public static readonly AND = 34; - public static readonly ASC = 35; - public static readonly ASSIGN = 36; - public static readonly CAST_OP = 37; - public static readonly COMMA = 38; - public static readonly DESC = 39; - public static readonly DOT = 40; - public static readonly FALSE = 41; - public static readonly FIRST = 42; - public static readonly IN = 43; - public static readonly IS = 44; - public static readonly LAST = 45; - public static readonly LIKE = 46; - public static readonly LP = 47; - public static readonly MATCH = 48; - public static readonly NOT = 49; - public static readonly NULL = 50; - public static readonly NULLS = 51; - public static readonly OR = 52; - public static readonly PARAM = 53; - public static readonly RLIKE = 54; - public static readonly RP = 55; - public static readonly TRUE = 56; - public static readonly EQ = 57; - public static readonly CIEQ = 58; - public static readonly NEQ = 59; - public static readonly LT = 60; - public static readonly LTE = 61; - public static readonly GT = 62; - public static readonly GTE = 63; - public static readonly PLUS = 64; - public static readonly MINUS = 65; - public static readonly ASTERISK = 66; - public static readonly SLASH = 67; - public static readonly PERCENT = 68; - public static readonly NAMED_OR_POSITIONAL_PARAM = 69; - public static readonly OPENING_BRACKET = 70; - public static readonly CLOSING_BRACKET = 71; - public static readonly UNQUOTED_IDENTIFIER = 72; - public static readonly QUOTED_IDENTIFIER = 73; - public static readonly EXPR_LINE_COMMENT = 74; - public static readonly EXPR_MULTILINE_COMMENT = 75; - public static readonly EXPR_WS = 76; - public static readonly METADATA = 77; - public static readonly FROM_LINE_COMMENT = 78; - public static readonly FROM_MULTILINE_COMMENT = 79; - public static readonly FROM_WS = 80; - public static readonly ID_PATTERN = 81; - public static readonly PROJECT_LINE_COMMENT = 82; - public static readonly PROJECT_MULTILINE_COMMENT = 83; - public static readonly PROJECT_WS = 84; - public static readonly AS = 85; - public static readonly RENAME_LINE_COMMENT = 86; - public static readonly RENAME_MULTILINE_COMMENT = 87; - public static readonly RENAME_WS = 88; - public static readonly ON = 89; - public static readonly WITH = 90; - public static readonly ENRICH_POLICY_NAME = 91; - public static readonly ENRICH_LINE_COMMENT = 92; - public static readonly ENRICH_MULTILINE_COMMENT = 93; - public static readonly ENRICH_WS = 94; - public static readonly ENRICH_FIELD_LINE_COMMENT = 95; - public static readonly ENRICH_FIELD_MULTILINE_COMMENT = 96; - public static readonly ENRICH_FIELD_WS = 97; - public static readonly LOOKUP_LINE_COMMENT = 98; - public static readonly LOOKUP_MULTILINE_COMMENT = 99; - public static readonly LOOKUP_WS = 100; - public static readonly LOOKUP_FIELD_LINE_COMMENT = 101; - public static readonly LOOKUP_FIELD_MULTILINE_COMMENT = 102; - public static readonly LOOKUP_FIELD_WS = 103; - public static readonly MVEXPAND_LINE_COMMENT = 104; - public static readonly MVEXPAND_MULTILINE_COMMENT = 105; - public static readonly MVEXPAND_WS = 106; - public static readonly INFO = 107; - public static readonly SHOW_LINE_COMMENT = 108; - public static readonly SHOW_MULTILINE_COMMENT = 109; - public static readonly SHOW_WS = 110; - public static readonly FUNCTIONS = 111; - public static readonly META_LINE_COMMENT = 112; - public static readonly META_MULTILINE_COMMENT = 113; - public static readonly META_WS = 114; - public static readonly COLON = 115; - public static readonly SETTING = 116; - public static readonly SETTING_LINE_COMMENT = 117; - public static readonly SETTTING_MULTILINE_COMMENT = 118; - public static readonly SETTING_WS = 119; - public static readonly METRICS_LINE_COMMENT = 120; - public static readonly METRICS_MULTILINE_COMMENT = 121; - public static readonly METRICS_WS = 122; - public static readonly CLOSING_METRICS_LINE_COMMENT = 123; - public static readonly CLOSING_METRICS_MULTILINE_COMMENT = 124; - public static readonly CLOSING_METRICS_WS = 125; + public static readonly MATCH = 21; + public static readonly UNKNOWN_CMD = 22; + public static readonly LINE_COMMENT = 23; + public static readonly MULTILINE_COMMENT = 24; + public static readonly WS = 25; + public static readonly UNQUOTED_SOURCE = 26; + public static readonly EXPLAIN_WS = 27; + public static readonly EXPLAIN_LINE_COMMENT = 28; + public static readonly EXPLAIN_MULTILINE_COMMENT = 29; + public static readonly PIPE = 30; + public static readonly QUOTED_STRING = 31; + public static readonly INTEGER_LITERAL = 32; + public static readonly DECIMAL_LITERAL = 33; + public static readonly BY = 34; + public static readonly AND = 35; + public static readonly ASC = 36; + public static readonly ASSIGN = 37; + public static readonly CAST_OP = 38; + public static readonly COMMA = 39; + public static readonly DESC = 40; + public static readonly DOT = 41; + public static readonly FALSE = 42; + public static readonly FIRST = 43; + public static readonly IN = 44; + public static readonly IS = 45; + public static readonly LAST = 46; + public static readonly LIKE = 47; + public static readonly LP = 48; + public static readonly MATCH_OPERATOR = 49; + public static readonly NOT = 50; + public static readonly NULL = 51; + public static readonly NULLS = 52; + public static readonly OR = 53; + public static readonly PARAM = 54; + public static readonly RLIKE = 55; + public static readonly RP = 56; + public static readonly TRUE = 57; + public static readonly EQ = 58; + public static readonly CIEQ = 59; + public static readonly NEQ = 60; + public static readonly LT = 61; + public static readonly LTE = 62; + public static readonly GT = 63; + public static readonly GTE = 64; + public static readonly PLUS = 65; + public static readonly MINUS = 66; + public static readonly ASTERISK = 67; + public static readonly SLASH = 68; + public static readonly PERCENT = 69; + public static readonly NAMED_OR_POSITIONAL_PARAM = 70; + public static readonly OPENING_BRACKET = 71; + public static readonly CLOSING_BRACKET = 72; + public static readonly UNQUOTED_IDENTIFIER = 73; + public static readonly QUOTED_IDENTIFIER = 74; + public static readonly EXPR_LINE_COMMENT = 75; + public static readonly EXPR_MULTILINE_COMMENT = 76; + public static readonly EXPR_WS = 77; + public static readonly METADATA = 78; + public static readonly FROM_LINE_COMMENT = 79; + public static readonly FROM_MULTILINE_COMMENT = 80; + public static readonly FROM_WS = 81; + public static readonly ID_PATTERN = 82; + public static readonly PROJECT_LINE_COMMENT = 83; + public static readonly PROJECT_MULTILINE_COMMENT = 84; + public static readonly PROJECT_WS = 85; + public static readonly AS = 86; + public static readonly RENAME_LINE_COMMENT = 87; + public static readonly RENAME_MULTILINE_COMMENT = 88; + public static readonly RENAME_WS = 89; + public static readonly ON = 90; + public static readonly WITH = 91; + public static readonly ENRICH_POLICY_NAME = 92; + public static readonly ENRICH_LINE_COMMENT = 93; + public static readonly ENRICH_MULTILINE_COMMENT = 94; + public static readonly ENRICH_WS = 95; + public static readonly ENRICH_FIELD_LINE_COMMENT = 96; + public static readonly ENRICH_FIELD_MULTILINE_COMMENT = 97; + public static readonly ENRICH_FIELD_WS = 98; + public static readonly LOOKUP_LINE_COMMENT = 99; + public static readonly LOOKUP_MULTILINE_COMMENT = 100; + public static readonly LOOKUP_WS = 101; + public static readonly LOOKUP_FIELD_LINE_COMMENT = 102; + public static readonly LOOKUP_FIELD_MULTILINE_COMMENT = 103; + public static readonly LOOKUP_FIELD_WS = 104; + public static readonly MVEXPAND_LINE_COMMENT = 105; + public static readonly MVEXPAND_MULTILINE_COMMENT = 106; + public static readonly MVEXPAND_WS = 107; + public static readonly INFO = 108; + public static readonly SHOW_LINE_COMMENT = 109; + public static readonly SHOW_MULTILINE_COMMENT = 110; + public static readonly SHOW_WS = 111; + public static readonly FUNCTIONS = 112; + public static readonly META_LINE_COMMENT = 113; + public static readonly META_MULTILINE_COMMENT = 114; + public static readonly META_WS = 115; + public static readonly COLON = 116; + public static readonly SETTING = 117; + public static readonly SETTING_LINE_COMMENT = 118; + public static readonly SETTTING_MULTILINE_COMMENT = 119; + public static readonly SETTING_WS = 120; + public static readonly METRICS_LINE_COMMENT = 121; + public static readonly METRICS_MULTILINE_COMMENT = 122; + public static readonly METRICS_WS = 123; + public static readonly CLOSING_METRICS_LINE_COMMENT = 124; + public static readonly CLOSING_METRICS_MULTILINE_COMMENT = 125; + public static readonly CLOSING_METRICS_WS = 126; public static readonly EOF = Token.EOF; public static readonly EXPLAIN_MODE = 1; public static readonly EXPRESSION_MODE = 2; @@ -172,31 +173,32 @@ export default class esql_lexer extends Lexer { null, null, null, null, null, null, - null, "'|'", null, null, - null, "'by'", - "'and'", "'asc'", - "'='", "'::'", - "','", "'desc'", - "'.'", "'false'", - "'first'", "'in'", - "'is'", "'last'", - "'like'", "'('", - "'match'", "'not'", - "'null'", "'nulls'", - "'or'", "'?'", - "'rlike'", "')'", - "'true'", "'=='", - "'=~'", "'!='", - "'<'", "'<='", - "'>'", "'>='", - "'+'", "'-'", - "'*'", "'/'", - "'%'", null, - null, "']'", + "'|'", null, null, null, + "'by'", "'and'", + "'asc'", "'='", + "'::'", "','", + "'desc'", "'.'", + "'false'", "'first'", + "'in'", "'is'", + "'last'", "'like'", + "'('", null, + "'not'", "'null'", + "'nulls'", "'or'", + "'?'", "'rlike'", + "')'", "'true'", + "'=='", "'=~'", + "'!='", "'<'", + "'<='", "'>'", + "'>='", "'+'", + "'-'", "'*'", + "'/'", "'%'", null, null, - null, "'metadata'", + "']'", null, + null, null, + null, null, + "'metadata'", null, null, null, null, null, null, @@ -228,7 +230,7 @@ export default class esql_lexer extends Lexer { "RENAME", "ROW", "SHOW", "SORT", "STATS", "WHERE", - "UNKNOWN_CMD", + "MATCH", "UNKNOWN_CMD", "LINE_COMMENT", "MULTILINE_COMMENT", "WS", "UNQUOTED_SOURCE", @@ -246,16 +248,16 @@ export default class esql_lexer extends Lexer { "FIRST", "IN", "IS", "LAST", "LIKE", "LP", - "MATCH", "NOT", - "NULL", "NULLS", - "OR", "PARAM", - "RLIKE", "RP", - "TRUE", "EQ", - "CIEQ", "NEQ", - "LT", "LTE", - "GT", "GTE", - "PLUS", "MINUS", - "ASTERISK", + "MATCH_OPERATOR", + "NOT", "NULL", + "NULLS", "OR", + "PARAM", "RLIKE", + "RP", "TRUE", + "EQ", "CIEQ", + "NEQ", "LT", + "LTE", "GT", + "GTE", "PLUS", + "MINUS", "ASTERISK", "SLASH", "PERCENT", "NAMED_OR_POSITIONAL_PARAM", "OPENING_BRACKET", @@ -322,32 +324,32 @@ export default class esql_lexer extends Lexer { public static readonly ruleNames: string[] = [ "DISSECT", "DROP", "ENRICH", "EVAL", "EXPLAIN", "FROM", "GROK", "INLINESTATS", "KEEP", "LIMIT", "LOOKUP", "META", "METRICS", "MV_EXPAND", "RENAME", "ROW", - "SHOW", "SORT", "STATS", "WHERE", "UNKNOWN_CMD", "LINE_COMMENT", "MULTILINE_COMMENT", - "WS", "UNQUOTED_SOURCE_PART", "UNQUOTED_SOURCE", "EXPLAIN_OPENING_BRACKET", - "EXPLAIN_PIPE", "EXPLAIN_WS", "EXPLAIN_LINE_COMMENT", "EXPLAIN_MULTILINE_COMMENT", - "PIPE", "DIGIT", "LETTER", "ESCAPE_SEQUENCE", "UNESCAPED_CHARS", "EXPONENT", - "ASPERAND", "BACKQUOTE", "BACKQUOTE_BLOCK", "UNDERSCORE", "UNQUOTED_ID_BODY", - "QUOTED_STRING", "INTEGER_LITERAL", "DECIMAL_LITERAL", "BY", "AND", "ASC", - "ASSIGN", "CAST_OP", "COMMA", "DESC", "DOT", "FALSE", "FIRST", "IN", "IS", - "LAST", "LIKE", "LP", "MATCH", "NOT", "NULL", "NULLS", "OR", "PARAM", - "RLIKE", "RP", "TRUE", "EQ", "CIEQ", "NEQ", "LT", "LTE", "GT", "GTE", - "PLUS", "MINUS", "ASTERISK", "SLASH", "PERCENT", "NAMED_OR_POSITIONAL_PARAM", - "OPENING_BRACKET", "CLOSING_BRACKET", "UNQUOTED_IDENTIFIER", "QUOTED_ID", - "QUOTED_IDENTIFIER", "EXPR_LINE_COMMENT", "EXPR_MULTILINE_COMMENT", "EXPR_WS", - "FROM_PIPE", "FROM_OPENING_BRACKET", "FROM_CLOSING_BRACKET", "FROM_COLON", - "FROM_COMMA", "FROM_ASSIGN", "METADATA", "FROM_UNQUOTED_SOURCE", "FROM_QUOTED_SOURCE", - "FROM_LINE_COMMENT", "FROM_MULTILINE_COMMENT", "FROM_WS", "PROJECT_PIPE", - "PROJECT_DOT", "PROJECT_COMMA", "UNQUOTED_ID_BODY_WITH_PATTERN", "UNQUOTED_ID_PATTERN", - "ID_PATTERN", "PROJECT_LINE_COMMENT", "PROJECT_MULTILINE_COMMENT", "PROJECT_WS", - "RENAME_PIPE", "RENAME_ASSIGN", "RENAME_COMMA", "RENAME_DOT", "AS", "RENAME_ID_PATTERN", - "RENAME_LINE_COMMENT", "RENAME_MULTILINE_COMMENT", "RENAME_WS", "ENRICH_PIPE", - "ENRICH_OPENING_BRACKET", "ON", "WITH", "ENRICH_POLICY_NAME_BODY", "ENRICH_POLICY_NAME", - "ENRICH_MODE_UNQUOTED_VALUE", "ENRICH_LINE_COMMENT", "ENRICH_MULTILINE_COMMENT", - "ENRICH_WS", "ENRICH_FIELD_PIPE", "ENRICH_FIELD_ASSIGN", "ENRICH_FIELD_COMMA", - "ENRICH_FIELD_DOT", "ENRICH_FIELD_WITH", "ENRICH_FIELD_ID_PATTERN", "ENRICH_FIELD_QUOTED_IDENTIFIER", - "ENRICH_FIELD_LINE_COMMENT", "ENRICH_FIELD_MULTILINE_COMMENT", "ENRICH_FIELD_WS", - "LOOKUP_PIPE", "LOOKUP_COLON", "LOOKUP_COMMA", "LOOKUP_DOT", "LOOKUP_ON", - "LOOKUP_UNQUOTED_SOURCE", "LOOKUP_QUOTED_SOURCE", "LOOKUP_LINE_COMMENT", + "SHOW", "SORT", "STATS", "WHERE", "MATCH", "UNKNOWN_CMD", "LINE_COMMENT", + "MULTILINE_COMMENT", "WS", "UNQUOTED_SOURCE_PART", "UNQUOTED_SOURCE", + "EXPLAIN_OPENING_BRACKET", "EXPLAIN_PIPE", "EXPLAIN_WS", "EXPLAIN_LINE_COMMENT", + "EXPLAIN_MULTILINE_COMMENT", "PIPE", "DIGIT", "LETTER", "ESCAPE_SEQUENCE", + "UNESCAPED_CHARS", "EXPONENT", "ASPERAND", "BACKQUOTE", "BACKQUOTE_BLOCK", + "UNDERSCORE", "UNQUOTED_ID_BODY", "QUOTED_STRING", "INTEGER_LITERAL", + "DECIMAL_LITERAL", "BY", "AND", "ASC", "ASSIGN", "CAST_OP", "COMMA", "DESC", + "DOT", "FALSE", "FIRST", "IN", "IS", "LAST", "LIKE", "LP", "MATCH_OPERATOR", + "NOT", "NULL", "NULLS", "OR", "PARAM", "RLIKE", "RP", "TRUE", "EQ", "CIEQ", + "NEQ", "LT", "LTE", "GT", "GTE", "PLUS", "MINUS", "ASTERISK", "SLASH", + "PERCENT", "NAMED_OR_POSITIONAL_PARAM", "OPENING_BRACKET", "CLOSING_BRACKET", + "UNQUOTED_IDENTIFIER", "QUOTED_ID", "QUOTED_IDENTIFIER", "EXPR_LINE_COMMENT", + "EXPR_MULTILINE_COMMENT", "EXPR_WS", "FROM_PIPE", "FROM_OPENING_BRACKET", + "FROM_CLOSING_BRACKET", "FROM_COLON", "FROM_COMMA", "FROM_ASSIGN", "METADATA", + "FROM_UNQUOTED_SOURCE", "FROM_QUOTED_SOURCE", "FROM_LINE_COMMENT", "FROM_MULTILINE_COMMENT", + "FROM_WS", "PROJECT_PIPE", "PROJECT_DOT", "PROJECT_COMMA", "UNQUOTED_ID_BODY_WITH_PATTERN", + "UNQUOTED_ID_PATTERN", "ID_PATTERN", "PROJECT_LINE_COMMENT", "PROJECT_MULTILINE_COMMENT", + "PROJECT_WS", "RENAME_PIPE", "RENAME_ASSIGN", "RENAME_COMMA", "RENAME_DOT", + "AS", "RENAME_ID_PATTERN", "RENAME_LINE_COMMENT", "RENAME_MULTILINE_COMMENT", + "RENAME_WS", "ENRICH_PIPE", "ENRICH_OPENING_BRACKET", "ON", "WITH", "ENRICH_POLICY_NAME_BODY", + "ENRICH_POLICY_NAME", "ENRICH_MODE_UNQUOTED_VALUE", "ENRICH_LINE_COMMENT", + "ENRICH_MULTILINE_COMMENT", "ENRICH_WS", "ENRICH_FIELD_PIPE", "ENRICH_FIELD_ASSIGN", + "ENRICH_FIELD_COMMA", "ENRICH_FIELD_DOT", "ENRICH_FIELD_WITH", "ENRICH_FIELD_ID_PATTERN", + "ENRICH_FIELD_QUOTED_IDENTIFIER", "ENRICH_FIELD_LINE_COMMENT", "ENRICH_FIELD_MULTILINE_COMMENT", + "ENRICH_FIELD_WS", "LOOKUP_PIPE", "LOOKUP_COLON", "LOOKUP_COMMA", "LOOKUP_DOT", + "LOOKUP_ON", "LOOKUP_UNQUOTED_SOURCE", "LOOKUP_QUOTED_SOURCE", "LOOKUP_LINE_COMMENT", "LOOKUP_MULTILINE_COMMENT", "LOOKUP_WS", "LOOKUP_FIELD_PIPE", "LOOKUP_FIELD_COMMA", "LOOKUP_FIELD_DOT", "LOOKUP_FIELD_ID_PATTERN", "LOOKUP_FIELD_LINE_COMMENT", "LOOKUP_FIELD_MULTILINE_COMMENT", "LOOKUP_FIELD_WS", "MVEXPAND_PIPE", @@ -381,7 +383,7 @@ export default class esql_lexer extends Lexer { public get modeNames(): string[] { return esql_lexer.modeNames; } - public static readonly _serializedATN: number[] = [4,0,125,1458,6,-1,6, + public static readonly _serializedATN: number[] = [4,0,126,1468,6,-1,6, -1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1,6,-1, 2,0,7,0,2,1,7,1,2,2,7,2,2,3,7,3,2,4,7,4,2,5,7,5,2,6,7,6,2,7,7,7,2,8,7,8, 2,9,7,9,2,10,7,10,2,11,7,11,2,12,7,12,2,13,7,13,2,14,7,14,2,15,7,15,2,16, @@ -412,125 +414,126 @@ export default class esql_lexer extends Lexer { 2,175,7,175,2,176,7,176,2,177,7,177,2,178,7,178,2,179,7,179,2,180,7,180, 2,181,7,181,2,182,7,182,2,183,7,183,2,184,7,184,2,185,7,185,2,186,7,186, 2,187,7,187,2,188,7,188,2,189,7,189,2,190,7,190,2,191,7,191,2,192,7,192, - 2,193,7,193,2,194,7,194,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,1,1,1, - 1,1,1,1,1,1,1,1,1,1,1,2,1,2,1,2,1,2,1,2,1,2,1,2,1,2,1,2,1,3,1,3,1,3,1,3, - 1,3,1,3,1,3,1,4,1,4,1,4,1,4,1,4,1,4,1,4,1,4,1,4,1,4,1,5,1,5,1,5,1,5,1,5, - 1,5,1,5,1,6,1,6,1,6,1,6,1,6,1,6,1,6,1,7,1,7,1,7,1,7,1,7,1,7,1,7,1,7,1,7, - 1,7,1,7,1,7,1,7,1,7,1,8,1,8,1,8,1,8,1,8,1,8,1,8,1,9,1,9,1,9,1,9,1,9,1,9, - 1,9,1,9,1,10,1,10,1,10,1,10,1,10,1,10,1,10,1,10,1,10,1,11,1,11,1,11,1,11, - 1,11,1,11,1,11,1,12,1,12,1,12,1,12,1,12,1,12,1,12,1,12,1,12,1,12,1,13,1, - 13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,14,1,14,1,14,1,14, - 1,14,1,14,1,14,1,14,1,14,1,15,1,15,1,15,1,15,1,15,1,15,1,16,1,16,1,16,1, - 16,1,16,1,16,1,16,1,17,1,17,1,17,1,17,1,17,1,17,1,17,1,18,1,18,1,18,1,18, - 1,18,1,18,1,18,1,18,1,19,1,19,1,19,1,19,1,19,1,19,1,19,1,19,1,20,4,20,577, - 8,20,11,20,12,20,578,1,20,1,20,1,21,1,21,1,21,1,21,5,21,587,8,21,10,21, - 12,21,590,9,21,1,21,3,21,593,8,21,1,21,3,21,596,8,21,1,21,1,21,1,22,1,22, - 1,22,1,22,1,22,5,22,605,8,22,10,22,12,22,608,9,22,1,22,1,22,1,22,1,22,1, - 22,1,23,4,23,616,8,23,11,23,12,23,617,1,23,1,23,1,24,1,24,1,24,3,24,625, - 8,24,1,25,4,25,628,8,25,11,25,12,25,629,1,26,1,26,1,26,1,26,1,26,1,27,1, - 27,1,27,1,27,1,27,1,28,1,28,1,28,1,28,1,29,1,29,1,29,1,29,1,30,1,30,1,30, - 1,30,1,31,1,31,1,31,1,31,1,32,1,32,1,33,1,33,1,34,1,34,1,34,1,35,1,35,1, - 36,1,36,3,36,669,8,36,1,36,4,36,672,8,36,11,36,12,36,673,1,37,1,37,1,38, - 1,38,1,39,1,39,1,39,3,39,683,8,39,1,40,1,40,1,41,1,41,1,41,3,41,690,8,41, - 1,42,1,42,1,42,5,42,695,8,42,10,42,12,42,698,9,42,1,42,1,42,1,42,1,42,1, - 42,1,42,5,42,706,8,42,10,42,12,42,709,9,42,1,42,1,42,1,42,1,42,1,42,3,42, - 716,8,42,1,42,3,42,719,8,42,3,42,721,8,42,1,43,4,43,724,8,43,11,43,12,43, - 725,1,44,4,44,729,8,44,11,44,12,44,730,1,44,1,44,5,44,735,8,44,10,44,12, - 44,738,9,44,1,44,1,44,4,44,742,8,44,11,44,12,44,743,1,44,4,44,747,8,44, - 11,44,12,44,748,1,44,1,44,5,44,753,8,44,10,44,12,44,756,9,44,3,44,758,8, - 44,1,44,1,44,1,44,1,44,4,44,764,8,44,11,44,12,44,765,1,44,1,44,3,44,770, - 8,44,1,45,1,45,1,45,1,46,1,46,1,46,1,46,1,47,1,47,1,47,1,47,1,48,1,48,1, - 49,1,49,1,49,1,50,1,50,1,51,1,51,1,51,1,51,1,51,1,52,1,52,1,53,1,53,1,53, - 1,53,1,53,1,53,1,54,1,54,1,54,1,54,1,54,1,54,1,55,1,55,1,55,1,56,1,56,1, - 56,1,57,1,57,1,57,1,57,1,57,1,58,1,58,1,58,1,58,1,58,1,59,1,59,1,60,1,60, - 1,60,1,60,1,60,1,60,1,61,1,61,1,61,1,61,1,62,1,62,1,62,1,62,1,62,1,63,1, - 63,1,63,1,63,1,63,1,63,1,64,1,64,1,64,1,65,1,65,1,66,1,66,1,66,1,66,1,66, - 1,66,1,67,1,67,1,68,1,68,1,68,1,68,1,68,1,69,1,69,1,69,1,70,1,70,1,70,1, - 71,1,71,1,71,1,72,1,72,1,73,1,73,1,73,1,74,1,74,1,75,1,75,1,75,1,76,1,76, - 1,77,1,77,1,78,1,78,1,79,1,79,1,80,1,80,1,81,1,81,1,81,5,81,898,8,81,10, - 81,12,81,901,9,81,1,81,1,81,4,81,905,8,81,11,81,12,81,906,3,81,909,8,81, - 1,82,1,82,1,82,1,82,1,82,1,83,1,83,1,83,1,83,1,83,1,84,1,84,5,84,923,8, - 84,10,84,12,84,926,9,84,1,84,1,84,3,84,930,8,84,1,84,4,84,933,8,84,11,84, - 12,84,934,3,84,937,8,84,1,85,1,85,4,85,941,8,85,11,85,12,85,942,1,85,1, - 85,1,86,1,86,1,87,1,87,1,87,1,87,1,88,1,88,1,88,1,88,1,89,1,89,1,89,1,89, - 1,90,1,90,1,90,1,90,1,90,1,91,1,91,1,91,1,91,1,92,1,92,1,92,1,92,1,93,1, - 93,1,93,1,93,1,94,1,94,1,94,1,94,1,95,1,95,1,95,1,95,1,96,1,96,1,96,1,96, - 1,96,1,96,1,96,1,96,1,96,1,97,1,97,1,97,1,97,1,98,1,98,1,98,1,98,1,99,1, - 99,1,99,1,99,1,100,1,100,1,100,1,100,1,101,1,101,1,101,1,101,1,102,1,102, - 1,102,1,102,1,102,1,103,1,103,1,103,1,103,1,104,1,104,1,104,1,104,1,105, - 1,105,1,105,1,105,3,105,1032,8,105,1,106,1,106,3,106,1036,8,106,1,106,5, - 106,1039,8,106,10,106,12,106,1042,9,106,1,106,1,106,3,106,1046,8,106,1, - 106,4,106,1049,8,106,11,106,12,106,1050,3,106,1053,8,106,1,107,1,107,4, - 107,1057,8,107,11,107,12,107,1058,1,108,1,108,1,108,1,108,1,109,1,109,1, - 109,1,109,1,110,1,110,1,110,1,110,1,111,1,111,1,111,1,111,1,111,1,112,1, - 112,1,112,1,112,1,113,1,113,1,113,1,113,1,114,1,114,1,114,1,114,1,115,1, - 115,1,115,1,116,1,116,1,116,1,116,1,117,1,117,1,117,1,117,1,118,1,118,1, - 118,1,118,1,119,1,119,1,119,1,119,1,120,1,120,1,120,1,120,1,120,1,121,1, - 121,1,121,1,121,1,121,1,122,1,122,1,122,1,122,1,122,1,123,1,123,1,123,1, - 123,1,123,1,123,1,123,1,124,1,124,1,125,4,125,1134,8,125,11,125,12,125, - 1135,1,125,1,125,3,125,1140,8,125,1,125,4,125,1143,8,125,11,125,12,125, - 1144,1,126,1,126,1,126,1,126,1,127,1,127,1,127,1,127,1,128,1,128,1,128, - 1,128,1,129,1,129,1,129,1,129,1,130,1,130,1,130,1,130,1,130,1,130,1,131, - 1,131,1,131,1,131,1,132,1,132,1,132,1,132,1,133,1,133,1,133,1,133,1,134, - 1,134,1,134,1,134,1,135,1,135,1,135,1,135,1,136,1,136,1,136,1,136,1,137, - 1,137,1,137,1,137,1,138,1,138,1,138,1,138,1,139,1,139,1,139,1,139,1,140, - 1,140,1,140,1,140,1,140,1,141,1,141,1,141,1,141,1,142,1,142,1,142,1,142, - 1,143,1,143,1,143,1,143,1,144,1,144,1,144,1,144,1,144,1,145,1,145,1,145, - 1,145,1,146,1,146,1,146,1,146,1,147,1,147,1,147,1,147,1,148,1,148,1,148, - 1,148,1,149,1,149,1,149,1,149,1,150,1,150,1,150,1,150,1,150,1,150,1,151, - 1,151,1,151,1,151,1,152,1,152,1,152,1,152,1,153,1,153,1,153,1,153,1,154, - 1,154,1,154,1,154,1,155,1,155,1,155,1,155,1,156,1,156,1,156,1,156,1,157, - 1,157,1,157,1,157,1,157,1,158,1,158,1,158,1,158,1,159,1,159,1,159,1,159, - 1,160,1,160,1,160,1,160,1,161,1,161,1,161,1,161,1,162,1,162,1,162,1,162, - 1,163,1,163,1,163,1,163,1,164,1,164,1,164,1,164,1,164,1,165,1,165,1,165, - 1,165,1,165,1,166,1,166,1,166,1,166,1,167,1,167,1,167,1,167,1,168,1,168, - 1,168,1,168,1,169,1,169,1,169,1,169,1,169,1,170,1,170,1,170,1,170,1,170, - 1,170,1,170,1,170,1,170,1,170,1,171,1,171,1,171,1,171,1,172,1,172,1,172, - 1,172,1,173,1,173,1,173,1,173,1,174,1,174,1,174,1,174,1,174,1,175,1,175, - 1,176,1,176,1,176,1,176,1,176,4,176,1367,8,176,11,176,12,176,1368,1,177, - 1,177,1,177,1,177,1,178,1,178,1,178,1,178,1,179,1,179,1,179,1,179,1,180, - 1,180,1,180,1,180,1,180,1,181,1,181,1,181,1,181,1,181,1,181,1,182,1,182, - 1,182,1,182,1,182,1,182,1,183,1,183,1,183,1,183,1,184,1,184,1,184,1,184, - 1,185,1,185,1,185,1,185,1,186,1,186,1,186,1,186,1,186,1,186,1,187,1,187, - 1,187,1,187,1,187,1,187,1,188,1,188,1,188,1,188,1,189,1,189,1,189,1,189, - 1,190,1,190,1,190,1,190,1,191,1,191,1,191,1,191,1,191,1,191,1,192,1,192, - 1,192,1,192,1,192,1,192,1,193,1,193,1,193,1,193,1,193,1,193,1,194,1,194, - 1,194,1,194,1,194,2,606,707,0,195,16,1,18,2,20,3,22,4,24,5,26,6,28,7,30, - 8,32,9,34,10,36,11,38,12,40,13,42,14,44,15,46,16,48,17,50,18,52,19,54,20, - 56,21,58,22,60,23,62,24,64,0,66,25,68,0,70,0,72,26,74,27,76,28,78,29,80, - 0,82,0,84,0,86,0,88,0,90,0,92,0,94,0,96,0,98,0,100,30,102,31,104,32,106, - 33,108,34,110,35,112,36,114,37,116,38,118,39,120,40,122,41,124,42,126,43, - 128,44,130,45,132,46,134,47,136,48,138,49,140,50,142,51,144,52,146,53,148, - 54,150,55,152,56,154,57,156,58,158,59,160,60,162,61,164,62,166,63,168,64, - 170,65,172,66,174,67,176,68,178,69,180,70,182,71,184,72,186,0,188,73,190, - 74,192,75,194,76,196,0,198,0,200,0,202,0,204,0,206,0,208,77,210,0,212,0, - 214,78,216,79,218,80,220,0,222,0,224,0,226,0,228,0,230,81,232,82,234,83, - 236,84,238,0,240,0,242,0,244,0,246,85,248,0,250,86,252,87,254,88,256,0, - 258,0,260,89,262,90,264,0,266,91,268,0,270,92,272,93,274,94,276,0,278,0, - 280,0,282,0,284,0,286,0,288,0,290,95,292,96,294,97,296,0,298,0,300,0,302, - 0,304,0,306,0,308,0,310,98,312,99,314,100,316,0,318,0,320,0,322,0,324,101, - 326,102,328,103,330,0,332,0,334,0,336,0,338,104,340,105,342,106,344,0,346, - 107,348,108,350,109,352,110,354,0,356,111,358,112,360,113,362,114,364,0, - 366,115,368,116,370,117,372,118,374,119,376,0,378,0,380,0,382,120,384,121, - 386,122,388,0,390,0,392,123,394,124,396,125,398,0,400,0,402,0,404,0,16, - 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,35,2,0,68,68,100,100,2,0,73,73,105, - 105,2,0,83,83,115,115,2,0,69,69,101,101,2,0,67,67,99,99,2,0,84,84,116,116, - 2,0,82,82,114,114,2,0,79,79,111,111,2,0,80,80,112,112,2,0,78,78,110,110, - 2,0,72,72,104,104,2,0,86,86,118,118,2,0,65,65,97,97,2,0,76,76,108,108,2, - 0,88,88,120,120,2,0,70,70,102,102,2,0,77,77,109,109,2,0,71,71,103,103,2, - 0,75,75,107,107,2,0,85,85,117,117,2,0,87,87,119,119,6,0,9,10,13,13,32,32, - 47,47,91,91,93,93,2,0,10,10,13,13,3,0,9,10,13,13,32,32,11,0,9,10,13,13, - 32,32,34,34,44,44,47,47,58,58,61,61,91,91,93,93,124,124,2,0,42,42,47,47, - 1,0,48,57,2,0,65,90,97,122,8,0,34,34,78,78,82,82,84,84,92,92,110,110,114, + 2,193,7,193,2,194,7,194,2,195,7,195,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0, + 1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,2,1,2,1,2,1,2,1,2,1,2,1,2,1,2,1,2,1,3, + 1,3,1,3,1,3,1,3,1,3,1,3,1,4,1,4,1,4,1,4,1,4,1,4,1,4,1,4,1,4,1,4,1,5,1,5, + 1,5,1,5,1,5,1,5,1,5,1,6,1,6,1,6,1,6,1,6,1,6,1,6,1,7,1,7,1,7,1,7,1,7,1,7, + 1,7,1,7,1,7,1,7,1,7,1,7,1,7,1,7,1,8,1,8,1,8,1,8,1,8,1,8,1,8,1,9,1,9,1,9, + 1,9,1,9,1,9,1,9,1,9,1,10,1,10,1,10,1,10,1,10,1,10,1,10,1,10,1,10,1,11,1, + 11,1,11,1,11,1,11,1,11,1,11,1,12,1,12,1,12,1,12,1,12,1,12,1,12,1,12,1,12, + 1,12,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,13,1,14,1, + 14,1,14,1,14,1,14,1,14,1,14,1,14,1,14,1,15,1,15,1,15,1,15,1,15,1,15,1,16, + 1,16,1,16,1,16,1,16,1,16,1,16,1,17,1,17,1,17,1,17,1,17,1,17,1,17,1,18,1, + 18,1,18,1,18,1,18,1,18,1,18,1,18,1,19,1,19,1,19,1,19,1,19,1,19,1,19,1,19, + 1,20,1,20,1,20,1,20,1,20,1,20,1,20,1,20,1,21,4,21,587,8,21,11,21,12,21, + 588,1,21,1,21,1,22,1,22,1,22,1,22,5,22,597,8,22,10,22,12,22,600,9,22,1, + 22,3,22,603,8,22,1,22,3,22,606,8,22,1,22,1,22,1,23,1,23,1,23,1,23,1,23, + 5,23,615,8,23,10,23,12,23,618,9,23,1,23,1,23,1,23,1,23,1,23,1,24,4,24,626, + 8,24,11,24,12,24,627,1,24,1,24,1,25,1,25,1,25,3,25,635,8,25,1,26,4,26,638, + 8,26,11,26,12,26,639,1,27,1,27,1,27,1,27,1,27,1,28,1,28,1,28,1,28,1,28, + 1,29,1,29,1,29,1,29,1,30,1,30,1,30,1,30,1,31,1,31,1,31,1,31,1,32,1,32,1, + 32,1,32,1,33,1,33,1,34,1,34,1,35,1,35,1,35,1,36,1,36,1,37,1,37,3,37,679, + 8,37,1,37,4,37,682,8,37,11,37,12,37,683,1,38,1,38,1,39,1,39,1,40,1,40,1, + 40,3,40,693,8,40,1,41,1,41,1,42,1,42,1,42,3,42,700,8,42,1,43,1,43,1,43, + 5,43,705,8,43,10,43,12,43,708,9,43,1,43,1,43,1,43,1,43,1,43,1,43,5,43,716, + 8,43,10,43,12,43,719,9,43,1,43,1,43,1,43,1,43,1,43,3,43,726,8,43,1,43,3, + 43,729,8,43,3,43,731,8,43,1,44,4,44,734,8,44,11,44,12,44,735,1,45,4,45, + 739,8,45,11,45,12,45,740,1,45,1,45,5,45,745,8,45,10,45,12,45,748,9,45,1, + 45,1,45,4,45,752,8,45,11,45,12,45,753,1,45,4,45,757,8,45,11,45,12,45,758, + 1,45,1,45,5,45,763,8,45,10,45,12,45,766,9,45,3,45,768,8,45,1,45,1,45,1, + 45,1,45,4,45,774,8,45,11,45,12,45,775,1,45,1,45,3,45,780,8,45,1,46,1,46, + 1,46,1,47,1,47,1,47,1,47,1,48,1,48,1,48,1,48,1,49,1,49,1,50,1,50,1,50,1, + 51,1,51,1,52,1,52,1,52,1,52,1,52,1,53,1,53,1,54,1,54,1,54,1,54,1,54,1,54, + 1,55,1,55,1,55,1,55,1,55,1,55,1,56,1,56,1,56,1,57,1,57,1,57,1,58,1,58,1, + 58,1,58,1,58,1,59,1,59,1,59,1,59,1,59,1,60,1,60,1,61,1,61,1,61,1,61,1,61, + 1,61,1,62,1,62,1,62,1,62,1,63,1,63,1,63,1,63,1,63,1,64,1,64,1,64,1,64,1, + 64,1,64,1,65,1,65,1,65,1,66,1,66,1,67,1,67,1,67,1,67,1,67,1,67,1,68,1,68, + 1,69,1,69,1,69,1,69,1,69,1,70,1,70,1,70,1,71,1,71,1,71,1,72,1,72,1,72,1, + 73,1,73,1,74,1,74,1,74,1,75,1,75,1,76,1,76,1,76,1,77,1,77,1,78,1,78,1,79, + 1,79,1,80,1,80,1,81,1,81,1,82,1,82,1,82,5,82,908,8,82,10,82,12,82,911,9, + 82,1,82,1,82,4,82,915,8,82,11,82,12,82,916,3,82,919,8,82,1,83,1,83,1,83, + 1,83,1,83,1,84,1,84,1,84,1,84,1,84,1,85,1,85,5,85,933,8,85,10,85,12,85, + 936,9,85,1,85,1,85,3,85,940,8,85,1,85,4,85,943,8,85,11,85,12,85,944,3,85, + 947,8,85,1,86,1,86,4,86,951,8,86,11,86,12,86,952,1,86,1,86,1,87,1,87,1, + 88,1,88,1,88,1,88,1,89,1,89,1,89,1,89,1,90,1,90,1,90,1,90,1,91,1,91,1,91, + 1,91,1,91,1,92,1,92,1,92,1,92,1,93,1,93,1,93,1,93,1,94,1,94,1,94,1,94,1, + 95,1,95,1,95,1,95,1,96,1,96,1,96,1,96,1,97,1,97,1,97,1,97,1,97,1,97,1,97, + 1,97,1,97,1,98,1,98,1,98,1,98,1,99,1,99,1,99,1,99,1,100,1,100,1,100,1,100, + 1,101,1,101,1,101,1,101,1,102,1,102,1,102,1,102,1,103,1,103,1,103,1,103, + 1,103,1,104,1,104,1,104,1,104,1,105,1,105,1,105,1,105,1,106,1,106,1,106, + 1,106,3,106,1042,8,106,1,107,1,107,3,107,1046,8,107,1,107,5,107,1049,8, + 107,10,107,12,107,1052,9,107,1,107,1,107,3,107,1056,8,107,1,107,4,107,1059, + 8,107,11,107,12,107,1060,3,107,1063,8,107,1,108,1,108,4,108,1067,8,108, + 11,108,12,108,1068,1,109,1,109,1,109,1,109,1,110,1,110,1,110,1,110,1,111, + 1,111,1,111,1,111,1,112,1,112,1,112,1,112,1,112,1,113,1,113,1,113,1,113, + 1,114,1,114,1,114,1,114,1,115,1,115,1,115,1,115,1,116,1,116,1,116,1,117, + 1,117,1,117,1,117,1,118,1,118,1,118,1,118,1,119,1,119,1,119,1,119,1,120, + 1,120,1,120,1,120,1,121,1,121,1,121,1,121,1,121,1,122,1,122,1,122,1,122, + 1,122,1,123,1,123,1,123,1,123,1,123,1,124,1,124,1,124,1,124,1,124,1,124, + 1,124,1,125,1,125,1,126,4,126,1144,8,126,11,126,12,126,1145,1,126,1,126, + 3,126,1150,8,126,1,126,4,126,1153,8,126,11,126,12,126,1154,1,127,1,127, + 1,127,1,127,1,128,1,128,1,128,1,128,1,129,1,129,1,129,1,129,1,130,1,130, + 1,130,1,130,1,131,1,131,1,131,1,131,1,131,1,131,1,132,1,132,1,132,1,132, + 1,133,1,133,1,133,1,133,1,134,1,134,1,134,1,134,1,135,1,135,1,135,1,135, + 1,136,1,136,1,136,1,136,1,137,1,137,1,137,1,137,1,138,1,138,1,138,1,138, + 1,139,1,139,1,139,1,139,1,140,1,140,1,140,1,140,1,141,1,141,1,141,1,141, + 1,141,1,142,1,142,1,142,1,142,1,143,1,143,1,143,1,143,1,144,1,144,1,144, + 1,144,1,145,1,145,1,145,1,145,1,145,1,146,1,146,1,146,1,146,1,147,1,147, + 1,147,1,147,1,148,1,148,1,148,1,148,1,149,1,149,1,149,1,149,1,150,1,150, + 1,150,1,150,1,151,1,151,1,151,1,151,1,151,1,151,1,152,1,152,1,152,1,152, + 1,153,1,153,1,153,1,153,1,154,1,154,1,154,1,154,1,155,1,155,1,155,1,155, + 1,156,1,156,1,156,1,156,1,157,1,157,1,157,1,157,1,158,1,158,1,158,1,158, + 1,158,1,159,1,159,1,159,1,159,1,160,1,160,1,160,1,160,1,161,1,161,1,161, + 1,161,1,162,1,162,1,162,1,162,1,163,1,163,1,163,1,163,1,164,1,164,1,164, + 1,164,1,165,1,165,1,165,1,165,1,165,1,166,1,166,1,166,1,166,1,166,1,167, + 1,167,1,167,1,167,1,168,1,168,1,168,1,168,1,169,1,169,1,169,1,169,1,170, + 1,170,1,170,1,170,1,170,1,171,1,171,1,171,1,171,1,171,1,171,1,171,1,171, + 1,171,1,171,1,172,1,172,1,172,1,172,1,173,1,173,1,173,1,173,1,174,1,174, + 1,174,1,174,1,175,1,175,1,175,1,175,1,175,1,176,1,176,1,177,1,177,1,177, + 1,177,1,177,4,177,1377,8,177,11,177,12,177,1378,1,178,1,178,1,178,1,178, + 1,179,1,179,1,179,1,179,1,180,1,180,1,180,1,180,1,181,1,181,1,181,1,181, + 1,181,1,182,1,182,1,182,1,182,1,182,1,182,1,183,1,183,1,183,1,183,1,183, + 1,183,1,184,1,184,1,184,1,184,1,185,1,185,1,185,1,185,1,186,1,186,1,186, + 1,186,1,187,1,187,1,187,1,187,1,187,1,187,1,188,1,188,1,188,1,188,1,188, + 1,188,1,189,1,189,1,189,1,189,1,190,1,190,1,190,1,190,1,191,1,191,1,191, + 1,191,1,192,1,192,1,192,1,192,1,192,1,192,1,193,1,193,1,193,1,193,1,193, + 1,193,1,194,1,194,1,194,1,194,1,194,1,194,1,195,1,195,1,195,1,195,1,195, + 2,616,717,0,196,16,1,18,2,20,3,22,4,24,5,26,6,28,7,30,8,32,9,34,10,36,11, + 38,12,40,13,42,14,44,15,46,16,48,17,50,18,52,19,54,20,56,21,58,22,60,23, + 62,24,64,25,66,0,68,26,70,0,72,0,74,27,76,28,78,29,80,30,82,0,84,0,86,0, + 88,0,90,0,92,0,94,0,96,0,98,0,100,0,102,31,104,32,106,33,108,34,110,35, + 112,36,114,37,116,38,118,39,120,40,122,41,124,42,126,43,128,44,130,45,132, + 46,134,47,136,48,138,49,140,50,142,51,144,52,146,53,148,54,150,55,152,56, + 154,57,156,58,158,59,160,60,162,61,164,62,166,63,168,64,170,65,172,66,174, + 67,176,68,178,69,180,70,182,71,184,72,186,73,188,0,190,74,192,75,194,76, + 196,77,198,0,200,0,202,0,204,0,206,0,208,0,210,78,212,0,214,0,216,79,218, + 80,220,81,222,0,224,0,226,0,228,0,230,0,232,82,234,83,236,84,238,85,240, + 0,242,0,244,0,246,0,248,86,250,0,252,87,254,88,256,89,258,0,260,0,262,90, + 264,91,266,0,268,92,270,0,272,93,274,94,276,95,278,0,280,0,282,0,284,0, + 286,0,288,0,290,0,292,96,294,97,296,98,298,0,300,0,302,0,304,0,306,0,308, + 0,310,0,312,99,314,100,316,101,318,0,320,0,322,0,324,0,326,102,328,103, + 330,104,332,0,334,0,336,0,338,0,340,105,342,106,344,107,346,0,348,108,350, + 109,352,110,354,111,356,0,358,112,360,113,362,114,364,115,366,0,368,116, + 370,117,372,118,374,119,376,120,378,0,380,0,382,0,384,121,386,122,388,123, + 390,0,392,0,394,124,396,125,398,126,400,0,402,0,404,0,406,0,16,0,1,2,3, + 4,5,6,7,8,9,10,11,12,13,14,15,35,2,0,68,68,100,100,2,0,73,73,105,105,2, + 0,83,83,115,115,2,0,69,69,101,101,2,0,67,67,99,99,2,0,84,84,116,116,2,0, + 82,82,114,114,2,0,79,79,111,111,2,0,80,80,112,112,2,0,78,78,110,110,2,0, + 72,72,104,104,2,0,86,86,118,118,2,0,65,65,97,97,2,0,76,76,108,108,2,0,88, + 88,120,120,2,0,70,70,102,102,2,0,77,77,109,109,2,0,71,71,103,103,2,0,75, + 75,107,107,2,0,85,85,117,117,2,0,87,87,119,119,6,0,9,10,13,13,32,32,47, + 47,91,91,93,93,2,0,10,10,13,13,3,0,9,10,13,13,32,32,11,0,9,10,13,13,32, + 32,34,34,44,44,47,47,58,58,61,61,91,91,93,93,124,124,2,0,42,42,47,47,1, + 0,48,57,2,0,65,90,97,122,8,0,34,34,78,78,82,82,84,84,92,92,110,110,114, 114,116,116,4,0,10,10,13,13,34,34,92,92,2,0,43,43,45,45,1,0,96,96,2,0,66, 66,98,98,2,0,89,89,121,121,11,0,9,10,13,13,32,32,34,35,44,44,47,47,58,58, - 60,60,62,63,92,92,124,124,1484,0,16,1,0,0,0,0,18,1,0,0,0,0,20,1,0,0,0,0, + 60,60,62,63,92,92,124,124,1494,0,16,1,0,0,0,0,18,1,0,0,0,0,20,1,0,0,0,0, 22,1,0,0,0,0,24,1,0,0,0,0,26,1,0,0,0,0,28,1,0,0,0,0,30,1,0,0,0,0,32,1,0, 0,0,0,34,1,0,0,0,0,36,1,0,0,0,0,38,1,0,0,0,0,40,1,0,0,0,0,42,1,0,0,0,0, 44,1,0,0,0,0,46,1,0,0,0,0,48,1,0,0,0,0,50,1,0,0,0,0,52,1,0,0,0,0,54,1,0, - 0,0,0,56,1,0,0,0,0,58,1,0,0,0,0,60,1,0,0,0,0,62,1,0,0,0,0,66,1,0,0,0,1, - 68,1,0,0,0,1,70,1,0,0,0,1,72,1,0,0,0,1,74,1,0,0,0,1,76,1,0,0,0,2,78,1,0, - 0,0,2,100,1,0,0,0,2,102,1,0,0,0,2,104,1,0,0,0,2,106,1,0,0,0,2,108,1,0,0, + 0,0,0,56,1,0,0,0,0,58,1,0,0,0,0,60,1,0,0,0,0,62,1,0,0,0,0,64,1,0,0,0,0, + 68,1,0,0,0,1,70,1,0,0,0,1,72,1,0,0,0,1,74,1,0,0,0,1,76,1,0,0,0,1,78,1,0, + 0,0,2,80,1,0,0,0,2,102,1,0,0,0,2,104,1,0,0,0,2,106,1,0,0,0,2,108,1,0,0, 0,2,110,1,0,0,0,2,112,1,0,0,0,2,114,1,0,0,0,2,116,1,0,0,0,2,118,1,0,0,0, 2,120,1,0,0,0,2,122,1,0,0,0,2,124,1,0,0,0,2,126,1,0,0,0,2,128,1,0,0,0,2, 130,1,0,0,0,2,132,1,0,0,0,2,134,1,0,0,0,2,136,1,0,0,0,2,138,1,0,0,0,2,140, @@ -538,350 +541,352 @@ export default class esql_lexer extends Lexer { 0,0,0,2,152,1,0,0,0,2,154,1,0,0,0,2,156,1,0,0,0,2,158,1,0,0,0,2,160,1,0, 0,0,2,162,1,0,0,0,2,164,1,0,0,0,2,166,1,0,0,0,2,168,1,0,0,0,2,170,1,0,0, 0,2,172,1,0,0,0,2,174,1,0,0,0,2,176,1,0,0,0,2,178,1,0,0,0,2,180,1,0,0,0, - 2,182,1,0,0,0,2,184,1,0,0,0,2,188,1,0,0,0,2,190,1,0,0,0,2,192,1,0,0,0,2, - 194,1,0,0,0,3,196,1,0,0,0,3,198,1,0,0,0,3,200,1,0,0,0,3,202,1,0,0,0,3,204, + 2,182,1,0,0,0,2,184,1,0,0,0,2,186,1,0,0,0,2,190,1,0,0,0,2,192,1,0,0,0,2, + 194,1,0,0,0,2,196,1,0,0,0,3,198,1,0,0,0,3,200,1,0,0,0,3,202,1,0,0,0,3,204, 1,0,0,0,3,206,1,0,0,0,3,208,1,0,0,0,3,210,1,0,0,0,3,212,1,0,0,0,3,214,1, - 0,0,0,3,216,1,0,0,0,3,218,1,0,0,0,4,220,1,0,0,0,4,222,1,0,0,0,4,224,1,0, - 0,0,4,230,1,0,0,0,4,232,1,0,0,0,4,234,1,0,0,0,4,236,1,0,0,0,5,238,1,0,0, + 0,0,0,3,216,1,0,0,0,3,218,1,0,0,0,3,220,1,0,0,0,4,222,1,0,0,0,4,224,1,0, + 0,0,4,226,1,0,0,0,4,232,1,0,0,0,4,234,1,0,0,0,4,236,1,0,0,0,4,238,1,0,0, 0,5,240,1,0,0,0,5,242,1,0,0,0,5,244,1,0,0,0,5,246,1,0,0,0,5,248,1,0,0,0, - 5,250,1,0,0,0,5,252,1,0,0,0,5,254,1,0,0,0,6,256,1,0,0,0,6,258,1,0,0,0,6, - 260,1,0,0,0,6,262,1,0,0,0,6,266,1,0,0,0,6,268,1,0,0,0,6,270,1,0,0,0,6,272, - 1,0,0,0,6,274,1,0,0,0,7,276,1,0,0,0,7,278,1,0,0,0,7,280,1,0,0,0,7,282,1, + 5,250,1,0,0,0,5,252,1,0,0,0,5,254,1,0,0,0,5,256,1,0,0,0,6,258,1,0,0,0,6, + 260,1,0,0,0,6,262,1,0,0,0,6,264,1,0,0,0,6,268,1,0,0,0,6,270,1,0,0,0,6,272, + 1,0,0,0,6,274,1,0,0,0,6,276,1,0,0,0,7,278,1,0,0,0,7,280,1,0,0,0,7,282,1, 0,0,0,7,284,1,0,0,0,7,286,1,0,0,0,7,288,1,0,0,0,7,290,1,0,0,0,7,292,1,0, - 0,0,7,294,1,0,0,0,8,296,1,0,0,0,8,298,1,0,0,0,8,300,1,0,0,0,8,302,1,0,0, + 0,0,7,294,1,0,0,0,7,296,1,0,0,0,8,298,1,0,0,0,8,300,1,0,0,0,8,302,1,0,0, 0,8,304,1,0,0,0,8,306,1,0,0,0,8,308,1,0,0,0,8,310,1,0,0,0,8,312,1,0,0,0, - 8,314,1,0,0,0,9,316,1,0,0,0,9,318,1,0,0,0,9,320,1,0,0,0,9,322,1,0,0,0,9, - 324,1,0,0,0,9,326,1,0,0,0,9,328,1,0,0,0,10,330,1,0,0,0,10,332,1,0,0,0,10, + 8,314,1,0,0,0,8,316,1,0,0,0,9,318,1,0,0,0,9,320,1,0,0,0,9,322,1,0,0,0,9, + 324,1,0,0,0,9,326,1,0,0,0,9,328,1,0,0,0,9,330,1,0,0,0,10,332,1,0,0,0,10, 334,1,0,0,0,10,336,1,0,0,0,10,338,1,0,0,0,10,340,1,0,0,0,10,342,1,0,0,0, - 11,344,1,0,0,0,11,346,1,0,0,0,11,348,1,0,0,0,11,350,1,0,0,0,11,352,1,0, - 0,0,12,354,1,0,0,0,12,356,1,0,0,0,12,358,1,0,0,0,12,360,1,0,0,0,12,362, - 1,0,0,0,13,364,1,0,0,0,13,366,1,0,0,0,13,368,1,0,0,0,13,370,1,0,0,0,13, - 372,1,0,0,0,13,374,1,0,0,0,14,376,1,0,0,0,14,378,1,0,0,0,14,380,1,0,0,0, - 14,382,1,0,0,0,14,384,1,0,0,0,14,386,1,0,0,0,15,388,1,0,0,0,15,390,1,0, + 10,344,1,0,0,0,11,346,1,0,0,0,11,348,1,0,0,0,11,350,1,0,0,0,11,352,1,0, + 0,0,11,354,1,0,0,0,12,356,1,0,0,0,12,358,1,0,0,0,12,360,1,0,0,0,12,362, + 1,0,0,0,12,364,1,0,0,0,13,366,1,0,0,0,13,368,1,0,0,0,13,370,1,0,0,0,13, + 372,1,0,0,0,13,374,1,0,0,0,13,376,1,0,0,0,14,378,1,0,0,0,14,380,1,0,0,0, + 14,382,1,0,0,0,14,384,1,0,0,0,14,386,1,0,0,0,14,388,1,0,0,0,15,390,1,0, 0,0,15,392,1,0,0,0,15,394,1,0,0,0,15,396,1,0,0,0,15,398,1,0,0,0,15,400, - 1,0,0,0,15,402,1,0,0,0,15,404,1,0,0,0,16,406,1,0,0,0,18,416,1,0,0,0,20, - 423,1,0,0,0,22,432,1,0,0,0,24,439,1,0,0,0,26,449,1,0,0,0,28,456,1,0,0,0, - 30,463,1,0,0,0,32,477,1,0,0,0,34,484,1,0,0,0,36,492,1,0,0,0,38,501,1,0, - 0,0,40,508,1,0,0,0,42,518,1,0,0,0,44,530,1,0,0,0,46,539,1,0,0,0,48,545, - 1,0,0,0,50,552,1,0,0,0,52,559,1,0,0,0,54,567,1,0,0,0,56,576,1,0,0,0,58, - 582,1,0,0,0,60,599,1,0,0,0,62,615,1,0,0,0,64,624,1,0,0,0,66,627,1,0,0,0, - 68,631,1,0,0,0,70,636,1,0,0,0,72,641,1,0,0,0,74,645,1,0,0,0,76,649,1,0, - 0,0,78,653,1,0,0,0,80,657,1,0,0,0,82,659,1,0,0,0,84,661,1,0,0,0,86,664, - 1,0,0,0,88,666,1,0,0,0,90,675,1,0,0,0,92,677,1,0,0,0,94,682,1,0,0,0,96, - 684,1,0,0,0,98,689,1,0,0,0,100,720,1,0,0,0,102,723,1,0,0,0,104,769,1,0, - 0,0,106,771,1,0,0,0,108,774,1,0,0,0,110,778,1,0,0,0,112,782,1,0,0,0,114, - 784,1,0,0,0,116,787,1,0,0,0,118,789,1,0,0,0,120,794,1,0,0,0,122,796,1,0, - 0,0,124,802,1,0,0,0,126,808,1,0,0,0,128,811,1,0,0,0,130,814,1,0,0,0,132, - 819,1,0,0,0,134,824,1,0,0,0,136,826,1,0,0,0,138,832,1,0,0,0,140,836,1,0, - 0,0,142,841,1,0,0,0,144,847,1,0,0,0,146,850,1,0,0,0,148,852,1,0,0,0,150, - 858,1,0,0,0,152,860,1,0,0,0,154,865,1,0,0,0,156,868,1,0,0,0,158,871,1,0, - 0,0,160,874,1,0,0,0,162,876,1,0,0,0,164,879,1,0,0,0,166,881,1,0,0,0,168, - 884,1,0,0,0,170,886,1,0,0,0,172,888,1,0,0,0,174,890,1,0,0,0,176,892,1,0, - 0,0,178,908,1,0,0,0,180,910,1,0,0,0,182,915,1,0,0,0,184,936,1,0,0,0,186, - 938,1,0,0,0,188,946,1,0,0,0,190,948,1,0,0,0,192,952,1,0,0,0,194,956,1,0, - 0,0,196,960,1,0,0,0,198,965,1,0,0,0,200,969,1,0,0,0,202,973,1,0,0,0,204, - 977,1,0,0,0,206,981,1,0,0,0,208,985,1,0,0,0,210,994,1,0,0,0,212,998,1,0, - 0,0,214,1002,1,0,0,0,216,1006,1,0,0,0,218,1010,1,0,0,0,220,1014,1,0,0,0, - 222,1019,1,0,0,0,224,1023,1,0,0,0,226,1031,1,0,0,0,228,1052,1,0,0,0,230, - 1056,1,0,0,0,232,1060,1,0,0,0,234,1064,1,0,0,0,236,1068,1,0,0,0,238,1072, - 1,0,0,0,240,1077,1,0,0,0,242,1081,1,0,0,0,244,1085,1,0,0,0,246,1089,1,0, - 0,0,248,1092,1,0,0,0,250,1096,1,0,0,0,252,1100,1,0,0,0,254,1104,1,0,0,0, - 256,1108,1,0,0,0,258,1113,1,0,0,0,260,1118,1,0,0,0,262,1123,1,0,0,0,264, - 1130,1,0,0,0,266,1139,1,0,0,0,268,1146,1,0,0,0,270,1150,1,0,0,0,272,1154, - 1,0,0,0,274,1158,1,0,0,0,276,1162,1,0,0,0,278,1168,1,0,0,0,280,1172,1,0, - 0,0,282,1176,1,0,0,0,284,1180,1,0,0,0,286,1184,1,0,0,0,288,1188,1,0,0,0, - 290,1192,1,0,0,0,292,1196,1,0,0,0,294,1200,1,0,0,0,296,1204,1,0,0,0,298, - 1209,1,0,0,0,300,1213,1,0,0,0,302,1217,1,0,0,0,304,1221,1,0,0,0,306,1226, - 1,0,0,0,308,1230,1,0,0,0,310,1234,1,0,0,0,312,1238,1,0,0,0,314,1242,1,0, - 0,0,316,1246,1,0,0,0,318,1252,1,0,0,0,320,1256,1,0,0,0,322,1260,1,0,0,0, - 324,1264,1,0,0,0,326,1268,1,0,0,0,328,1272,1,0,0,0,330,1276,1,0,0,0,332, - 1281,1,0,0,0,334,1285,1,0,0,0,336,1289,1,0,0,0,338,1293,1,0,0,0,340,1297, - 1,0,0,0,342,1301,1,0,0,0,344,1305,1,0,0,0,346,1310,1,0,0,0,348,1315,1,0, - 0,0,350,1319,1,0,0,0,352,1323,1,0,0,0,354,1327,1,0,0,0,356,1332,1,0,0,0, - 358,1342,1,0,0,0,360,1346,1,0,0,0,362,1350,1,0,0,0,364,1354,1,0,0,0,366, - 1359,1,0,0,0,368,1366,1,0,0,0,370,1370,1,0,0,0,372,1374,1,0,0,0,374,1378, - 1,0,0,0,376,1382,1,0,0,0,378,1387,1,0,0,0,380,1393,1,0,0,0,382,1399,1,0, - 0,0,384,1403,1,0,0,0,386,1407,1,0,0,0,388,1411,1,0,0,0,390,1417,1,0,0,0, - 392,1423,1,0,0,0,394,1427,1,0,0,0,396,1431,1,0,0,0,398,1435,1,0,0,0,400, - 1441,1,0,0,0,402,1447,1,0,0,0,404,1453,1,0,0,0,406,407,7,0,0,0,407,408, - 7,1,0,0,408,409,7,2,0,0,409,410,7,2,0,0,410,411,7,3,0,0,411,412,7,4,0,0, - 412,413,7,5,0,0,413,414,1,0,0,0,414,415,6,0,0,0,415,17,1,0,0,0,416,417, - 7,0,0,0,417,418,7,6,0,0,418,419,7,7,0,0,419,420,7,8,0,0,420,421,1,0,0,0, - 421,422,6,1,1,0,422,19,1,0,0,0,423,424,7,3,0,0,424,425,7,9,0,0,425,426, - 7,6,0,0,426,427,7,1,0,0,427,428,7,4,0,0,428,429,7,10,0,0,429,430,1,0,0, - 0,430,431,6,2,2,0,431,21,1,0,0,0,432,433,7,3,0,0,433,434,7,11,0,0,434,435, - 7,12,0,0,435,436,7,13,0,0,436,437,1,0,0,0,437,438,6,3,0,0,438,23,1,0,0, - 0,439,440,7,3,0,0,440,441,7,14,0,0,441,442,7,8,0,0,442,443,7,13,0,0,443, - 444,7,12,0,0,444,445,7,1,0,0,445,446,7,9,0,0,446,447,1,0,0,0,447,448,6, - 4,3,0,448,25,1,0,0,0,449,450,7,15,0,0,450,451,7,6,0,0,451,452,7,7,0,0,452, - 453,7,16,0,0,453,454,1,0,0,0,454,455,6,5,4,0,455,27,1,0,0,0,456,457,7,17, - 0,0,457,458,7,6,0,0,458,459,7,7,0,0,459,460,7,18,0,0,460,461,1,0,0,0,461, - 462,6,6,0,0,462,29,1,0,0,0,463,464,7,1,0,0,464,465,7,9,0,0,465,466,7,13, - 0,0,466,467,7,1,0,0,467,468,7,9,0,0,468,469,7,3,0,0,469,470,7,2,0,0,470, - 471,7,5,0,0,471,472,7,12,0,0,472,473,7,5,0,0,473,474,7,2,0,0,474,475,1, - 0,0,0,475,476,6,7,0,0,476,31,1,0,0,0,477,478,7,18,0,0,478,479,7,3,0,0,479, - 480,7,3,0,0,480,481,7,8,0,0,481,482,1,0,0,0,482,483,6,8,1,0,483,33,1,0, - 0,0,484,485,7,13,0,0,485,486,7,1,0,0,486,487,7,16,0,0,487,488,7,1,0,0,488, - 489,7,5,0,0,489,490,1,0,0,0,490,491,6,9,0,0,491,35,1,0,0,0,492,493,7,13, - 0,0,493,494,7,7,0,0,494,495,7,7,0,0,495,496,7,18,0,0,496,497,7,19,0,0,497, - 498,7,8,0,0,498,499,1,0,0,0,499,500,6,10,5,0,500,37,1,0,0,0,501,502,7,16, - 0,0,502,503,7,3,0,0,503,504,7,5,0,0,504,505,7,12,0,0,505,506,1,0,0,0,506, - 507,6,11,6,0,507,39,1,0,0,0,508,509,7,16,0,0,509,510,7,3,0,0,510,511,7, - 5,0,0,511,512,7,6,0,0,512,513,7,1,0,0,513,514,7,4,0,0,514,515,7,2,0,0,515, - 516,1,0,0,0,516,517,6,12,7,0,517,41,1,0,0,0,518,519,7,16,0,0,519,520,7, - 11,0,0,520,521,5,95,0,0,521,522,7,3,0,0,522,523,7,14,0,0,523,524,7,8,0, - 0,524,525,7,12,0,0,525,526,7,9,0,0,526,527,7,0,0,0,527,528,1,0,0,0,528, - 529,6,13,8,0,529,43,1,0,0,0,530,531,7,6,0,0,531,532,7,3,0,0,532,533,7,9, - 0,0,533,534,7,12,0,0,534,535,7,16,0,0,535,536,7,3,0,0,536,537,1,0,0,0,537, - 538,6,14,9,0,538,45,1,0,0,0,539,540,7,6,0,0,540,541,7,7,0,0,541,542,7,20, - 0,0,542,543,1,0,0,0,543,544,6,15,0,0,544,47,1,0,0,0,545,546,7,2,0,0,546, - 547,7,10,0,0,547,548,7,7,0,0,548,549,7,20,0,0,549,550,1,0,0,0,550,551,6, - 16,10,0,551,49,1,0,0,0,552,553,7,2,0,0,553,554,7,7,0,0,554,555,7,6,0,0, - 555,556,7,5,0,0,556,557,1,0,0,0,557,558,6,17,0,0,558,51,1,0,0,0,559,560, - 7,2,0,0,560,561,7,5,0,0,561,562,7,12,0,0,562,563,7,5,0,0,563,564,7,2,0, - 0,564,565,1,0,0,0,565,566,6,18,0,0,566,53,1,0,0,0,567,568,7,20,0,0,568, - 569,7,10,0,0,569,570,7,3,0,0,570,571,7,6,0,0,571,572,7,3,0,0,572,573,1, - 0,0,0,573,574,6,19,0,0,574,55,1,0,0,0,575,577,8,21,0,0,576,575,1,0,0,0, - 577,578,1,0,0,0,578,576,1,0,0,0,578,579,1,0,0,0,579,580,1,0,0,0,580,581, - 6,20,0,0,581,57,1,0,0,0,582,583,5,47,0,0,583,584,5,47,0,0,584,588,1,0,0, - 0,585,587,8,22,0,0,586,585,1,0,0,0,587,590,1,0,0,0,588,586,1,0,0,0,588, - 589,1,0,0,0,589,592,1,0,0,0,590,588,1,0,0,0,591,593,5,13,0,0,592,591,1, - 0,0,0,592,593,1,0,0,0,593,595,1,0,0,0,594,596,5,10,0,0,595,594,1,0,0,0, - 595,596,1,0,0,0,596,597,1,0,0,0,597,598,6,21,11,0,598,59,1,0,0,0,599,600, - 5,47,0,0,600,601,5,42,0,0,601,606,1,0,0,0,602,605,3,60,22,0,603,605,9,0, - 0,0,604,602,1,0,0,0,604,603,1,0,0,0,605,608,1,0,0,0,606,607,1,0,0,0,606, - 604,1,0,0,0,607,609,1,0,0,0,608,606,1,0,0,0,609,610,5,42,0,0,610,611,5, - 47,0,0,611,612,1,0,0,0,612,613,6,22,11,0,613,61,1,0,0,0,614,616,7,23,0, - 0,615,614,1,0,0,0,616,617,1,0,0,0,617,615,1,0,0,0,617,618,1,0,0,0,618,619, - 1,0,0,0,619,620,6,23,11,0,620,63,1,0,0,0,621,625,8,24,0,0,622,623,5,47, - 0,0,623,625,8,25,0,0,624,621,1,0,0,0,624,622,1,0,0,0,625,65,1,0,0,0,626, - 628,3,64,24,0,627,626,1,0,0,0,628,629,1,0,0,0,629,627,1,0,0,0,629,630,1, - 0,0,0,630,67,1,0,0,0,631,632,3,180,82,0,632,633,1,0,0,0,633,634,6,26,12, - 0,634,635,6,26,13,0,635,69,1,0,0,0,636,637,3,78,31,0,637,638,1,0,0,0,638, - 639,6,27,14,0,639,640,6,27,15,0,640,71,1,0,0,0,641,642,3,62,23,0,642,643, - 1,0,0,0,643,644,6,28,11,0,644,73,1,0,0,0,645,646,3,58,21,0,646,647,1,0, - 0,0,647,648,6,29,11,0,648,75,1,0,0,0,649,650,3,60,22,0,650,651,1,0,0,0, - 651,652,6,30,11,0,652,77,1,0,0,0,653,654,5,124,0,0,654,655,1,0,0,0,655, - 656,6,31,15,0,656,79,1,0,0,0,657,658,7,26,0,0,658,81,1,0,0,0,659,660,7, - 27,0,0,660,83,1,0,0,0,661,662,5,92,0,0,662,663,7,28,0,0,663,85,1,0,0,0, - 664,665,8,29,0,0,665,87,1,0,0,0,666,668,7,3,0,0,667,669,7,30,0,0,668,667, - 1,0,0,0,668,669,1,0,0,0,669,671,1,0,0,0,670,672,3,80,32,0,671,670,1,0,0, - 0,672,673,1,0,0,0,673,671,1,0,0,0,673,674,1,0,0,0,674,89,1,0,0,0,675,676, - 5,64,0,0,676,91,1,0,0,0,677,678,5,96,0,0,678,93,1,0,0,0,679,683,8,31,0, - 0,680,681,5,96,0,0,681,683,5,96,0,0,682,679,1,0,0,0,682,680,1,0,0,0,683, - 95,1,0,0,0,684,685,5,95,0,0,685,97,1,0,0,0,686,690,3,82,33,0,687,690,3, - 80,32,0,688,690,3,96,40,0,689,686,1,0,0,0,689,687,1,0,0,0,689,688,1,0,0, - 0,690,99,1,0,0,0,691,696,5,34,0,0,692,695,3,84,34,0,693,695,3,86,35,0,694, - 692,1,0,0,0,694,693,1,0,0,0,695,698,1,0,0,0,696,694,1,0,0,0,696,697,1,0, - 0,0,697,699,1,0,0,0,698,696,1,0,0,0,699,721,5,34,0,0,700,701,5,34,0,0,701, - 702,5,34,0,0,702,703,5,34,0,0,703,707,1,0,0,0,704,706,8,22,0,0,705,704, - 1,0,0,0,706,709,1,0,0,0,707,708,1,0,0,0,707,705,1,0,0,0,708,710,1,0,0,0, - 709,707,1,0,0,0,710,711,5,34,0,0,711,712,5,34,0,0,712,713,5,34,0,0,713, - 715,1,0,0,0,714,716,5,34,0,0,715,714,1,0,0,0,715,716,1,0,0,0,716,718,1, - 0,0,0,717,719,5,34,0,0,718,717,1,0,0,0,718,719,1,0,0,0,719,721,1,0,0,0, - 720,691,1,0,0,0,720,700,1,0,0,0,721,101,1,0,0,0,722,724,3,80,32,0,723,722, - 1,0,0,0,724,725,1,0,0,0,725,723,1,0,0,0,725,726,1,0,0,0,726,103,1,0,0,0, - 727,729,3,80,32,0,728,727,1,0,0,0,729,730,1,0,0,0,730,728,1,0,0,0,730,731, - 1,0,0,0,731,732,1,0,0,0,732,736,3,120,52,0,733,735,3,80,32,0,734,733,1, - 0,0,0,735,738,1,0,0,0,736,734,1,0,0,0,736,737,1,0,0,0,737,770,1,0,0,0,738, - 736,1,0,0,0,739,741,3,120,52,0,740,742,3,80,32,0,741,740,1,0,0,0,742,743, - 1,0,0,0,743,741,1,0,0,0,743,744,1,0,0,0,744,770,1,0,0,0,745,747,3,80,32, - 0,746,745,1,0,0,0,747,748,1,0,0,0,748,746,1,0,0,0,748,749,1,0,0,0,749,757, - 1,0,0,0,750,754,3,120,52,0,751,753,3,80,32,0,752,751,1,0,0,0,753,756,1, - 0,0,0,754,752,1,0,0,0,754,755,1,0,0,0,755,758,1,0,0,0,756,754,1,0,0,0,757, - 750,1,0,0,0,757,758,1,0,0,0,758,759,1,0,0,0,759,760,3,88,36,0,760,770,1, - 0,0,0,761,763,3,120,52,0,762,764,3,80,32,0,763,762,1,0,0,0,764,765,1,0, - 0,0,765,763,1,0,0,0,765,766,1,0,0,0,766,767,1,0,0,0,767,768,3,88,36,0,768, - 770,1,0,0,0,769,728,1,0,0,0,769,739,1,0,0,0,769,746,1,0,0,0,769,761,1,0, - 0,0,770,105,1,0,0,0,771,772,7,32,0,0,772,773,7,33,0,0,773,107,1,0,0,0,774, - 775,7,12,0,0,775,776,7,9,0,0,776,777,7,0,0,0,777,109,1,0,0,0,778,779,7, - 12,0,0,779,780,7,2,0,0,780,781,7,4,0,0,781,111,1,0,0,0,782,783,5,61,0,0, - 783,113,1,0,0,0,784,785,5,58,0,0,785,786,5,58,0,0,786,115,1,0,0,0,787,788, - 5,44,0,0,788,117,1,0,0,0,789,790,7,0,0,0,790,791,7,3,0,0,791,792,7,2,0, - 0,792,793,7,4,0,0,793,119,1,0,0,0,794,795,5,46,0,0,795,121,1,0,0,0,796, - 797,7,15,0,0,797,798,7,12,0,0,798,799,7,13,0,0,799,800,7,2,0,0,800,801, - 7,3,0,0,801,123,1,0,0,0,802,803,7,15,0,0,803,804,7,1,0,0,804,805,7,6,0, - 0,805,806,7,2,0,0,806,807,7,5,0,0,807,125,1,0,0,0,808,809,7,1,0,0,809,810, - 7,9,0,0,810,127,1,0,0,0,811,812,7,1,0,0,812,813,7,2,0,0,813,129,1,0,0,0, - 814,815,7,13,0,0,815,816,7,12,0,0,816,817,7,2,0,0,817,818,7,5,0,0,818,131, - 1,0,0,0,819,820,7,13,0,0,820,821,7,1,0,0,821,822,7,18,0,0,822,823,7,3,0, - 0,823,133,1,0,0,0,824,825,5,40,0,0,825,135,1,0,0,0,826,827,7,16,0,0,827, - 828,7,12,0,0,828,829,7,5,0,0,829,830,7,4,0,0,830,831,7,10,0,0,831,137,1, - 0,0,0,832,833,7,9,0,0,833,834,7,7,0,0,834,835,7,5,0,0,835,139,1,0,0,0,836, - 837,7,9,0,0,837,838,7,19,0,0,838,839,7,13,0,0,839,840,7,13,0,0,840,141, - 1,0,0,0,841,842,7,9,0,0,842,843,7,19,0,0,843,844,7,13,0,0,844,845,7,13, - 0,0,845,846,7,2,0,0,846,143,1,0,0,0,847,848,7,7,0,0,848,849,7,6,0,0,849, - 145,1,0,0,0,850,851,5,63,0,0,851,147,1,0,0,0,852,853,7,6,0,0,853,854,7, - 13,0,0,854,855,7,1,0,0,855,856,7,18,0,0,856,857,7,3,0,0,857,149,1,0,0,0, - 858,859,5,41,0,0,859,151,1,0,0,0,860,861,7,5,0,0,861,862,7,6,0,0,862,863, - 7,19,0,0,863,864,7,3,0,0,864,153,1,0,0,0,865,866,5,61,0,0,866,867,5,61, - 0,0,867,155,1,0,0,0,868,869,5,61,0,0,869,870,5,126,0,0,870,157,1,0,0,0, - 871,872,5,33,0,0,872,873,5,61,0,0,873,159,1,0,0,0,874,875,5,60,0,0,875, - 161,1,0,0,0,876,877,5,60,0,0,877,878,5,61,0,0,878,163,1,0,0,0,879,880,5, - 62,0,0,880,165,1,0,0,0,881,882,5,62,0,0,882,883,5,61,0,0,883,167,1,0,0, - 0,884,885,5,43,0,0,885,169,1,0,0,0,886,887,5,45,0,0,887,171,1,0,0,0,888, - 889,5,42,0,0,889,173,1,0,0,0,890,891,5,47,0,0,891,175,1,0,0,0,892,893,5, - 37,0,0,893,177,1,0,0,0,894,895,3,146,65,0,895,899,3,82,33,0,896,898,3,98, - 41,0,897,896,1,0,0,0,898,901,1,0,0,0,899,897,1,0,0,0,899,900,1,0,0,0,900, - 909,1,0,0,0,901,899,1,0,0,0,902,904,3,146,65,0,903,905,3,80,32,0,904,903, - 1,0,0,0,905,906,1,0,0,0,906,904,1,0,0,0,906,907,1,0,0,0,907,909,1,0,0,0, - 908,894,1,0,0,0,908,902,1,0,0,0,909,179,1,0,0,0,910,911,5,91,0,0,911,912, - 1,0,0,0,912,913,6,82,0,0,913,914,6,82,0,0,914,181,1,0,0,0,915,916,5,93, - 0,0,916,917,1,0,0,0,917,918,6,83,15,0,918,919,6,83,15,0,919,183,1,0,0,0, - 920,924,3,82,33,0,921,923,3,98,41,0,922,921,1,0,0,0,923,926,1,0,0,0,924, - 922,1,0,0,0,924,925,1,0,0,0,925,937,1,0,0,0,926,924,1,0,0,0,927,930,3,96, - 40,0,928,930,3,90,37,0,929,927,1,0,0,0,929,928,1,0,0,0,930,932,1,0,0,0, - 931,933,3,98,41,0,932,931,1,0,0,0,933,934,1,0,0,0,934,932,1,0,0,0,934,935, - 1,0,0,0,935,937,1,0,0,0,936,920,1,0,0,0,936,929,1,0,0,0,937,185,1,0,0,0, - 938,940,3,92,38,0,939,941,3,94,39,0,940,939,1,0,0,0,941,942,1,0,0,0,942, - 940,1,0,0,0,942,943,1,0,0,0,943,944,1,0,0,0,944,945,3,92,38,0,945,187,1, - 0,0,0,946,947,3,186,85,0,947,189,1,0,0,0,948,949,3,58,21,0,949,950,1,0, - 0,0,950,951,6,87,11,0,951,191,1,0,0,0,952,953,3,60,22,0,953,954,1,0,0,0, - 954,955,6,88,11,0,955,193,1,0,0,0,956,957,3,62,23,0,957,958,1,0,0,0,958, - 959,6,89,11,0,959,195,1,0,0,0,960,961,3,78,31,0,961,962,1,0,0,0,962,963, - 6,90,14,0,963,964,6,90,15,0,964,197,1,0,0,0,965,966,3,180,82,0,966,967, - 1,0,0,0,967,968,6,91,12,0,968,199,1,0,0,0,969,970,3,182,83,0,970,971,1, - 0,0,0,971,972,6,92,16,0,972,201,1,0,0,0,973,974,3,366,175,0,974,975,1,0, - 0,0,975,976,6,93,17,0,976,203,1,0,0,0,977,978,3,116,50,0,978,979,1,0,0, - 0,979,980,6,94,18,0,980,205,1,0,0,0,981,982,3,112,48,0,982,983,1,0,0,0, - 983,984,6,95,19,0,984,207,1,0,0,0,985,986,7,16,0,0,986,987,7,3,0,0,987, - 988,7,5,0,0,988,989,7,12,0,0,989,990,7,0,0,0,990,991,7,12,0,0,991,992,7, - 5,0,0,992,993,7,12,0,0,993,209,1,0,0,0,994,995,3,66,25,0,995,996,1,0,0, - 0,996,997,6,97,20,0,997,211,1,0,0,0,998,999,3,100,42,0,999,1000,1,0,0,0, - 1000,1001,6,98,21,0,1001,213,1,0,0,0,1002,1003,3,58,21,0,1003,1004,1,0, - 0,0,1004,1005,6,99,11,0,1005,215,1,0,0,0,1006,1007,3,60,22,0,1007,1008, - 1,0,0,0,1008,1009,6,100,11,0,1009,217,1,0,0,0,1010,1011,3,62,23,0,1011, - 1012,1,0,0,0,1012,1013,6,101,11,0,1013,219,1,0,0,0,1014,1015,3,78,31,0, - 1015,1016,1,0,0,0,1016,1017,6,102,14,0,1017,1018,6,102,15,0,1018,221,1, - 0,0,0,1019,1020,3,120,52,0,1020,1021,1,0,0,0,1021,1022,6,103,22,0,1022, - 223,1,0,0,0,1023,1024,3,116,50,0,1024,1025,1,0,0,0,1025,1026,6,104,18,0, - 1026,225,1,0,0,0,1027,1032,3,82,33,0,1028,1032,3,80,32,0,1029,1032,3,96, - 40,0,1030,1032,3,172,78,0,1031,1027,1,0,0,0,1031,1028,1,0,0,0,1031,1029, - 1,0,0,0,1031,1030,1,0,0,0,1032,227,1,0,0,0,1033,1036,3,82,33,0,1034,1036, - 3,172,78,0,1035,1033,1,0,0,0,1035,1034,1,0,0,0,1036,1040,1,0,0,0,1037,1039, - 3,226,105,0,1038,1037,1,0,0,0,1039,1042,1,0,0,0,1040,1038,1,0,0,0,1040, - 1041,1,0,0,0,1041,1053,1,0,0,0,1042,1040,1,0,0,0,1043,1046,3,96,40,0,1044, - 1046,3,90,37,0,1045,1043,1,0,0,0,1045,1044,1,0,0,0,1046,1048,1,0,0,0,1047, - 1049,3,226,105,0,1048,1047,1,0,0,0,1049,1050,1,0,0,0,1050,1048,1,0,0,0, - 1050,1051,1,0,0,0,1051,1053,1,0,0,0,1052,1035,1,0,0,0,1052,1045,1,0,0,0, - 1053,229,1,0,0,0,1054,1057,3,228,106,0,1055,1057,3,186,85,0,1056,1054,1, - 0,0,0,1056,1055,1,0,0,0,1057,1058,1,0,0,0,1058,1056,1,0,0,0,1058,1059,1, - 0,0,0,1059,231,1,0,0,0,1060,1061,3,58,21,0,1061,1062,1,0,0,0,1062,1063, - 6,108,11,0,1063,233,1,0,0,0,1064,1065,3,60,22,0,1065,1066,1,0,0,0,1066, - 1067,6,109,11,0,1067,235,1,0,0,0,1068,1069,3,62,23,0,1069,1070,1,0,0,0, - 1070,1071,6,110,11,0,1071,237,1,0,0,0,1072,1073,3,78,31,0,1073,1074,1,0, - 0,0,1074,1075,6,111,14,0,1075,1076,6,111,15,0,1076,239,1,0,0,0,1077,1078, - 3,112,48,0,1078,1079,1,0,0,0,1079,1080,6,112,19,0,1080,241,1,0,0,0,1081, - 1082,3,116,50,0,1082,1083,1,0,0,0,1083,1084,6,113,18,0,1084,243,1,0,0,0, - 1085,1086,3,120,52,0,1086,1087,1,0,0,0,1087,1088,6,114,22,0,1088,245,1, - 0,0,0,1089,1090,7,12,0,0,1090,1091,7,2,0,0,1091,247,1,0,0,0,1092,1093,3, - 230,107,0,1093,1094,1,0,0,0,1094,1095,6,116,23,0,1095,249,1,0,0,0,1096, - 1097,3,58,21,0,1097,1098,1,0,0,0,1098,1099,6,117,11,0,1099,251,1,0,0,0, - 1100,1101,3,60,22,0,1101,1102,1,0,0,0,1102,1103,6,118,11,0,1103,253,1,0, - 0,0,1104,1105,3,62,23,0,1105,1106,1,0,0,0,1106,1107,6,119,11,0,1107,255, - 1,0,0,0,1108,1109,3,78,31,0,1109,1110,1,0,0,0,1110,1111,6,120,14,0,1111, - 1112,6,120,15,0,1112,257,1,0,0,0,1113,1114,3,180,82,0,1114,1115,1,0,0,0, - 1115,1116,6,121,12,0,1116,1117,6,121,24,0,1117,259,1,0,0,0,1118,1119,7, - 7,0,0,1119,1120,7,9,0,0,1120,1121,1,0,0,0,1121,1122,6,122,25,0,1122,261, - 1,0,0,0,1123,1124,7,20,0,0,1124,1125,7,1,0,0,1125,1126,7,5,0,0,1126,1127, - 7,10,0,0,1127,1128,1,0,0,0,1128,1129,6,123,25,0,1129,263,1,0,0,0,1130,1131, - 8,34,0,0,1131,265,1,0,0,0,1132,1134,3,264,124,0,1133,1132,1,0,0,0,1134, - 1135,1,0,0,0,1135,1133,1,0,0,0,1135,1136,1,0,0,0,1136,1137,1,0,0,0,1137, - 1138,3,366,175,0,1138,1140,1,0,0,0,1139,1133,1,0,0,0,1139,1140,1,0,0,0, - 1140,1142,1,0,0,0,1141,1143,3,264,124,0,1142,1141,1,0,0,0,1143,1144,1,0, - 0,0,1144,1142,1,0,0,0,1144,1145,1,0,0,0,1145,267,1,0,0,0,1146,1147,3,266, - 125,0,1147,1148,1,0,0,0,1148,1149,6,126,26,0,1149,269,1,0,0,0,1150,1151, - 3,58,21,0,1151,1152,1,0,0,0,1152,1153,6,127,11,0,1153,271,1,0,0,0,1154, - 1155,3,60,22,0,1155,1156,1,0,0,0,1156,1157,6,128,11,0,1157,273,1,0,0,0, - 1158,1159,3,62,23,0,1159,1160,1,0,0,0,1160,1161,6,129,11,0,1161,275,1,0, - 0,0,1162,1163,3,78,31,0,1163,1164,1,0,0,0,1164,1165,6,130,14,0,1165,1166, - 6,130,15,0,1166,1167,6,130,15,0,1167,277,1,0,0,0,1168,1169,3,112,48,0,1169, - 1170,1,0,0,0,1170,1171,6,131,19,0,1171,279,1,0,0,0,1172,1173,3,116,50,0, - 1173,1174,1,0,0,0,1174,1175,6,132,18,0,1175,281,1,0,0,0,1176,1177,3,120, - 52,0,1177,1178,1,0,0,0,1178,1179,6,133,22,0,1179,283,1,0,0,0,1180,1181, - 3,262,123,0,1181,1182,1,0,0,0,1182,1183,6,134,27,0,1183,285,1,0,0,0,1184, - 1185,3,230,107,0,1185,1186,1,0,0,0,1186,1187,6,135,23,0,1187,287,1,0,0, - 0,1188,1189,3,188,86,0,1189,1190,1,0,0,0,1190,1191,6,136,28,0,1191,289, - 1,0,0,0,1192,1193,3,58,21,0,1193,1194,1,0,0,0,1194,1195,6,137,11,0,1195, - 291,1,0,0,0,1196,1197,3,60,22,0,1197,1198,1,0,0,0,1198,1199,6,138,11,0, - 1199,293,1,0,0,0,1200,1201,3,62,23,0,1201,1202,1,0,0,0,1202,1203,6,139, - 11,0,1203,295,1,0,0,0,1204,1205,3,78,31,0,1205,1206,1,0,0,0,1206,1207,6, - 140,14,0,1207,1208,6,140,15,0,1208,297,1,0,0,0,1209,1210,3,366,175,0,1210, - 1211,1,0,0,0,1211,1212,6,141,17,0,1212,299,1,0,0,0,1213,1214,3,116,50,0, - 1214,1215,1,0,0,0,1215,1216,6,142,18,0,1216,301,1,0,0,0,1217,1218,3,120, - 52,0,1218,1219,1,0,0,0,1219,1220,6,143,22,0,1220,303,1,0,0,0,1221,1222, - 3,260,122,0,1222,1223,1,0,0,0,1223,1224,6,144,29,0,1224,1225,6,144,30,0, - 1225,305,1,0,0,0,1226,1227,3,66,25,0,1227,1228,1,0,0,0,1228,1229,6,145, - 20,0,1229,307,1,0,0,0,1230,1231,3,100,42,0,1231,1232,1,0,0,0,1232,1233, - 6,146,21,0,1233,309,1,0,0,0,1234,1235,3,58,21,0,1235,1236,1,0,0,0,1236, - 1237,6,147,11,0,1237,311,1,0,0,0,1238,1239,3,60,22,0,1239,1240,1,0,0,0, - 1240,1241,6,148,11,0,1241,313,1,0,0,0,1242,1243,3,62,23,0,1243,1244,1,0, - 0,0,1244,1245,6,149,11,0,1245,315,1,0,0,0,1246,1247,3,78,31,0,1247,1248, - 1,0,0,0,1248,1249,6,150,14,0,1249,1250,6,150,15,0,1250,1251,6,150,15,0, - 1251,317,1,0,0,0,1252,1253,3,116,50,0,1253,1254,1,0,0,0,1254,1255,6,151, - 18,0,1255,319,1,0,0,0,1256,1257,3,120,52,0,1257,1258,1,0,0,0,1258,1259, - 6,152,22,0,1259,321,1,0,0,0,1260,1261,3,230,107,0,1261,1262,1,0,0,0,1262, - 1263,6,153,23,0,1263,323,1,0,0,0,1264,1265,3,58,21,0,1265,1266,1,0,0,0, - 1266,1267,6,154,11,0,1267,325,1,0,0,0,1268,1269,3,60,22,0,1269,1270,1,0, - 0,0,1270,1271,6,155,11,0,1271,327,1,0,0,0,1272,1273,3,62,23,0,1273,1274, - 1,0,0,0,1274,1275,6,156,11,0,1275,329,1,0,0,0,1276,1277,3,78,31,0,1277, - 1278,1,0,0,0,1278,1279,6,157,14,0,1279,1280,6,157,15,0,1280,331,1,0,0,0, - 1281,1282,3,120,52,0,1282,1283,1,0,0,0,1283,1284,6,158,22,0,1284,333,1, - 0,0,0,1285,1286,3,188,86,0,1286,1287,1,0,0,0,1287,1288,6,159,28,0,1288, - 335,1,0,0,0,1289,1290,3,184,84,0,1290,1291,1,0,0,0,1291,1292,6,160,31,0, - 1292,337,1,0,0,0,1293,1294,3,58,21,0,1294,1295,1,0,0,0,1295,1296,6,161, - 11,0,1296,339,1,0,0,0,1297,1298,3,60,22,0,1298,1299,1,0,0,0,1299,1300,6, - 162,11,0,1300,341,1,0,0,0,1301,1302,3,62,23,0,1302,1303,1,0,0,0,1303,1304, - 6,163,11,0,1304,343,1,0,0,0,1305,1306,3,78,31,0,1306,1307,1,0,0,0,1307, - 1308,6,164,14,0,1308,1309,6,164,15,0,1309,345,1,0,0,0,1310,1311,7,1,0,0, - 1311,1312,7,9,0,0,1312,1313,7,15,0,0,1313,1314,7,7,0,0,1314,347,1,0,0,0, - 1315,1316,3,58,21,0,1316,1317,1,0,0,0,1317,1318,6,166,11,0,1318,349,1,0, - 0,0,1319,1320,3,60,22,0,1320,1321,1,0,0,0,1321,1322,6,167,11,0,1322,351, - 1,0,0,0,1323,1324,3,62,23,0,1324,1325,1,0,0,0,1325,1326,6,168,11,0,1326, - 353,1,0,0,0,1327,1328,3,78,31,0,1328,1329,1,0,0,0,1329,1330,6,169,14,0, - 1330,1331,6,169,15,0,1331,355,1,0,0,0,1332,1333,7,15,0,0,1333,1334,7,19, - 0,0,1334,1335,7,9,0,0,1335,1336,7,4,0,0,1336,1337,7,5,0,0,1337,1338,7,1, - 0,0,1338,1339,7,7,0,0,1339,1340,7,9,0,0,1340,1341,7,2,0,0,1341,357,1,0, - 0,0,1342,1343,3,58,21,0,1343,1344,1,0,0,0,1344,1345,6,171,11,0,1345,359, - 1,0,0,0,1346,1347,3,60,22,0,1347,1348,1,0,0,0,1348,1349,6,172,11,0,1349, - 361,1,0,0,0,1350,1351,3,62,23,0,1351,1352,1,0,0,0,1352,1353,6,173,11,0, - 1353,363,1,0,0,0,1354,1355,3,182,83,0,1355,1356,1,0,0,0,1356,1357,6,174, - 16,0,1357,1358,6,174,15,0,1358,365,1,0,0,0,1359,1360,5,58,0,0,1360,367, - 1,0,0,0,1361,1367,3,90,37,0,1362,1367,3,80,32,0,1363,1367,3,120,52,0,1364, - 1367,3,82,33,0,1365,1367,3,96,40,0,1366,1361,1,0,0,0,1366,1362,1,0,0,0, - 1366,1363,1,0,0,0,1366,1364,1,0,0,0,1366,1365,1,0,0,0,1367,1368,1,0,0,0, - 1368,1366,1,0,0,0,1368,1369,1,0,0,0,1369,369,1,0,0,0,1370,1371,3,58,21, - 0,1371,1372,1,0,0,0,1372,1373,6,177,11,0,1373,371,1,0,0,0,1374,1375,3,60, - 22,0,1375,1376,1,0,0,0,1376,1377,6,178,11,0,1377,373,1,0,0,0,1378,1379, - 3,62,23,0,1379,1380,1,0,0,0,1380,1381,6,179,11,0,1381,375,1,0,0,0,1382, - 1383,3,78,31,0,1383,1384,1,0,0,0,1384,1385,6,180,14,0,1385,1386,6,180,15, - 0,1386,377,1,0,0,0,1387,1388,3,66,25,0,1388,1389,1,0,0,0,1389,1390,6,181, - 20,0,1390,1391,6,181,15,0,1391,1392,6,181,32,0,1392,379,1,0,0,0,1393,1394, - 3,100,42,0,1394,1395,1,0,0,0,1395,1396,6,182,21,0,1396,1397,6,182,15,0, - 1397,1398,6,182,32,0,1398,381,1,0,0,0,1399,1400,3,58,21,0,1400,1401,1,0, - 0,0,1401,1402,6,183,11,0,1402,383,1,0,0,0,1403,1404,3,60,22,0,1404,1405, - 1,0,0,0,1405,1406,6,184,11,0,1406,385,1,0,0,0,1407,1408,3,62,23,0,1408, - 1409,1,0,0,0,1409,1410,6,185,11,0,1410,387,1,0,0,0,1411,1412,3,366,175, - 0,1412,1413,1,0,0,0,1413,1414,6,186,17,0,1414,1415,6,186,15,0,1415,1416, - 6,186,7,0,1416,389,1,0,0,0,1417,1418,3,116,50,0,1418,1419,1,0,0,0,1419, - 1420,6,187,18,0,1420,1421,6,187,15,0,1421,1422,6,187,7,0,1422,391,1,0,0, - 0,1423,1424,3,58,21,0,1424,1425,1,0,0,0,1425,1426,6,188,11,0,1426,393,1, - 0,0,0,1427,1428,3,60,22,0,1428,1429,1,0,0,0,1429,1430,6,189,11,0,1430,395, - 1,0,0,0,1431,1432,3,62,23,0,1432,1433,1,0,0,0,1433,1434,6,190,11,0,1434, - 397,1,0,0,0,1435,1436,3,188,86,0,1436,1437,1,0,0,0,1437,1438,6,191,15,0, - 1438,1439,6,191,0,0,1439,1440,6,191,28,0,1440,399,1,0,0,0,1441,1442,3,184, - 84,0,1442,1443,1,0,0,0,1443,1444,6,192,15,0,1444,1445,6,192,0,0,1445,1446, - 6,192,31,0,1446,401,1,0,0,0,1447,1448,3,106,45,0,1448,1449,1,0,0,0,1449, - 1450,6,193,15,0,1450,1451,6,193,0,0,1451,1452,6,193,33,0,1452,403,1,0,0, - 0,1453,1454,3,78,31,0,1454,1455,1,0,0,0,1455,1456,6,194,14,0,1456,1457, - 6,194,15,0,1457,405,1,0,0,0,65,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,578, - 588,592,595,604,606,617,624,629,668,673,682,689,694,696,707,715,718,720, - 725,730,736,743,748,754,757,765,769,899,906,908,924,929,934,936,942,1031, - 1035,1040,1045,1050,1052,1056,1058,1135,1139,1144,1366,1368,34,5,2,0,5, - 4,0,5,6,0,5,1,0,5,3,0,5,8,0,5,12,0,5,14,0,5,10,0,5,5,0,5,11,0,0,1,0,7,70, - 0,5,0,0,7,29,0,4,0,0,7,71,0,7,115,0,7,38,0,7,36,0,7,25,0,7,30,0,7,40,0, - 7,81,0,5,13,0,5,7,0,7,91,0,7,90,0,7,73,0,7,89,0,5,9,0,7,72,0,5,15,0,7,33, - 0]; + 1,0,0,0,15,402,1,0,0,0,15,404,1,0,0,0,15,406,1,0,0,0,16,408,1,0,0,0,18, + 418,1,0,0,0,20,425,1,0,0,0,22,434,1,0,0,0,24,441,1,0,0,0,26,451,1,0,0,0, + 28,458,1,0,0,0,30,465,1,0,0,0,32,479,1,0,0,0,34,486,1,0,0,0,36,494,1,0, + 0,0,38,503,1,0,0,0,40,510,1,0,0,0,42,520,1,0,0,0,44,532,1,0,0,0,46,541, + 1,0,0,0,48,547,1,0,0,0,50,554,1,0,0,0,52,561,1,0,0,0,54,569,1,0,0,0,56, + 577,1,0,0,0,58,586,1,0,0,0,60,592,1,0,0,0,62,609,1,0,0,0,64,625,1,0,0,0, + 66,634,1,0,0,0,68,637,1,0,0,0,70,641,1,0,0,0,72,646,1,0,0,0,74,651,1,0, + 0,0,76,655,1,0,0,0,78,659,1,0,0,0,80,663,1,0,0,0,82,667,1,0,0,0,84,669, + 1,0,0,0,86,671,1,0,0,0,88,674,1,0,0,0,90,676,1,0,0,0,92,685,1,0,0,0,94, + 687,1,0,0,0,96,692,1,0,0,0,98,694,1,0,0,0,100,699,1,0,0,0,102,730,1,0,0, + 0,104,733,1,0,0,0,106,779,1,0,0,0,108,781,1,0,0,0,110,784,1,0,0,0,112,788, + 1,0,0,0,114,792,1,0,0,0,116,794,1,0,0,0,118,797,1,0,0,0,120,799,1,0,0,0, + 122,804,1,0,0,0,124,806,1,0,0,0,126,812,1,0,0,0,128,818,1,0,0,0,130,821, + 1,0,0,0,132,824,1,0,0,0,134,829,1,0,0,0,136,834,1,0,0,0,138,836,1,0,0,0, + 140,842,1,0,0,0,142,846,1,0,0,0,144,851,1,0,0,0,146,857,1,0,0,0,148,860, + 1,0,0,0,150,862,1,0,0,0,152,868,1,0,0,0,154,870,1,0,0,0,156,875,1,0,0,0, + 158,878,1,0,0,0,160,881,1,0,0,0,162,884,1,0,0,0,164,886,1,0,0,0,166,889, + 1,0,0,0,168,891,1,0,0,0,170,894,1,0,0,0,172,896,1,0,0,0,174,898,1,0,0,0, + 176,900,1,0,0,0,178,902,1,0,0,0,180,918,1,0,0,0,182,920,1,0,0,0,184,925, + 1,0,0,0,186,946,1,0,0,0,188,948,1,0,0,0,190,956,1,0,0,0,192,958,1,0,0,0, + 194,962,1,0,0,0,196,966,1,0,0,0,198,970,1,0,0,0,200,975,1,0,0,0,202,979, + 1,0,0,0,204,983,1,0,0,0,206,987,1,0,0,0,208,991,1,0,0,0,210,995,1,0,0,0, + 212,1004,1,0,0,0,214,1008,1,0,0,0,216,1012,1,0,0,0,218,1016,1,0,0,0,220, + 1020,1,0,0,0,222,1024,1,0,0,0,224,1029,1,0,0,0,226,1033,1,0,0,0,228,1041, + 1,0,0,0,230,1062,1,0,0,0,232,1066,1,0,0,0,234,1070,1,0,0,0,236,1074,1,0, + 0,0,238,1078,1,0,0,0,240,1082,1,0,0,0,242,1087,1,0,0,0,244,1091,1,0,0,0, + 246,1095,1,0,0,0,248,1099,1,0,0,0,250,1102,1,0,0,0,252,1106,1,0,0,0,254, + 1110,1,0,0,0,256,1114,1,0,0,0,258,1118,1,0,0,0,260,1123,1,0,0,0,262,1128, + 1,0,0,0,264,1133,1,0,0,0,266,1140,1,0,0,0,268,1149,1,0,0,0,270,1156,1,0, + 0,0,272,1160,1,0,0,0,274,1164,1,0,0,0,276,1168,1,0,0,0,278,1172,1,0,0,0, + 280,1178,1,0,0,0,282,1182,1,0,0,0,284,1186,1,0,0,0,286,1190,1,0,0,0,288, + 1194,1,0,0,0,290,1198,1,0,0,0,292,1202,1,0,0,0,294,1206,1,0,0,0,296,1210, + 1,0,0,0,298,1214,1,0,0,0,300,1219,1,0,0,0,302,1223,1,0,0,0,304,1227,1,0, + 0,0,306,1231,1,0,0,0,308,1236,1,0,0,0,310,1240,1,0,0,0,312,1244,1,0,0,0, + 314,1248,1,0,0,0,316,1252,1,0,0,0,318,1256,1,0,0,0,320,1262,1,0,0,0,322, + 1266,1,0,0,0,324,1270,1,0,0,0,326,1274,1,0,0,0,328,1278,1,0,0,0,330,1282, + 1,0,0,0,332,1286,1,0,0,0,334,1291,1,0,0,0,336,1295,1,0,0,0,338,1299,1,0, + 0,0,340,1303,1,0,0,0,342,1307,1,0,0,0,344,1311,1,0,0,0,346,1315,1,0,0,0, + 348,1320,1,0,0,0,350,1325,1,0,0,0,352,1329,1,0,0,0,354,1333,1,0,0,0,356, + 1337,1,0,0,0,358,1342,1,0,0,0,360,1352,1,0,0,0,362,1356,1,0,0,0,364,1360, + 1,0,0,0,366,1364,1,0,0,0,368,1369,1,0,0,0,370,1376,1,0,0,0,372,1380,1,0, + 0,0,374,1384,1,0,0,0,376,1388,1,0,0,0,378,1392,1,0,0,0,380,1397,1,0,0,0, + 382,1403,1,0,0,0,384,1409,1,0,0,0,386,1413,1,0,0,0,388,1417,1,0,0,0,390, + 1421,1,0,0,0,392,1427,1,0,0,0,394,1433,1,0,0,0,396,1437,1,0,0,0,398,1441, + 1,0,0,0,400,1445,1,0,0,0,402,1451,1,0,0,0,404,1457,1,0,0,0,406,1463,1,0, + 0,0,408,409,7,0,0,0,409,410,7,1,0,0,410,411,7,2,0,0,411,412,7,2,0,0,412, + 413,7,3,0,0,413,414,7,4,0,0,414,415,7,5,0,0,415,416,1,0,0,0,416,417,6,0, + 0,0,417,17,1,0,0,0,418,419,7,0,0,0,419,420,7,6,0,0,420,421,7,7,0,0,421, + 422,7,8,0,0,422,423,1,0,0,0,423,424,6,1,1,0,424,19,1,0,0,0,425,426,7,3, + 0,0,426,427,7,9,0,0,427,428,7,6,0,0,428,429,7,1,0,0,429,430,7,4,0,0,430, + 431,7,10,0,0,431,432,1,0,0,0,432,433,6,2,2,0,433,21,1,0,0,0,434,435,7,3, + 0,0,435,436,7,11,0,0,436,437,7,12,0,0,437,438,7,13,0,0,438,439,1,0,0,0, + 439,440,6,3,0,0,440,23,1,0,0,0,441,442,7,3,0,0,442,443,7,14,0,0,443,444, + 7,8,0,0,444,445,7,13,0,0,445,446,7,12,0,0,446,447,7,1,0,0,447,448,7,9,0, + 0,448,449,1,0,0,0,449,450,6,4,3,0,450,25,1,0,0,0,451,452,7,15,0,0,452,453, + 7,6,0,0,453,454,7,7,0,0,454,455,7,16,0,0,455,456,1,0,0,0,456,457,6,5,4, + 0,457,27,1,0,0,0,458,459,7,17,0,0,459,460,7,6,0,0,460,461,7,7,0,0,461,462, + 7,18,0,0,462,463,1,0,0,0,463,464,6,6,0,0,464,29,1,0,0,0,465,466,7,1,0,0, + 466,467,7,9,0,0,467,468,7,13,0,0,468,469,7,1,0,0,469,470,7,9,0,0,470,471, + 7,3,0,0,471,472,7,2,0,0,472,473,7,5,0,0,473,474,7,12,0,0,474,475,7,5,0, + 0,475,476,7,2,0,0,476,477,1,0,0,0,477,478,6,7,0,0,478,31,1,0,0,0,479,480, + 7,18,0,0,480,481,7,3,0,0,481,482,7,3,0,0,482,483,7,8,0,0,483,484,1,0,0, + 0,484,485,6,8,1,0,485,33,1,0,0,0,486,487,7,13,0,0,487,488,7,1,0,0,488,489, + 7,16,0,0,489,490,7,1,0,0,490,491,7,5,0,0,491,492,1,0,0,0,492,493,6,9,0, + 0,493,35,1,0,0,0,494,495,7,13,0,0,495,496,7,7,0,0,496,497,7,7,0,0,497,498, + 7,18,0,0,498,499,7,19,0,0,499,500,7,8,0,0,500,501,1,0,0,0,501,502,6,10, + 5,0,502,37,1,0,0,0,503,504,7,16,0,0,504,505,7,3,0,0,505,506,7,5,0,0,506, + 507,7,12,0,0,507,508,1,0,0,0,508,509,6,11,6,0,509,39,1,0,0,0,510,511,7, + 16,0,0,511,512,7,3,0,0,512,513,7,5,0,0,513,514,7,6,0,0,514,515,7,1,0,0, + 515,516,7,4,0,0,516,517,7,2,0,0,517,518,1,0,0,0,518,519,6,12,7,0,519,41, + 1,0,0,0,520,521,7,16,0,0,521,522,7,11,0,0,522,523,5,95,0,0,523,524,7,3, + 0,0,524,525,7,14,0,0,525,526,7,8,0,0,526,527,7,12,0,0,527,528,7,9,0,0,528, + 529,7,0,0,0,529,530,1,0,0,0,530,531,6,13,8,0,531,43,1,0,0,0,532,533,7,6, + 0,0,533,534,7,3,0,0,534,535,7,9,0,0,535,536,7,12,0,0,536,537,7,16,0,0,537, + 538,7,3,0,0,538,539,1,0,0,0,539,540,6,14,9,0,540,45,1,0,0,0,541,542,7,6, + 0,0,542,543,7,7,0,0,543,544,7,20,0,0,544,545,1,0,0,0,545,546,6,15,0,0,546, + 47,1,0,0,0,547,548,7,2,0,0,548,549,7,10,0,0,549,550,7,7,0,0,550,551,7,20, + 0,0,551,552,1,0,0,0,552,553,6,16,10,0,553,49,1,0,0,0,554,555,7,2,0,0,555, + 556,7,7,0,0,556,557,7,6,0,0,557,558,7,5,0,0,558,559,1,0,0,0,559,560,6,17, + 0,0,560,51,1,0,0,0,561,562,7,2,0,0,562,563,7,5,0,0,563,564,7,12,0,0,564, + 565,7,5,0,0,565,566,7,2,0,0,566,567,1,0,0,0,567,568,6,18,0,0,568,53,1,0, + 0,0,569,570,7,20,0,0,570,571,7,10,0,0,571,572,7,3,0,0,572,573,7,6,0,0,573, + 574,7,3,0,0,574,575,1,0,0,0,575,576,6,19,0,0,576,55,1,0,0,0,577,578,7,16, + 0,0,578,579,7,12,0,0,579,580,7,5,0,0,580,581,7,4,0,0,581,582,7,10,0,0,582, + 583,1,0,0,0,583,584,6,20,0,0,584,57,1,0,0,0,585,587,8,21,0,0,586,585,1, + 0,0,0,587,588,1,0,0,0,588,586,1,0,0,0,588,589,1,0,0,0,589,590,1,0,0,0,590, + 591,6,21,0,0,591,59,1,0,0,0,592,593,5,47,0,0,593,594,5,47,0,0,594,598,1, + 0,0,0,595,597,8,22,0,0,596,595,1,0,0,0,597,600,1,0,0,0,598,596,1,0,0,0, + 598,599,1,0,0,0,599,602,1,0,0,0,600,598,1,0,0,0,601,603,5,13,0,0,602,601, + 1,0,0,0,602,603,1,0,0,0,603,605,1,0,0,0,604,606,5,10,0,0,605,604,1,0,0, + 0,605,606,1,0,0,0,606,607,1,0,0,0,607,608,6,22,11,0,608,61,1,0,0,0,609, + 610,5,47,0,0,610,611,5,42,0,0,611,616,1,0,0,0,612,615,3,62,23,0,613,615, + 9,0,0,0,614,612,1,0,0,0,614,613,1,0,0,0,615,618,1,0,0,0,616,617,1,0,0,0, + 616,614,1,0,0,0,617,619,1,0,0,0,618,616,1,0,0,0,619,620,5,42,0,0,620,621, + 5,47,0,0,621,622,1,0,0,0,622,623,6,23,11,0,623,63,1,0,0,0,624,626,7,23, + 0,0,625,624,1,0,0,0,626,627,1,0,0,0,627,625,1,0,0,0,627,628,1,0,0,0,628, + 629,1,0,0,0,629,630,6,24,11,0,630,65,1,0,0,0,631,635,8,24,0,0,632,633,5, + 47,0,0,633,635,8,25,0,0,634,631,1,0,0,0,634,632,1,0,0,0,635,67,1,0,0,0, + 636,638,3,66,25,0,637,636,1,0,0,0,638,639,1,0,0,0,639,637,1,0,0,0,639,640, + 1,0,0,0,640,69,1,0,0,0,641,642,3,182,83,0,642,643,1,0,0,0,643,644,6,27, + 12,0,644,645,6,27,13,0,645,71,1,0,0,0,646,647,3,80,32,0,647,648,1,0,0,0, + 648,649,6,28,14,0,649,650,6,28,15,0,650,73,1,0,0,0,651,652,3,64,24,0,652, + 653,1,0,0,0,653,654,6,29,11,0,654,75,1,0,0,0,655,656,3,60,22,0,656,657, + 1,0,0,0,657,658,6,30,11,0,658,77,1,0,0,0,659,660,3,62,23,0,660,661,1,0, + 0,0,661,662,6,31,11,0,662,79,1,0,0,0,663,664,5,124,0,0,664,665,1,0,0,0, + 665,666,6,32,15,0,666,81,1,0,0,0,667,668,7,26,0,0,668,83,1,0,0,0,669,670, + 7,27,0,0,670,85,1,0,0,0,671,672,5,92,0,0,672,673,7,28,0,0,673,87,1,0,0, + 0,674,675,8,29,0,0,675,89,1,0,0,0,676,678,7,3,0,0,677,679,7,30,0,0,678, + 677,1,0,0,0,678,679,1,0,0,0,679,681,1,0,0,0,680,682,3,82,33,0,681,680,1, + 0,0,0,682,683,1,0,0,0,683,681,1,0,0,0,683,684,1,0,0,0,684,91,1,0,0,0,685, + 686,5,64,0,0,686,93,1,0,0,0,687,688,5,96,0,0,688,95,1,0,0,0,689,693,8,31, + 0,0,690,691,5,96,0,0,691,693,5,96,0,0,692,689,1,0,0,0,692,690,1,0,0,0,693, + 97,1,0,0,0,694,695,5,95,0,0,695,99,1,0,0,0,696,700,3,84,34,0,697,700,3, + 82,33,0,698,700,3,98,41,0,699,696,1,0,0,0,699,697,1,0,0,0,699,698,1,0,0, + 0,700,101,1,0,0,0,701,706,5,34,0,0,702,705,3,86,35,0,703,705,3,88,36,0, + 704,702,1,0,0,0,704,703,1,0,0,0,705,708,1,0,0,0,706,704,1,0,0,0,706,707, + 1,0,0,0,707,709,1,0,0,0,708,706,1,0,0,0,709,731,5,34,0,0,710,711,5,34,0, + 0,711,712,5,34,0,0,712,713,5,34,0,0,713,717,1,0,0,0,714,716,8,22,0,0,715, + 714,1,0,0,0,716,719,1,0,0,0,717,718,1,0,0,0,717,715,1,0,0,0,718,720,1,0, + 0,0,719,717,1,0,0,0,720,721,5,34,0,0,721,722,5,34,0,0,722,723,5,34,0,0, + 723,725,1,0,0,0,724,726,5,34,0,0,725,724,1,0,0,0,725,726,1,0,0,0,726,728, + 1,0,0,0,727,729,5,34,0,0,728,727,1,0,0,0,728,729,1,0,0,0,729,731,1,0,0, + 0,730,701,1,0,0,0,730,710,1,0,0,0,731,103,1,0,0,0,732,734,3,82,33,0,733, + 732,1,0,0,0,734,735,1,0,0,0,735,733,1,0,0,0,735,736,1,0,0,0,736,105,1,0, + 0,0,737,739,3,82,33,0,738,737,1,0,0,0,739,740,1,0,0,0,740,738,1,0,0,0,740, + 741,1,0,0,0,741,742,1,0,0,0,742,746,3,122,53,0,743,745,3,82,33,0,744,743, + 1,0,0,0,745,748,1,0,0,0,746,744,1,0,0,0,746,747,1,0,0,0,747,780,1,0,0,0, + 748,746,1,0,0,0,749,751,3,122,53,0,750,752,3,82,33,0,751,750,1,0,0,0,752, + 753,1,0,0,0,753,751,1,0,0,0,753,754,1,0,0,0,754,780,1,0,0,0,755,757,3,82, + 33,0,756,755,1,0,0,0,757,758,1,0,0,0,758,756,1,0,0,0,758,759,1,0,0,0,759, + 767,1,0,0,0,760,764,3,122,53,0,761,763,3,82,33,0,762,761,1,0,0,0,763,766, + 1,0,0,0,764,762,1,0,0,0,764,765,1,0,0,0,765,768,1,0,0,0,766,764,1,0,0,0, + 767,760,1,0,0,0,767,768,1,0,0,0,768,769,1,0,0,0,769,770,3,90,37,0,770,780, + 1,0,0,0,771,773,3,122,53,0,772,774,3,82,33,0,773,772,1,0,0,0,774,775,1, + 0,0,0,775,773,1,0,0,0,775,776,1,0,0,0,776,777,1,0,0,0,777,778,3,90,37,0, + 778,780,1,0,0,0,779,738,1,0,0,0,779,749,1,0,0,0,779,756,1,0,0,0,779,771, + 1,0,0,0,780,107,1,0,0,0,781,782,7,32,0,0,782,783,7,33,0,0,783,109,1,0,0, + 0,784,785,7,12,0,0,785,786,7,9,0,0,786,787,7,0,0,0,787,111,1,0,0,0,788, + 789,7,12,0,0,789,790,7,2,0,0,790,791,7,4,0,0,791,113,1,0,0,0,792,793,5, + 61,0,0,793,115,1,0,0,0,794,795,5,58,0,0,795,796,5,58,0,0,796,117,1,0,0, + 0,797,798,5,44,0,0,798,119,1,0,0,0,799,800,7,0,0,0,800,801,7,3,0,0,801, + 802,7,2,0,0,802,803,7,4,0,0,803,121,1,0,0,0,804,805,5,46,0,0,805,123,1, + 0,0,0,806,807,7,15,0,0,807,808,7,12,0,0,808,809,7,13,0,0,809,810,7,2,0, + 0,810,811,7,3,0,0,811,125,1,0,0,0,812,813,7,15,0,0,813,814,7,1,0,0,814, + 815,7,6,0,0,815,816,7,2,0,0,816,817,7,5,0,0,817,127,1,0,0,0,818,819,7,1, + 0,0,819,820,7,9,0,0,820,129,1,0,0,0,821,822,7,1,0,0,822,823,7,2,0,0,823, + 131,1,0,0,0,824,825,7,13,0,0,825,826,7,12,0,0,826,827,7,2,0,0,827,828,7, + 5,0,0,828,133,1,0,0,0,829,830,7,13,0,0,830,831,7,1,0,0,831,832,7,18,0,0, + 832,833,7,3,0,0,833,135,1,0,0,0,834,835,5,40,0,0,835,137,1,0,0,0,836,837, + 7,16,0,0,837,838,7,12,0,0,838,839,7,5,0,0,839,840,7,4,0,0,840,841,7,10, + 0,0,841,139,1,0,0,0,842,843,7,9,0,0,843,844,7,7,0,0,844,845,7,5,0,0,845, + 141,1,0,0,0,846,847,7,9,0,0,847,848,7,19,0,0,848,849,7,13,0,0,849,850,7, + 13,0,0,850,143,1,0,0,0,851,852,7,9,0,0,852,853,7,19,0,0,853,854,7,13,0, + 0,854,855,7,13,0,0,855,856,7,2,0,0,856,145,1,0,0,0,857,858,7,7,0,0,858, + 859,7,6,0,0,859,147,1,0,0,0,860,861,5,63,0,0,861,149,1,0,0,0,862,863,7, + 6,0,0,863,864,7,13,0,0,864,865,7,1,0,0,865,866,7,18,0,0,866,867,7,3,0,0, + 867,151,1,0,0,0,868,869,5,41,0,0,869,153,1,0,0,0,870,871,7,5,0,0,871,872, + 7,6,0,0,872,873,7,19,0,0,873,874,7,3,0,0,874,155,1,0,0,0,875,876,5,61,0, + 0,876,877,5,61,0,0,877,157,1,0,0,0,878,879,5,61,0,0,879,880,5,126,0,0,880, + 159,1,0,0,0,881,882,5,33,0,0,882,883,5,61,0,0,883,161,1,0,0,0,884,885,5, + 60,0,0,885,163,1,0,0,0,886,887,5,60,0,0,887,888,5,61,0,0,888,165,1,0,0, + 0,889,890,5,62,0,0,890,167,1,0,0,0,891,892,5,62,0,0,892,893,5,61,0,0,893, + 169,1,0,0,0,894,895,5,43,0,0,895,171,1,0,0,0,896,897,5,45,0,0,897,173,1, + 0,0,0,898,899,5,42,0,0,899,175,1,0,0,0,900,901,5,47,0,0,901,177,1,0,0,0, + 902,903,5,37,0,0,903,179,1,0,0,0,904,905,3,148,66,0,905,909,3,84,34,0,906, + 908,3,100,42,0,907,906,1,0,0,0,908,911,1,0,0,0,909,907,1,0,0,0,909,910, + 1,0,0,0,910,919,1,0,0,0,911,909,1,0,0,0,912,914,3,148,66,0,913,915,3,82, + 33,0,914,913,1,0,0,0,915,916,1,0,0,0,916,914,1,0,0,0,916,917,1,0,0,0,917, + 919,1,0,0,0,918,904,1,0,0,0,918,912,1,0,0,0,919,181,1,0,0,0,920,921,5,91, + 0,0,921,922,1,0,0,0,922,923,6,83,0,0,923,924,6,83,0,0,924,183,1,0,0,0,925, + 926,5,93,0,0,926,927,1,0,0,0,927,928,6,84,15,0,928,929,6,84,15,0,929,185, + 1,0,0,0,930,934,3,84,34,0,931,933,3,100,42,0,932,931,1,0,0,0,933,936,1, + 0,0,0,934,932,1,0,0,0,934,935,1,0,0,0,935,947,1,0,0,0,936,934,1,0,0,0,937, + 940,3,98,41,0,938,940,3,92,38,0,939,937,1,0,0,0,939,938,1,0,0,0,940,942, + 1,0,0,0,941,943,3,100,42,0,942,941,1,0,0,0,943,944,1,0,0,0,944,942,1,0, + 0,0,944,945,1,0,0,0,945,947,1,0,0,0,946,930,1,0,0,0,946,939,1,0,0,0,947, + 187,1,0,0,0,948,950,3,94,39,0,949,951,3,96,40,0,950,949,1,0,0,0,951,952, + 1,0,0,0,952,950,1,0,0,0,952,953,1,0,0,0,953,954,1,0,0,0,954,955,3,94,39, + 0,955,189,1,0,0,0,956,957,3,188,86,0,957,191,1,0,0,0,958,959,3,60,22,0, + 959,960,1,0,0,0,960,961,6,88,11,0,961,193,1,0,0,0,962,963,3,62,23,0,963, + 964,1,0,0,0,964,965,6,89,11,0,965,195,1,0,0,0,966,967,3,64,24,0,967,968, + 1,0,0,0,968,969,6,90,11,0,969,197,1,0,0,0,970,971,3,80,32,0,971,972,1,0, + 0,0,972,973,6,91,14,0,973,974,6,91,15,0,974,199,1,0,0,0,975,976,3,182,83, + 0,976,977,1,0,0,0,977,978,6,92,12,0,978,201,1,0,0,0,979,980,3,184,84,0, + 980,981,1,0,0,0,981,982,6,93,16,0,982,203,1,0,0,0,983,984,3,368,176,0,984, + 985,1,0,0,0,985,986,6,94,17,0,986,205,1,0,0,0,987,988,3,118,51,0,988,989, + 1,0,0,0,989,990,6,95,18,0,990,207,1,0,0,0,991,992,3,114,49,0,992,993,1, + 0,0,0,993,994,6,96,19,0,994,209,1,0,0,0,995,996,7,16,0,0,996,997,7,3,0, + 0,997,998,7,5,0,0,998,999,7,12,0,0,999,1000,7,0,0,0,1000,1001,7,12,0,0, + 1001,1002,7,5,0,0,1002,1003,7,12,0,0,1003,211,1,0,0,0,1004,1005,3,68,26, + 0,1005,1006,1,0,0,0,1006,1007,6,98,20,0,1007,213,1,0,0,0,1008,1009,3,102, + 43,0,1009,1010,1,0,0,0,1010,1011,6,99,21,0,1011,215,1,0,0,0,1012,1013,3, + 60,22,0,1013,1014,1,0,0,0,1014,1015,6,100,11,0,1015,217,1,0,0,0,1016,1017, + 3,62,23,0,1017,1018,1,0,0,0,1018,1019,6,101,11,0,1019,219,1,0,0,0,1020, + 1021,3,64,24,0,1021,1022,1,0,0,0,1022,1023,6,102,11,0,1023,221,1,0,0,0, + 1024,1025,3,80,32,0,1025,1026,1,0,0,0,1026,1027,6,103,14,0,1027,1028,6, + 103,15,0,1028,223,1,0,0,0,1029,1030,3,122,53,0,1030,1031,1,0,0,0,1031,1032, + 6,104,22,0,1032,225,1,0,0,0,1033,1034,3,118,51,0,1034,1035,1,0,0,0,1035, + 1036,6,105,18,0,1036,227,1,0,0,0,1037,1042,3,84,34,0,1038,1042,3,82,33, + 0,1039,1042,3,98,41,0,1040,1042,3,174,79,0,1041,1037,1,0,0,0,1041,1038, + 1,0,0,0,1041,1039,1,0,0,0,1041,1040,1,0,0,0,1042,229,1,0,0,0,1043,1046, + 3,84,34,0,1044,1046,3,174,79,0,1045,1043,1,0,0,0,1045,1044,1,0,0,0,1046, + 1050,1,0,0,0,1047,1049,3,228,106,0,1048,1047,1,0,0,0,1049,1052,1,0,0,0, + 1050,1048,1,0,0,0,1050,1051,1,0,0,0,1051,1063,1,0,0,0,1052,1050,1,0,0,0, + 1053,1056,3,98,41,0,1054,1056,3,92,38,0,1055,1053,1,0,0,0,1055,1054,1,0, + 0,0,1056,1058,1,0,0,0,1057,1059,3,228,106,0,1058,1057,1,0,0,0,1059,1060, + 1,0,0,0,1060,1058,1,0,0,0,1060,1061,1,0,0,0,1061,1063,1,0,0,0,1062,1045, + 1,0,0,0,1062,1055,1,0,0,0,1063,231,1,0,0,0,1064,1067,3,230,107,0,1065,1067, + 3,188,86,0,1066,1064,1,0,0,0,1066,1065,1,0,0,0,1067,1068,1,0,0,0,1068,1066, + 1,0,0,0,1068,1069,1,0,0,0,1069,233,1,0,0,0,1070,1071,3,60,22,0,1071,1072, + 1,0,0,0,1072,1073,6,109,11,0,1073,235,1,0,0,0,1074,1075,3,62,23,0,1075, + 1076,1,0,0,0,1076,1077,6,110,11,0,1077,237,1,0,0,0,1078,1079,3,64,24,0, + 1079,1080,1,0,0,0,1080,1081,6,111,11,0,1081,239,1,0,0,0,1082,1083,3,80, + 32,0,1083,1084,1,0,0,0,1084,1085,6,112,14,0,1085,1086,6,112,15,0,1086,241, + 1,0,0,0,1087,1088,3,114,49,0,1088,1089,1,0,0,0,1089,1090,6,113,19,0,1090, + 243,1,0,0,0,1091,1092,3,118,51,0,1092,1093,1,0,0,0,1093,1094,6,114,18,0, + 1094,245,1,0,0,0,1095,1096,3,122,53,0,1096,1097,1,0,0,0,1097,1098,6,115, + 22,0,1098,247,1,0,0,0,1099,1100,7,12,0,0,1100,1101,7,2,0,0,1101,249,1,0, + 0,0,1102,1103,3,232,108,0,1103,1104,1,0,0,0,1104,1105,6,117,23,0,1105,251, + 1,0,0,0,1106,1107,3,60,22,0,1107,1108,1,0,0,0,1108,1109,6,118,11,0,1109, + 253,1,0,0,0,1110,1111,3,62,23,0,1111,1112,1,0,0,0,1112,1113,6,119,11,0, + 1113,255,1,0,0,0,1114,1115,3,64,24,0,1115,1116,1,0,0,0,1116,1117,6,120, + 11,0,1117,257,1,0,0,0,1118,1119,3,80,32,0,1119,1120,1,0,0,0,1120,1121,6, + 121,14,0,1121,1122,6,121,15,0,1122,259,1,0,0,0,1123,1124,3,182,83,0,1124, + 1125,1,0,0,0,1125,1126,6,122,12,0,1126,1127,6,122,24,0,1127,261,1,0,0,0, + 1128,1129,7,7,0,0,1129,1130,7,9,0,0,1130,1131,1,0,0,0,1131,1132,6,123,25, + 0,1132,263,1,0,0,0,1133,1134,7,20,0,0,1134,1135,7,1,0,0,1135,1136,7,5,0, + 0,1136,1137,7,10,0,0,1137,1138,1,0,0,0,1138,1139,6,124,25,0,1139,265,1, + 0,0,0,1140,1141,8,34,0,0,1141,267,1,0,0,0,1142,1144,3,266,125,0,1143,1142, + 1,0,0,0,1144,1145,1,0,0,0,1145,1143,1,0,0,0,1145,1146,1,0,0,0,1146,1147, + 1,0,0,0,1147,1148,3,368,176,0,1148,1150,1,0,0,0,1149,1143,1,0,0,0,1149, + 1150,1,0,0,0,1150,1152,1,0,0,0,1151,1153,3,266,125,0,1152,1151,1,0,0,0, + 1153,1154,1,0,0,0,1154,1152,1,0,0,0,1154,1155,1,0,0,0,1155,269,1,0,0,0, + 1156,1157,3,268,126,0,1157,1158,1,0,0,0,1158,1159,6,127,26,0,1159,271,1, + 0,0,0,1160,1161,3,60,22,0,1161,1162,1,0,0,0,1162,1163,6,128,11,0,1163,273, + 1,0,0,0,1164,1165,3,62,23,0,1165,1166,1,0,0,0,1166,1167,6,129,11,0,1167, + 275,1,0,0,0,1168,1169,3,64,24,0,1169,1170,1,0,0,0,1170,1171,6,130,11,0, + 1171,277,1,0,0,0,1172,1173,3,80,32,0,1173,1174,1,0,0,0,1174,1175,6,131, + 14,0,1175,1176,6,131,15,0,1176,1177,6,131,15,0,1177,279,1,0,0,0,1178,1179, + 3,114,49,0,1179,1180,1,0,0,0,1180,1181,6,132,19,0,1181,281,1,0,0,0,1182, + 1183,3,118,51,0,1183,1184,1,0,0,0,1184,1185,6,133,18,0,1185,283,1,0,0,0, + 1186,1187,3,122,53,0,1187,1188,1,0,0,0,1188,1189,6,134,22,0,1189,285,1, + 0,0,0,1190,1191,3,264,124,0,1191,1192,1,0,0,0,1192,1193,6,135,27,0,1193, + 287,1,0,0,0,1194,1195,3,232,108,0,1195,1196,1,0,0,0,1196,1197,6,136,23, + 0,1197,289,1,0,0,0,1198,1199,3,190,87,0,1199,1200,1,0,0,0,1200,1201,6,137, + 28,0,1201,291,1,0,0,0,1202,1203,3,60,22,0,1203,1204,1,0,0,0,1204,1205,6, + 138,11,0,1205,293,1,0,0,0,1206,1207,3,62,23,0,1207,1208,1,0,0,0,1208,1209, + 6,139,11,0,1209,295,1,0,0,0,1210,1211,3,64,24,0,1211,1212,1,0,0,0,1212, + 1213,6,140,11,0,1213,297,1,0,0,0,1214,1215,3,80,32,0,1215,1216,1,0,0,0, + 1216,1217,6,141,14,0,1217,1218,6,141,15,0,1218,299,1,0,0,0,1219,1220,3, + 368,176,0,1220,1221,1,0,0,0,1221,1222,6,142,17,0,1222,301,1,0,0,0,1223, + 1224,3,118,51,0,1224,1225,1,0,0,0,1225,1226,6,143,18,0,1226,303,1,0,0,0, + 1227,1228,3,122,53,0,1228,1229,1,0,0,0,1229,1230,6,144,22,0,1230,305,1, + 0,0,0,1231,1232,3,262,123,0,1232,1233,1,0,0,0,1233,1234,6,145,29,0,1234, + 1235,6,145,30,0,1235,307,1,0,0,0,1236,1237,3,68,26,0,1237,1238,1,0,0,0, + 1238,1239,6,146,20,0,1239,309,1,0,0,0,1240,1241,3,102,43,0,1241,1242,1, + 0,0,0,1242,1243,6,147,21,0,1243,311,1,0,0,0,1244,1245,3,60,22,0,1245,1246, + 1,0,0,0,1246,1247,6,148,11,0,1247,313,1,0,0,0,1248,1249,3,62,23,0,1249, + 1250,1,0,0,0,1250,1251,6,149,11,0,1251,315,1,0,0,0,1252,1253,3,64,24,0, + 1253,1254,1,0,0,0,1254,1255,6,150,11,0,1255,317,1,0,0,0,1256,1257,3,80, + 32,0,1257,1258,1,0,0,0,1258,1259,6,151,14,0,1259,1260,6,151,15,0,1260,1261, + 6,151,15,0,1261,319,1,0,0,0,1262,1263,3,118,51,0,1263,1264,1,0,0,0,1264, + 1265,6,152,18,0,1265,321,1,0,0,0,1266,1267,3,122,53,0,1267,1268,1,0,0,0, + 1268,1269,6,153,22,0,1269,323,1,0,0,0,1270,1271,3,232,108,0,1271,1272,1, + 0,0,0,1272,1273,6,154,23,0,1273,325,1,0,0,0,1274,1275,3,60,22,0,1275,1276, + 1,0,0,0,1276,1277,6,155,11,0,1277,327,1,0,0,0,1278,1279,3,62,23,0,1279, + 1280,1,0,0,0,1280,1281,6,156,11,0,1281,329,1,0,0,0,1282,1283,3,64,24,0, + 1283,1284,1,0,0,0,1284,1285,6,157,11,0,1285,331,1,0,0,0,1286,1287,3,80, + 32,0,1287,1288,1,0,0,0,1288,1289,6,158,14,0,1289,1290,6,158,15,0,1290,333, + 1,0,0,0,1291,1292,3,122,53,0,1292,1293,1,0,0,0,1293,1294,6,159,22,0,1294, + 335,1,0,0,0,1295,1296,3,190,87,0,1296,1297,1,0,0,0,1297,1298,6,160,28,0, + 1298,337,1,0,0,0,1299,1300,3,186,85,0,1300,1301,1,0,0,0,1301,1302,6,161, + 31,0,1302,339,1,0,0,0,1303,1304,3,60,22,0,1304,1305,1,0,0,0,1305,1306,6, + 162,11,0,1306,341,1,0,0,0,1307,1308,3,62,23,0,1308,1309,1,0,0,0,1309,1310, + 6,163,11,0,1310,343,1,0,0,0,1311,1312,3,64,24,0,1312,1313,1,0,0,0,1313, + 1314,6,164,11,0,1314,345,1,0,0,0,1315,1316,3,80,32,0,1316,1317,1,0,0,0, + 1317,1318,6,165,14,0,1318,1319,6,165,15,0,1319,347,1,0,0,0,1320,1321,7, + 1,0,0,1321,1322,7,9,0,0,1322,1323,7,15,0,0,1323,1324,7,7,0,0,1324,349,1, + 0,0,0,1325,1326,3,60,22,0,1326,1327,1,0,0,0,1327,1328,6,167,11,0,1328,351, + 1,0,0,0,1329,1330,3,62,23,0,1330,1331,1,0,0,0,1331,1332,6,168,11,0,1332, + 353,1,0,0,0,1333,1334,3,64,24,0,1334,1335,1,0,0,0,1335,1336,6,169,11,0, + 1336,355,1,0,0,0,1337,1338,3,80,32,0,1338,1339,1,0,0,0,1339,1340,6,170, + 14,0,1340,1341,6,170,15,0,1341,357,1,0,0,0,1342,1343,7,15,0,0,1343,1344, + 7,19,0,0,1344,1345,7,9,0,0,1345,1346,7,4,0,0,1346,1347,7,5,0,0,1347,1348, + 7,1,0,0,1348,1349,7,7,0,0,1349,1350,7,9,0,0,1350,1351,7,2,0,0,1351,359, + 1,0,0,0,1352,1353,3,60,22,0,1353,1354,1,0,0,0,1354,1355,6,172,11,0,1355, + 361,1,0,0,0,1356,1357,3,62,23,0,1357,1358,1,0,0,0,1358,1359,6,173,11,0, + 1359,363,1,0,0,0,1360,1361,3,64,24,0,1361,1362,1,0,0,0,1362,1363,6,174, + 11,0,1363,365,1,0,0,0,1364,1365,3,184,84,0,1365,1366,1,0,0,0,1366,1367, + 6,175,16,0,1367,1368,6,175,15,0,1368,367,1,0,0,0,1369,1370,5,58,0,0,1370, + 369,1,0,0,0,1371,1377,3,92,38,0,1372,1377,3,82,33,0,1373,1377,3,122,53, + 0,1374,1377,3,84,34,0,1375,1377,3,98,41,0,1376,1371,1,0,0,0,1376,1372,1, + 0,0,0,1376,1373,1,0,0,0,1376,1374,1,0,0,0,1376,1375,1,0,0,0,1377,1378,1, + 0,0,0,1378,1376,1,0,0,0,1378,1379,1,0,0,0,1379,371,1,0,0,0,1380,1381,3, + 60,22,0,1381,1382,1,0,0,0,1382,1383,6,178,11,0,1383,373,1,0,0,0,1384,1385, + 3,62,23,0,1385,1386,1,0,0,0,1386,1387,6,179,11,0,1387,375,1,0,0,0,1388, + 1389,3,64,24,0,1389,1390,1,0,0,0,1390,1391,6,180,11,0,1391,377,1,0,0,0, + 1392,1393,3,80,32,0,1393,1394,1,0,0,0,1394,1395,6,181,14,0,1395,1396,6, + 181,15,0,1396,379,1,0,0,0,1397,1398,3,68,26,0,1398,1399,1,0,0,0,1399,1400, + 6,182,20,0,1400,1401,6,182,15,0,1401,1402,6,182,32,0,1402,381,1,0,0,0,1403, + 1404,3,102,43,0,1404,1405,1,0,0,0,1405,1406,6,183,21,0,1406,1407,6,183, + 15,0,1407,1408,6,183,32,0,1408,383,1,0,0,0,1409,1410,3,60,22,0,1410,1411, + 1,0,0,0,1411,1412,6,184,11,0,1412,385,1,0,0,0,1413,1414,3,62,23,0,1414, + 1415,1,0,0,0,1415,1416,6,185,11,0,1416,387,1,0,0,0,1417,1418,3,64,24,0, + 1418,1419,1,0,0,0,1419,1420,6,186,11,0,1420,389,1,0,0,0,1421,1422,3,368, + 176,0,1422,1423,1,0,0,0,1423,1424,6,187,17,0,1424,1425,6,187,15,0,1425, + 1426,6,187,7,0,1426,391,1,0,0,0,1427,1428,3,118,51,0,1428,1429,1,0,0,0, + 1429,1430,6,188,18,0,1430,1431,6,188,15,0,1431,1432,6,188,7,0,1432,393, + 1,0,0,0,1433,1434,3,60,22,0,1434,1435,1,0,0,0,1435,1436,6,189,11,0,1436, + 395,1,0,0,0,1437,1438,3,62,23,0,1438,1439,1,0,0,0,1439,1440,6,190,11,0, + 1440,397,1,0,0,0,1441,1442,3,64,24,0,1442,1443,1,0,0,0,1443,1444,6,191, + 11,0,1444,399,1,0,0,0,1445,1446,3,190,87,0,1446,1447,1,0,0,0,1447,1448, + 6,192,15,0,1448,1449,6,192,0,0,1449,1450,6,192,28,0,1450,401,1,0,0,0,1451, + 1452,3,186,85,0,1452,1453,1,0,0,0,1453,1454,6,193,15,0,1454,1455,6,193, + 0,0,1455,1456,6,193,31,0,1456,403,1,0,0,0,1457,1458,3,108,46,0,1458,1459, + 1,0,0,0,1459,1460,6,194,15,0,1460,1461,6,194,0,0,1461,1462,6,194,33,0,1462, + 405,1,0,0,0,1463,1464,3,80,32,0,1464,1465,1,0,0,0,1465,1466,6,195,14,0, + 1466,1467,6,195,15,0,1467,407,1,0,0,0,65,0,1,2,3,4,5,6,7,8,9,10,11,12,13, + 14,15,588,598,602,605,614,616,627,634,639,678,683,692,699,704,706,717,725, + 728,730,735,740,746,753,758,764,767,775,779,909,916,918,934,939,944,946, + 952,1041,1045,1050,1055,1060,1062,1066,1068,1145,1149,1154,1376,1378,34, + 5,2,0,5,4,0,5,6,0,5,1,0,5,3,0,5,8,0,5,12,0,5,14,0,5,10,0,5,5,0,5,11,0,0, + 1,0,7,71,0,5,0,0,7,30,0,4,0,0,7,72,0,7,116,0,7,39,0,7,37,0,7,26,0,7,31, + 0,7,41,0,7,82,0,5,13,0,5,7,0,7,92,0,7,91,0,7,74,0,7,90,0,5,9,0,7,73,0,5, + 15,0,7,34,0]; private static __ATN: ATN; public static get _ATN(): ATN { diff --git a/packages/kbn-esql-ast/src/antlr/esql_parser.g4 b/packages/kbn-esql-ast/src/antlr/esql_parser.g4 index 5d243a504386c..d7e78ceda4578 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_parser.g4 +++ b/packages/kbn-esql-ast/src/antlr/esql_parser.g4 @@ -52,6 +52,7 @@ processingCommand | grokCommand | enrichCommand | mvExpandCommand + | matchCommand ; whereCommand @@ -75,7 +76,7 @@ regexBooleanExpression ; matchBooleanExpression - : qualifiedName MATCH queryString=string + : qualifiedName MATCH_OPERATOR queryString=string ; valueExpression @@ -305,4 +306,12 @@ enrichWithClause lookupCommand : LOOKUP tableName=indexPattern ON matchFields=qualifiedNamePatterns + ; + +matchCommand + : MATCH matchQuery + ; + +matchQuery + : QUOTED_STRING ; \ No newline at end of file diff --git a/packages/kbn-esql-ast/src/antlr/esql_parser.interp b/packages/kbn-esql-ast/src/antlr/esql_parser.interp index b52db660b55ee..f415b4fce3170 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_parser.interp +++ b/packages/kbn-esql-ast/src/antlr/esql_parser.interp @@ -28,6 +28,7 @@ null null null null +null '|' null null @@ -47,7 +48,7 @@ null 'last' 'like' '(' -'match' +null 'not' 'null' 'nulls' @@ -148,6 +149,7 @@ SHOW SORT STATS WHERE +MATCH UNKNOWN_CMD LINE_COMMENT MULTILINE_COMMENT @@ -175,7 +177,7 @@ IS LAST LIKE LP -MATCH +MATCH_OPERATOR NOT NULL NULLS @@ -314,7 +316,9 @@ metaCommand enrichCommand enrichWithClause lookupCommand +matchCommand +matchQuery atn: -[4, 1, 125, 574, 2, 0, 7, 0, 2, 1, 7, 1, 2, 2, 7, 2, 2, 3, 7, 3, 2, 4, 7, 4, 2, 5, 7, 5, 2, 6, 7, 6, 2, 7, 7, 7, 2, 8, 7, 8, 2, 9, 7, 9, 2, 10, 7, 10, 2, 11, 7, 11, 2, 12, 7, 12, 2, 13, 7, 13, 2, 14, 7, 14, 2, 15, 7, 15, 2, 16, 7, 16, 2, 17, 7, 17, 2, 18, 7, 18, 2, 19, 7, 19, 2, 20, 7, 20, 2, 21, 7, 21, 2, 22, 7, 22, 2, 23, 7, 23, 2, 24, 7, 24, 2, 25, 7, 25, 2, 26, 7, 26, 2, 27, 7, 27, 2, 28, 7, 28, 2, 29, 7, 29, 2, 30, 7, 30, 2, 31, 7, 31, 2, 32, 7, 32, 2, 33, 7, 33, 2, 34, 7, 34, 2, 35, 7, 35, 2, 36, 7, 36, 2, 37, 7, 37, 2, 38, 7, 38, 2, 39, 7, 39, 2, 40, 7, 40, 2, 41, 7, 41, 2, 42, 7, 42, 2, 43, 7, 43, 2, 44, 7, 44, 2, 45, 7, 45, 2, 46, 7, 46, 2, 47, 7, 47, 2, 48, 7, 48, 2, 49, 7, 49, 2, 50, 7, 50, 2, 51, 7, 51, 2, 52, 7, 52, 2, 53, 7, 53, 2, 54, 7, 54, 2, 55, 7, 55, 2, 56, 7, 56, 2, 57, 7, 57, 2, 58, 7, 58, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 5, 1, 128, 8, 1, 10, 1, 12, 1, 131, 9, 1, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 3, 2, 139, 8, 2, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 3, 3, 155, 8, 3, 1, 4, 1, 4, 1, 4, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 3, 5, 168, 8, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 5, 5, 175, 8, 5, 10, 5, 12, 5, 178, 9, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 3, 5, 185, 8, 5, 1, 5, 1, 5, 3, 5, 189, 8, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 5, 5, 197, 8, 5, 10, 5, 12, 5, 200, 9, 5, 1, 6, 1, 6, 3, 6, 204, 8, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 3, 6, 211, 8, 6, 1, 6, 1, 6, 1, 6, 3, 6, 216, 8, 6, 1, 7, 1, 7, 1, 7, 1, 7, 1, 8, 1, 8, 1, 8, 1, 8, 1, 8, 3, 8, 227, 8, 8, 1, 9, 1, 9, 1, 9, 1, 9, 3, 9, 233, 8, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 5, 9, 241, 8, 9, 10, 9, 12, 9, 244, 9, 9, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 3, 10, 254, 8, 10, 1, 10, 1, 10, 1, 10, 5, 10, 259, 8, 10, 10, 10, 12, 10, 262, 9, 10, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 5, 11, 270, 8, 11, 10, 11, 12, 11, 273, 9, 11, 3, 11, 275, 8, 11, 1, 11, 1, 11, 1, 12, 1, 12, 1, 13, 1, 13, 1, 13, 1, 14, 1, 14, 1, 14, 5, 14, 287, 8, 14, 10, 14, 12, 14, 290, 9, 14, 1, 15, 1, 15, 1, 15, 1, 15, 1, 15, 3, 15, 297, 8, 15, 1, 16, 1, 16, 1, 16, 1, 16, 5, 16, 303, 8, 16, 10, 16, 12, 16, 306, 9, 16, 1, 16, 3, 16, 309, 8, 16, 1, 17, 1, 17, 1, 17, 1, 17, 1, 17, 3, 17, 316, 8, 17, 1, 18, 1, 18, 1, 19, 1, 19, 1, 20, 1, 20, 3, 20, 324, 8, 20, 1, 21, 1, 21, 1, 21, 1, 21, 5, 21, 330, 8, 21, 10, 21, 12, 21, 333, 9, 21, 1, 22, 1, 22, 1, 22, 1, 22, 1, 23, 1, 23, 1, 23, 1, 23, 5, 23, 343, 8, 23, 10, 23, 12, 23, 346, 9, 23, 1, 23, 3, 23, 349, 8, 23, 1, 23, 1, 23, 3, 23, 353, 8, 23, 1, 24, 1, 24, 1, 24, 1, 25, 1, 25, 3, 25, 360, 8, 25, 1, 25, 1, 25, 3, 25, 364, 8, 25, 1, 26, 1, 26, 1, 26, 1, 26, 3, 26, 370, 8, 26, 1, 27, 1, 27, 1, 27, 5, 27, 375, 8, 27, 10, 27, 12, 27, 378, 9, 27, 1, 28, 1, 28, 1, 28, 5, 28, 383, 8, 28, 10, 28, 12, 28, 386, 9, 28, 1, 29, 1, 29, 1, 29, 5, 29, 391, 8, 29, 10, 29, 12, 29, 394, 9, 29, 1, 30, 1, 30, 1, 31, 1, 31, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 5, 32, 413, 8, 32, 10, 32, 12, 32, 416, 9, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 5, 32, 424, 8, 32, 10, 32, 12, 32, 427, 9, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 5, 32, 435, 8, 32, 10, 32, 12, 32, 438, 9, 32, 1, 32, 1, 32, 3, 32, 442, 8, 32, 1, 33, 1, 33, 3, 33, 446, 8, 33, 1, 34, 1, 34, 1, 34, 1, 35, 1, 35, 1, 35, 1, 35, 5, 35, 455, 8, 35, 10, 35, 12, 35, 458, 9, 35, 1, 36, 1, 36, 3, 36, 462, 8, 36, 1, 36, 1, 36, 3, 36, 466, 8, 36, 1, 37, 1, 37, 1, 37, 1, 38, 1, 38, 1, 38, 1, 39, 1, 39, 1, 39, 1, 39, 5, 39, 478, 8, 39, 10, 39, 12, 39, 481, 9, 39, 1, 40, 1, 40, 1, 40, 1, 40, 1, 41, 1, 41, 1, 41, 1, 41, 3, 41, 491, 8, 41, 1, 42, 1, 42, 1, 42, 1, 42, 1, 43, 1, 43, 1, 43, 1, 44, 1, 44, 1, 44, 5, 44, 503, 8, 44, 10, 44, 12, 44, 506, 9, 44, 1, 45, 1, 45, 1, 45, 1, 45, 1, 46, 1, 46, 1, 47, 1, 47, 3, 47, 516, 8, 47, 1, 48, 3, 48, 519, 8, 48, 1, 48, 1, 48, 1, 49, 3, 49, 524, 8, 49, 1, 49, 1, 49, 1, 50, 1, 50, 1, 51, 1, 51, 1, 52, 1, 52, 1, 52, 1, 53, 1, 53, 1, 53, 1, 53, 1, 54, 1, 54, 1, 54, 1, 55, 1, 55, 1, 55, 1, 56, 1, 56, 1, 56, 1, 56, 3, 56, 549, 8, 56, 1, 56, 1, 56, 1, 56, 1, 56, 5, 56, 555, 8, 56, 10, 56, 12, 56, 558, 9, 56, 3, 56, 560, 8, 56, 1, 57, 1, 57, 1, 57, 3, 57, 565, 8, 57, 1, 57, 1, 57, 1, 58, 1, 58, 1, 58, 1, 58, 1, 58, 1, 58, 0, 4, 2, 10, 18, 20, 59, 0, 2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, 28, 30, 32, 34, 36, 38, 40, 42, 44, 46, 48, 50, 52, 54, 56, 58, 60, 62, 64, 66, 68, 70, 72, 74, 76, 78, 80, 82, 84, 86, 88, 90, 92, 94, 96, 98, 100, 102, 104, 106, 108, 110, 112, 114, 116, 0, 8, 1, 0, 64, 65, 1, 0, 66, 68, 2, 0, 25, 25, 30, 30, 1, 0, 72, 73, 2, 0, 35, 35, 39, 39, 2, 0, 42, 42, 45, 45, 2, 0, 41, 41, 56, 56, 2, 0, 57, 57, 59, 63, 599, 0, 118, 1, 0, 0, 0, 2, 121, 1, 0, 0, 0, 4, 138, 1, 0, 0, 0, 6, 154, 1, 0, 0, 0, 8, 156, 1, 0, 0, 0, 10, 188, 1, 0, 0, 0, 12, 215, 1, 0, 0, 0, 14, 217, 1, 0, 0, 0, 16, 226, 1, 0, 0, 0, 18, 232, 1, 0, 0, 0, 20, 253, 1, 0, 0, 0, 22, 263, 1, 0, 0, 0, 24, 278, 1, 0, 0, 0, 26, 280, 1, 0, 0, 0, 28, 283, 1, 0, 0, 0, 30, 296, 1, 0, 0, 0, 32, 298, 1, 0, 0, 0, 34, 315, 1, 0, 0, 0, 36, 317, 1, 0, 0, 0, 38, 319, 1, 0, 0, 0, 40, 323, 1, 0, 0, 0, 42, 325, 1, 0, 0, 0, 44, 334, 1, 0, 0, 0, 46, 338, 1, 0, 0, 0, 48, 354, 1, 0, 0, 0, 50, 357, 1, 0, 0, 0, 52, 365, 1, 0, 0, 0, 54, 371, 1, 0, 0, 0, 56, 379, 1, 0, 0, 0, 58, 387, 1, 0, 0, 0, 60, 395, 1, 0, 0, 0, 62, 397, 1, 0, 0, 0, 64, 441, 1, 0, 0, 0, 66, 445, 1, 0, 0, 0, 68, 447, 1, 0, 0, 0, 70, 450, 1, 0, 0, 0, 72, 459, 1, 0, 0, 0, 74, 467, 1, 0, 0, 0, 76, 470, 1, 0, 0, 0, 78, 473, 1, 0, 0, 0, 80, 482, 1, 0, 0, 0, 82, 486, 1, 0, 0, 0, 84, 492, 1, 0, 0, 0, 86, 496, 1, 0, 0, 0, 88, 499, 1, 0, 0, 0, 90, 507, 1, 0, 0, 0, 92, 511, 1, 0, 0, 0, 94, 515, 1, 0, 0, 0, 96, 518, 1, 0, 0, 0, 98, 523, 1, 0, 0, 0, 100, 527, 1, 0, 0, 0, 102, 529, 1, 0, 0, 0, 104, 531, 1, 0, 0, 0, 106, 534, 1, 0, 0, 0, 108, 538, 1, 0, 0, 0, 110, 541, 1, 0, 0, 0, 112, 544, 1, 0, 0, 0, 114, 564, 1, 0, 0, 0, 116, 568, 1, 0, 0, 0, 118, 119, 3, 2, 1, 0, 119, 120, 5, 0, 0, 1, 120, 1, 1, 0, 0, 0, 121, 122, 6, 1, -1, 0, 122, 123, 3, 4, 2, 0, 123, 129, 1, 0, 0, 0, 124, 125, 10, 1, 0, 0, 125, 126, 5, 29, 0, 0, 126, 128, 3, 6, 3, 0, 127, 124, 1, 0, 0, 0, 128, 131, 1, 0, 0, 0, 129, 127, 1, 0, 0, 0, 129, 130, 1, 0, 0, 0, 130, 3, 1, 0, 0, 0, 131, 129, 1, 0, 0, 0, 132, 139, 3, 104, 52, 0, 133, 139, 3, 32, 16, 0, 134, 139, 3, 26, 13, 0, 135, 139, 3, 46, 23, 0, 136, 139, 3, 108, 54, 0, 137, 139, 3, 110, 55, 0, 138, 132, 1, 0, 0, 0, 138, 133, 1, 0, 0, 0, 138, 134, 1, 0, 0, 0, 138, 135, 1, 0, 0, 0, 138, 136, 1, 0, 0, 0, 138, 137, 1, 0, 0, 0, 139, 5, 1, 0, 0, 0, 140, 155, 3, 48, 24, 0, 141, 155, 3, 52, 26, 0, 142, 155, 3, 68, 34, 0, 143, 155, 3, 116, 58, 0, 144, 155, 3, 74, 37, 0, 145, 155, 3, 70, 35, 0, 146, 155, 3, 50, 25, 0, 147, 155, 3, 8, 4, 0, 148, 155, 3, 76, 38, 0, 149, 155, 3, 78, 39, 0, 150, 155, 3, 82, 41, 0, 151, 155, 3, 84, 42, 0, 152, 155, 3, 112, 56, 0, 153, 155, 3, 86, 43, 0, 154, 140, 1, 0, 0, 0, 154, 141, 1, 0, 0, 0, 154, 142, 1, 0, 0, 0, 154, 143, 1, 0, 0, 0, 154, 144, 1, 0, 0, 0, 154, 145, 1, 0, 0, 0, 154, 146, 1, 0, 0, 0, 154, 147, 1, 0, 0, 0, 154, 148, 1, 0, 0, 0, 154, 149, 1, 0, 0, 0, 154, 150, 1, 0, 0, 0, 154, 151, 1, 0, 0, 0, 154, 152, 1, 0, 0, 0, 154, 153, 1, 0, 0, 0, 155, 7, 1, 0, 0, 0, 156, 157, 5, 20, 0, 0, 157, 158, 3, 10, 5, 0, 158, 9, 1, 0, 0, 0, 159, 160, 6, 5, -1, 0, 160, 161, 5, 49, 0, 0, 161, 189, 3, 10, 5, 8, 162, 189, 3, 16, 8, 0, 163, 189, 3, 12, 6, 0, 164, 189, 3, 14, 7, 0, 165, 167, 3, 16, 8, 0, 166, 168, 5, 49, 0, 0, 167, 166, 1, 0, 0, 0, 167, 168, 1, 0, 0, 0, 168, 169, 1, 0, 0, 0, 169, 170, 5, 43, 0, 0, 170, 171, 5, 47, 0, 0, 171, 176, 3, 16, 8, 0, 172, 173, 5, 38, 0, 0, 173, 175, 3, 16, 8, 0, 174, 172, 1, 0, 0, 0, 175, 178, 1, 0, 0, 0, 176, 174, 1, 0, 0, 0, 176, 177, 1, 0, 0, 0, 177, 179, 1, 0, 0, 0, 178, 176, 1, 0, 0, 0, 179, 180, 5, 55, 0, 0, 180, 189, 1, 0, 0, 0, 181, 182, 3, 16, 8, 0, 182, 184, 5, 44, 0, 0, 183, 185, 5, 49, 0, 0, 184, 183, 1, 0, 0, 0, 184, 185, 1, 0, 0, 0, 185, 186, 1, 0, 0, 0, 186, 187, 5, 50, 0, 0, 187, 189, 1, 0, 0, 0, 188, 159, 1, 0, 0, 0, 188, 162, 1, 0, 0, 0, 188, 163, 1, 0, 0, 0, 188, 164, 1, 0, 0, 0, 188, 165, 1, 0, 0, 0, 188, 181, 1, 0, 0, 0, 189, 198, 1, 0, 0, 0, 190, 191, 10, 4, 0, 0, 191, 192, 5, 34, 0, 0, 192, 197, 3, 10, 5, 5, 193, 194, 10, 3, 0, 0, 194, 195, 5, 52, 0, 0, 195, 197, 3, 10, 5, 4, 196, 190, 1, 0, 0, 0, 196, 193, 1, 0, 0, 0, 197, 200, 1, 0, 0, 0, 198, 196, 1, 0, 0, 0, 198, 199, 1, 0, 0, 0, 199, 11, 1, 0, 0, 0, 200, 198, 1, 0, 0, 0, 201, 203, 3, 16, 8, 0, 202, 204, 5, 49, 0, 0, 203, 202, 1, 0, 0, 0, 203, 204, 1, 0, 0, 0, 204, 205, 1, 0, 0, 0, 205, 206, 5, 46, 0, 0, 206, 207, 3, 100, 50, 0, 207, 216, 1, 0, 0, 0, 208, 210, 3, 16, 8, 0, 209, 211, 5, 49, 0, 0, 210, 209, 1, 0, 0, 0, 210, 211, 1, 0, 0, 0, 211, 212, 1, 0, 0, 0, 212, 213, 5, 54, 0, 0, 213, 214, 3, 100, 50, 0, 214, 216, 1, 0, 0, 0, 215, 201, 1, 0, 0, 0, 215, 208, 1, 0, 0, 0, 216, 13, 1, 0, 0, 0, 217, 218, 3, 54, 27, 0, 218, 219, 5, 48, 0, 0, 219, 220, 3, 100, 50, 0, 220, 15, 1, 0, 0, 0, 221, 227, 3, 18, 9, 0, 222, 223, 3, 18, 9, 0, 223, 224, 3, 102, 51, 0, 224, 225, 3, 18, 9, 0, 225, 227, 1, 0, 0, 0, 226, 221, 1, 0, 0, 0, 226, 222, 1, 0, 0, 0, 227, 17, 1, 0, 0, 0, 228, 229, 6, 9, -1, 0, 229, 233, 3, 20, 10, 0, 230, 231, 7, 0, 0, 0, 231, 233, 3, 18, 9, 3, 232, 228, 1, 0, 0, 0, 232, 230, 1, 0, 0, 0, 233, 242, 1, 0, 0, 0, 234, 235, 10, 2, 0, 0, 235, 236, 7, 1, 0, 0, 236, 241, 3, 18, 9, 3, 237, 238, 10, 1, 0, 0, 238, 239, 7, 0, 0, 0, 239, 241, 3, 18, 9, 2, 240, 234, 1, 0, 0, 0, 240, 237, 1, 0, 0, 0, 241, 244, 1, 0, 0, 0, 242, 240, 1, 0, 0, 0, 242, 243, 1, 0, 0, 0, 243, 19, 1, 0, 0, 0, 244, 242, 1, 0, 0, 0, 245, 246, 6, 10, -1, 0, 246, 254, 3, 64, 32, 0, 247, 254, 3, 54, 27, 0, 248, 254, 3, 22, 11, 0, 249, 250, 5, 47, 0, 0, 250, 251, 3, 10, 5, 0, 251, 252, 5, 55, 0, 0, 252, 254, 1, 0, 0, 0, 253, 245, 1, 0, 0, 0, 253, 247, 1, 0, 0, 0, 253, 248, 1, 0, 0, 0, 253, 249, 1, 0, 0, 0, 254, 260, 1, 0, 0, 0, 255, 256, 10, 1, 0, 0, 256, 257, 5, 37, 0, 0, 257, 259, 3, 24, 12, 0, 258, 255, 1, 0, 0, 0, 259, 262, 1, 0, 0, 0, 260, 258, 1, 0, 0, 0, 260, 261, 1, 0, 0, 0, 261, 21, 1, 0, 0, 0, 262, 260, 1, 0, 0, 0, 263, 264, 3, 60, 30, 0, 264, 274, 5, 47, 0, 0, 265, 275, 5, 66, 0, 0, 266, 271, 3, 10, 5, 0, 267, 268, 5, 38, 0, 0, 268, 270, 3, 10, 5, 0, 269, 267, 1, 0, 0, 0, 270, 273, 1, 0, 0, 0, 271, 269, 1, 0, 0, 0, 271, 272, 1, 0, 0, 0, 272, 275, 1, 0, 0, 0, 273, 271, 1, 0, 0, 0, 274, 265, 1, 0, 0, 0, 274, 266, 1, 0, 0, 0, 274, 275, 1, 0, 0, 0, 275, 276, 1, 0, 0, 0, 276, 277, 5, 55, 0, 0, 277, 23, 1, 0, 0, 0, 278, 279, 3, 60, 30, 0, 279, 25, 1, 0, 0, 0, 280, 281, 5, 16, 0, 0, 281, 282, 3, 28, 14, 0, 282, 27, 1, 0, 0, 0, 283, 288, 3, 30, 15, 0, 284, 285, 5, 38, 0, 0, 285, 287, 3, 30, 15, 0, 286, 284, 1, 0, 0, 0, 287, 290, 1, 0, 0, 0, 288, 286, 1, 0, 0, 0, 288, 289, 1, 0, 0, 0, 289, 29, 1, 0, 0, 0, 290, 288, 1, 0, 0, 0, 291, 297, 3, 10, 5, 0, 292, 293, 3, 54, 27, 0, 293, 294, 5, 36, 0, 0, 294, 295, 3, 10, 5, 0, 295, 297, 1, 0, 0, 0, 296, 291, 1, 0, 0, 0, 296, 292, 1, 0, 0, 0, 297, 31, 1, 0, 0, 0, 298, 299, 5, 6, 0, 0, 299, 304, 3, 34, 17, 0, 300, 301, 5, 38, 0, 0, 301, 303, 3, 34, 17, 0, 302, 300, 1, 0, 0, 0, 303, 306, 1, 0, 0, 0, 304, 302, 1, 0, 0, 0, 304, 305, 1, 0, 0, 0, 305, 308, 1, 0, 0, 0, 306, 304, 1, 0, 0, 0, 307, 309, 3, 40, 20, 0, 308, 307, 1, 0, 0, 0, 308, 309, 1, 0, 0, 0, 309, 33, 1, 0, 0, 0, 310, 311, 3, 36, 18, 0, 311, 312, 5, 115, 0, 0, 312, 313, 3, 38, 19, 0, 313, 316, 1, 0, 0, 0, 314, 316, 3, 38, 19, 0, 315, 310, 1, 0, 0, 0, 315, 314, 1, 0, 0, 0, 316, 35, 1, 0, 0, 0, 317, 318, 5, 25, 0, 0, 318, 37, 1, 0, 0, 0, 319, 320, 7, 2, 0, 0, 320, 39, 1, 0, 0, 0, 321, 324, 3, 42, 21, 0, 322, 324, 3, 44, 22, 0, 323, 321, 1, 0, 0, 0, 323, 322, 1, 0, 0, 0, 324, 41, 1, 0, 0, 0, 325, 326, 5, 77, 0, 0, 326, 331, 5, 25, 0, 0, 327, 328, 5, 38, 0, 0, 328, 330, 5, 25, 0, 0, 329, 327, 1, 0, 0, 0, 330, 333, 1, 0, 0, 0, 331, 329, 1, 0, 0, 0, 331, 332, 1, 0, 0, 0, 332, 43, 1, 0, 0, 0, 333, 331, 1, 0, 0, 0, 334, 335, 5, 70, 0, 0, 335, 336, 3, 42, 21, 0, 336, 337, 5, 71, 0, 0, 337, 45, 1, 0, 0, 0, 338, 339, 5, 13, 0, 0, 339, 344, 3, 34, 17, 0, 340, 341, 5, 38, 0, 0, 341, 343, 3, 34, 17, 0, 342, 340, 1, 0, 0, 0, 343, 346, 1, 0, 0, 0, 344, 342, 1, 0, 0, 0, 344, 345, 1, 0, 0, 0, 345, 348, 1, 0, 0, 0, 346, 344, 1, 0, 0, 0, 347, 349, 3, 28, 14, 0, 348, 347, 1, 0, 0, 0, 348, 349, 1, 0, 0, 0, 349, 352, 1, 0, 0, 0, 350, 351, 5, 33, 0, 0, 351, 353, 3, 28, 14, 0, 352, 350, 1, 0, 0, 0, 352, 353, 1, 0, 0, 0, 353, 47, 1, 0, 0, 0, 354, 355, 5, 4, 0, 0, 355, 356, 3, 28, 14, 0, 356, 49, 1, 0, 0, 0, 357, 359, 5, 19, 0, 0, 358, 360, 3, 28, 14, 0, 359, 358, 1, 0, 0, 0, 359, 360, 1, 0, 0, 0, 360, 363, 1, 0, 0, 0, 361, 362, 5, 33, 0, 0, 362, 364, 3, 28, 14, 0, 363, 361, 1, 0, 0, 0, 363, 364, 1, 0, 0, 0, 364, 51, 1, 0, 0, 0, 365, 366, 5, 8, 0, 0, 366, 369, 3, 28, 14, 0, 367, 368, 5, 33, 0, 0, 368, 370, 3, 28, 14, 0, 369, 367, 1, 0, 0, 0, 369, 370, 1, 0, 0, 0, 370, 53, 1, 0, 0, 0, 371, 376, 3, 60, 30, 0, 372, 373, 5, 40, 0, 0, 373, 375, 3, 60, 30, 0, 374, 372, 1, 0, 0, 0, 375, 378, 1, 0, 0, 0, 376, 374, 1, 0, 0, 0, 376, 377, 1, 0, 0, 0, 377, 55, 1, 0, 0, 0, 378, 376, 1, 0, 0, 0, 379, 384, 3, 62, 31, 0, 380, 381, 5, 40, 0, 0, 381, 383, 3, 62, 31, 0, 382, 380, 1, 0, 0, 0, 383, 386, 1, 0, 0, 0, 384, 382, 1, 0, 0, 0, 384, 385, 1, 0, 0, 0, 385, 57, 1, 0, 0, 0, 386, 384, 1, 0, 0, 0, 387, 392, 3, 56, 28, 0, 388, 389, 5, 38, 0, 0, 389, 391, 3, 56, 28, 0, 390, 388, 1, 0, 0, 0, 391, 394, 1, 0, 0, 0, 392, 390, 1, 0, 0, 0, 392, 393, 1, 0, 0, 0, 393, 59, 1, 0, 0, 0, 394, 392, 1, 0, 0, 0, 395, 396, 7, 3, 0, 0, 396, 61, 1, 0, 0, 0, 397, 398, 5, 81, 0, 0, 398, 63, 1, 0, 0, 0, 399, 442, 5, 50, 0, 0, 400, 401, 3, 98, 49, 0, 401, 402, 5, 72, 0, 0, 402, 442, 1, 0, 0, 0, 403, 442, 3, 96, 48, 0, 404, 442, 3, 98, 49, 0, 405, 442, 3, 92, 46, 0, 406, 442, 3, 66, 33, 0, 407, 442, 3, 100, 50, 0, 408, 409, 5, 70, 0, 0, 409, 414, 3, 94, 47, 0, 410, 411, 5, 38, 0, 0, 411, 413, 3, 94, 47, 0, 412, 410, 1, 0, 0, 0, 413, 416, 1, 0, 0, 0, 414, 412, 1, 0, 0, 0, 414, 415, 1, 0, 0, 0, 415, 417, 1, 0, 0, 0, 416, 414, 1, 0, 0, 0, 417, 418, 5, 71, 0, 0, 418, 442, 1, 0, 0, 0, 419, 420, 5, 70, 0, 0, 420, 425, 3, 92, 46, 0, 421, 422, 5, 38, 0, 0, 422, 424, 3, 92, 46, 0, 423, 421, 1, 0, 0, 0, 424, 427, 1, 0, 0, 0, 425, 423, 1, 0, 0, 0, 425, 426, 1, 0, 0, 0, 426, 428, 1, 0, 0, 0, 427, 425, 1, 0, 0, 0, 428, 429, 5, 71, 0, 0, 429, 442, 1, 0, 0, 0, 430, 431, 5, 70, 0, 0, 431, 436, 3, 100, 50, 0, 432, 433, 5, 38, 0, 0, 433, 435, 3, 100, 50, 0, 434, 432, 1, 0, 0, 0, 435, 438, 1, 0, 0, 0, 436, 434, 1, 0, 0, 0, 436, 437, 1, 0, 0, 0, 437, 439, 1, 0, 0, 0, 438, 436, 1, 0, 0, 0, 439, 440, 5, 71, 0, 0, 440, 442, 1, 0, 0, 0, 441, 399, 1, 0, 0, 0, 441, 400, 1, 0, 0, 0, 441, 403, 1, 0, 0, 0, 441, 404, 1, 0, 0, 0, 441, 405, 1, 0, 0, 0, 441, 406, 1, 0, 0, 0, 441, 407, 1, 0, 0, 0, 441, 408, 1, 0, 0, 0, 441, 419, 1, 0, 0, 0, 441, 430, 1, 0, 0, 0, 442, 65, 1, 0, 0, 0, 443, 446, 5, 53, 0, 0, 444, 446, 5, 69, 0, 0, 445, 443, 1, 0, 0, 0, 445, 444, 1, 0, 0, 0, 446, 67, 1, 0, 0, 0, 447, 448, 5, 10, 0, 0, 448, 449, 5, 31, 0, 0, 449, 69, 1, 0, 0, 0, 450, 451, 5, 18, 0, 0, 451, 456, 3, 72, 36, 0, 452, 453, 5, 38, 0, 0, 453, 455, 3, 72, 36, 0, 454, 452, 1, 0, 0, 0, 455, 458, 1, 0, 0, 0, 456, 454, 1, 0, 0, 0, 456, 457, 1, 0, 0, 0, 457, 71, 1, 0, 0, 0, 458, 456, 1, 0, 0, 0, 459, 461, 3, 10, 5, 0, 460, 462, 7, 4, 0, 0, 461, 460, 1, 0, 0, 0, 461, 462, 1, 0, 0, 0, 462, 465, 1, 0, 0, 0, 463, 464, 5, 51, 0, 0, 464, 466, 7, 5, 0, 0, 465, 463, 1, 0, 0, 0, 465, 466, 1, 0, 0, 0, 466, 73, 1, 0, 0, 0, 467, 468, 5, 9, 0, 0, 468, 469, 3, 58, 29, 0, 469, 75, 1, 0, 0, 0, 470, 471, 5, 2, 0, 0, 471, 472, 3, 58, 29, 0, 472, 77, 1, 0, 0, 0, 473, 474, 5, 15, 0, 0, 474, 479, 3, 80, 40, 0, 475, 476, 5, 38, 0, 0, 476, 478, 3, 80, 40, 0, 477, 475, 1, 0, 0, 0, 478, 481, 1, 0, 0, 0, 479, 477, 1, 0, 0, 0, 479, 480, 1, 0, 0, 0, 480, 79, 1, 0, 0, 0, 481, 479, 1, 0, 0, 0, 482, 483, 3, 56, 28, 0, 483, 484, 5, 85, 0, 0, 484, 485, 3, 56, 28, 0, 485, 81, 1, 0, 0, 0, 486, 487, 5, 1, 0, 0, 487, 488, 3, 20, 10, 0, 488, 490, 3, 100, 50, 0, 489, 491, 3, 88, 44, 0, 490, 489, 1, 0, 0, 0, 490, 491, 1, 0, 0, 0, 491, 83, 1, 0, 0, 0, 492, 493, 5, 7, 0, 0, 493, 494, 3, 20, 10, 0, 494, 495, 3, 100, 50, 0, 495, 85, 1, 0, 0, 0, 496, 497, 5, 14, 0, 0, 497, 498, 3, 54, 27, 0, 498, 87, 1, 0, 0, 0, 499, 504, 3, 90, 45, 0, 500, 501, 5, 38, 0, 0, 501, 503, 3, 90, 45, 0, 502, 500, 1, 0, 0, 0, 503, 506, 1, 0, 0, 0, 504, 502, 1, 0, 0, 0, 504, 505, 1, 0, 0, 0, 505, 89, 1, 0, 0, 0, 506, 504, 1, 0, 0, 0, 507, 508, 3, 60, 30, 0, 508, 509, 5, 36, 0, 0, 509, 510, 3, 64, 32, 0, 510, 91, 1, 0, 0, 0, 511, 512, 7, 6, 0, 0, 512, 93, 1, 0, 0, 0, 513, 516, 3, 96, 48, 0, 514, 516, 3, 98, 49, 0, 515, 513, 1, 0, 0, 0, 515, 514, 1, 0, 0, 0, 516, 95, 1, 0, 0, 0, 517, 519, 7, 0, 0, 0, 518, 517, 1, 0, 0, 0, 518, 519, 1, 0, 0, 0, 519, 520, 1, 0, 0, 0, 520, 521, 5, 32, 0, 0, 521, 97, 1, 0, 0, 0, 522, 524, 7, 0, 0, 0, 523, 522, 1, 0, 0, 0, 523, 524, 1, 0, 0, 0, 524, 525, 1, 0, 0, 0, 525, 526, 5, 31, 0, 0, 526, 99, 1, 0, 0, 0, 527, 528, 5, 30, 0, 0, 528, 101, 1, 0, 0, 0, 529, 530, 7, 7, 0, 0, 530, 103, 1, 0, 0, 0, 531, 532, 5, 5, 0, 0, 532, 533, 3, 106, 53, 0, 533, 105, 1, 0, 0, 0, 534, 535, 5, 70, 0, 0, 535, 536, 3, 2, 1, 0, 536, 537, 5, 71, 0, 0, 537, 107, 1, 0, 0, 0, 538, 539, 5, 17, 0, 0, 539, 540, 5, 107, 0, 0, 540, 109, 1, 0, 0, 0, 541, 542, 5, 12, 0, 0, 542, 543, 5, 111, 0, 0, 543, 111, 1, 0, 0, 0, 544, 545, 5, 3, 0, 0, 545, 548, 5, 91, 0, 0, 546, 547, 5, 89, 0, 0, 547, 549, 3, 56, 28, 0, 548, 546, 1, 0, 0, 0, 548, 549, 1, 0, 0, 0, 549, 559, 1, 0, 0, 0, 550, 551, 5, 90, 0, 0, 551, 556, 3, 114, 57, 0, 552, 553, 5, 38, 0, 0, 553, 555, 3, 114, 57, 0, 554, 552, 1, 0, 0, 0, 555, 558, 1, 0, 0, 0, 556, 554, 1, 0, 0, 0, 556, 557, 1, 0, 0, 0, 557, 560, 1, 0, 0, 0, 558, 556, 1, 0, 0, 0, 559, 550, 1, 0, 0, 0, 559, 560, 1, 0, 0, 0, 560, 113, 1, 0, 0, 0, 561, 562, 3, 56, 28, 0, 562, 563, 5, 36, 0, 0, 563, 565, 1, 0, 0, 0, 564, 561, 1, 0, 0, 0, 564, 565, 1, 0, 0, 0, 565, 566, 1, 0, 0, 0, 566, 567, 3, 56, 28, 0, 567, 115, 1, 0, 0, 0, 568, 569, 5, 11, 0, 0, 569, 570, 3, 34, 17, 0, 570, 571, 5, 89, 0, 0, 571, 572, 3, 58, 29, 0, 572, 117, 1, 0, 0, 0, 54, 129, 138, 154, 167, 176, 184, 188, 196, 198, 203, 210, 215, 226, 232, 240, 242, 253, 260, 271, 274, 288, 296, 304, 308, 315, 323, 331, 344, 348, 352, 359, 363, 369, 376, 384, 392, 414, 425, 436, 441, 445, 456, 461, 465, 479, 490, 504, 515, 518, 523, 548, 556, 559, 564] \ No newline at end of file +[4, 1, 126, 584, 2, 0, 7, 0, 2, 1, 7, 1, 2, 2, 7, 2, 2, 3, 7, 3, 2, 4, 7, 4, 2, 5, 7, 5, 2, 6, 7, 6, 2, 7, 7, 7, 2, 8, 7, 8, 2, 9, 7, 9, 2, 10, 7, 10, 2, 11, 7, 11, 2, 12, 7, 12, 2, 13, 7, 13, 2, 14, 7, 14, 2, 15, 7, 15, 2, 16, 7, 16, 2, 17, 7, 17, 2, 18, 7, 18, 2, 19, 7, 19, 2, 20, 7, 20, 2, 21, 7, 21, 2, 22, 7, 22, 2, 23, 7, 23, 2, 24, 7, 24, 2, 25, 7, 25, 2, 26, 7, 26, 2, 27, 7, 27, 2, 28, 7, 28, 2, 29, 7, 29, 2, 30, 7, 30, 2, 31, 7, 31, 2, 32, 7, 32, 2, 33, 7, 33, 2, 34, 7, 34, 2, 35, 7, 35, 2, 36, 7, 36, 2, 37, 7, 37, 2, 38, 7, 38, 2, 39, 7, 39, 2, 40, 7, 40, 2, 41, 7, 41, 2, 42, 7, 42, 2, 43, 7, 43, 2, 44, 7, 44, 2, 45, 7, 45, 2, 46, 7, 46, 2, 47, 7, 47, 2, 48, 7, 48, 2, 49, 7, 49, 2, 50, 7, 50, 2, 51, 7, 51, 2, 52, 7, 52, 2, 53, 7, 53, 2, 54, 7, 54, 2, 55, 7, 55, 2, 56, 7, 56, 2, 57, 7, 57, 2, 58, 7, 58, 2, 59, 7, 59, 2, 60, 7, 60, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 5, 1, 132, 8, 1, 10, 1, 12, 1, 135, 9, 1, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 1, 2, 3, 2, 143, 8, 2, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 1, 3, 3, 3, 160, 8, 3, 1, 4, 1, 4, 1, 4, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 3, 5, 173, 8, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 5, 5, 180, 8, 5, 10, 5, 12, 5, 183, 9, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 3, 5, 190, 8, 5, 1, 5, 1, 5, 3, 5, 194, 8, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 1, 5, 5, 5, 202, 8, 5, 10, 5, 12, 5, 205, 9, 5, 1, 6, 1, 6, 3, 6, 209, 8, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 3, 6, 216, 8, 6, 1, 6, 1, 6, 1, 6, 3, 6, 221, 8, 6, 1, 7, 1, 7, 1, 7, 1, 7, 1, 8, 1, 8, 1, 8, 1, 8, 1, 8, 3, 8, 232, 8, 8, 1, 9, 1, 9, 1, 9, 1, 9, 3, 9, 238, 8, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 1, 9, 5, 9, 246, 8, 9, 10, 9, 12, 9, 249, 9, 9, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 1, 10, 3, 10, 259, 8, 10, 1, 10, 1, 10, 1, 10, 5, 10, 264, 8, 10, 10, 10, 12, 10, 267, 9, 10, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 1, 11, 5, 11, 275, 8, 11, 10, 11, 12, 11, 278, 9, 11, 3, 11, 280, 8, 11, 1, 11, 1, 11, 1, 12, 1, 12, 1, 13, 1, 13, 1, 13, 1, 14, 1, 14, 1, 14, 5, 14, 292, 8, 14, 10, 14, 12, 14, 295, 9, 14, 1, 15, 1, 15, 1, 15, 1, 15, 1, 15, 3, 15, 302, 8, 15, 1, 16, 1, 16, 1, 16, 1, 16, 5, 16, 308, 8, 16, 10, 16, 12, 16, 311, 9, 16, 1, 16, 3, 16, 314, 8, 16, 1, 17, 1, 17, 1, 17, 1, 17, 1, 17, 3, 17, 321, 8, 17, 1, 18, 1, 18, 1, 19, 1, 19, 1, 20, 1, 20, 3, 20, 329, 8, 20, 1, 21, 1, 21, 1, 21, 1, 21, 5, 21, 335, 8, 21, 10, 21, 12, 21, 338, 9, 21, 1, 22, 1, 22, 1, 22, 1, 22, 1, 23, 1, 23, 1, 23, 1, 23, 5, 23, 348, 8, 23, 10, 23, 12, 23, 351, 9, 23, 1, 23, 3, 23, 354, 8, 23, 1, 23, 1, 23, 3, 23, 358, 8, 23, 1, 24, 1, 24, 1, 24, 1, 25, 1, 25, 3, 25, 365, 8, 25, 1, 25, 1, 25, 3, 25, 369, 8, 25, 1, 26, 1, 26, 1, 26, 1, 26, 3, 26, 375, 8, 26, 1, 27, 1, 27, 1, 27, 5, 27, 380, 8, 27, 10, 27, 12, 27, 383, 9, 27, 1, 28, 1, 28, 1, 28, 5, 28, 388, 8, 28, 10, 28, 12, 28, 391, 9, 28, 1, 29, 1, 29, 1, 29, 5, 29, 396, 8, 29, 10, 29, 12, 29, 399, 9, 29, 1, 30, 1, 30, 1, 31, 1, 31, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 5, 32, 418, 8, 32, 10, 32, 12, 32, 421, 9, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 5, 32, 429, 8, 32, 10, 32, 12, 32, 432, 9, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 1, 32, 5, 32, 440, 8, 32, 10, 32, 12, 32, 443, 9, 32, 1, 32, 1, 32, 3, 32, 447, 8, 32, 1, 33, 1, 33, 3, 33, 451, 8, 33, 1, 34, 1, 34, 1, 34, 1, 35, 1, 35, 1, 35, 1, 35, 5, 35, 460, 8, 35, 10, 35, 12, 35, 463, 9, 35, 1, 36, 1, 36, 3, 36, 467, 8, 36, 1, 36, 1, 36, 3, 36, 471, 8, 36, 1, 37, 1, 37, 1, 37, 1, 38, 1, 38, 1, 38, 1, 39, 1, 39, 1, 39, 1, 39, 5, 39, 483, 8, 39, 10, 39, 12, 39, 486, 9, 39, 1, 40, 1, 40, 1, 40, 1, 40, 1, 41, 1, 41, 1, 41, 1, 41, 3, 41, 496, 8, 41, 1, 42, 1, 42, 1, 42, 1, 42, 1, 43, 1, 43, 1, 43, 1, 44, 1, 44, 1, 44, 5, 44, 508, 8, 44, 10, 44, 12, 44, 511, 9, 44, 1, 45, 1, 45, 1, 45, 1, 45, 1, 46, 1, 46, 1, 47, 1, 47, 3, 47, 521, 8, 47, 1, 48, 3, 48, 524, 8, 48, 1, 48, 1, 48, 1, 49, 3, 49, 529, 8, 49, 1, 49, 1, 49, 1, 50, 1, 50, 1, 51, 1, 51, 1, 52, 1, 52, 1, 52, 1, 53, 1, 53, 1, 53, 1, 53, 1, 54, 1, 54, 1, 54, 1, 55, 1, 55, 1, 55, 1, 56, 1, 56, 1, 56, 1, 56, 3, 56, 554, 8, 56, 1, 56, 1, 56, 1, 56, 1, 56, 5, 56, 560, 8, 56, 10, 56, 12, 56, 563, 9, 56, 3, 56, 565, 8, 56, 1, 57, 1, 57, 1, 57, 3, 57, 570, 8, 57, 1, 57, 1, 57, 1, 58, 1, 58, 1, 58, 1, 58, 1, 58, 1, 59, 1, 59, 1, 59, 1, 60, 1, 60, 1, 60, 0, 4, 2, 10, 18, 20, 61, 0, 2, 4, 6, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, 28, 30, 32, 34, 36, 38, 40, 42, 44, 46, 48, 50, 52, 54, 56, 58, 60, 62, 64, 66, 68, 70, 72, 74, 76, 78, 80, 82, 84, 86, 88, 90, 92, 94, 96, 98, 100, 102, 104, 106, 108, 110, 112, 114, 116, 118, 120, 0, 8, 1, 0, 65, 66, 1, 0, 67, 69, 2, 0, 26, 26, 31, 31, 1, 0, 73, 74, 2, 0, 36, 36, 40, 40, 2, 0, 43, 43, 46, 46, 2, 0, 42, 42, 57, 57, 2, 0, 58, 58, 60, 64, 608, 0, 122, 1, 0, 0, 0, 2, 125, 1, 0, 0, 0, 4, 142, 1, 0, 0, 0, 6, 159, 1, 0, 0, 0, 8, 161, 1, 0, 0, 0, 10, 193, 1, 0, 0, 0, 12, 220, 1, 0, 0, 0, 14, 222, 1, 0, 0, 0, 16, 231, 1, 0, 0, 0, 18, 237, 1, 0, 0, 0, 20, 258, 1, 0, 0, 0, 22, 268, 1, 0, 0, 0, 24, 283, 1, 0, 0, 0, 26, 285, 1, 0, 0, 0, 28, 288, 1, 0, 0, 0, 30, 301, 1, 0, 0, 0, 32, 303, 1, 0, 0, 0, 34, 320, 1, 0, 0, 0, 36, 322, 1, 0, 0, 0, 38, 324, 1, 0, 0, 0, 40, 328, 1, 0, 0, 0, 42, 330, 1, 0, 0, 0, 44, 339, 1, 0, 0, 0, 46, 343, 1, 0, 0, 0, 48, 359, 1, 0, 0, 0, 50, 362, 1, 0, 0, 0, 52, 370, 1, 0, 0, 0, 54, 376, 1, 0, 0, 0, 56, 384, 1, 0, 0, 0, 58, 392, 1, 0, 0, 0, 60, 400, 1, 0, 0, 0, 62, 402, 1, 0, 0, 0, 64, 446, 1, 0, 0, 0, 66, 450, 1, 0, 0, 0, 68, 452, 1, 0, 0, 0, 70, 455, 1, 0, 0, 0, 72, 464, 1, 0, 0, 0, 74, 472, 1, 0, 0, 0, 76, 475, 1, 0, 0, 0, 78, 478, 1, 0, 0, 0, 80, 487, 1, 0, 0, 0, 82, 491, 1, 0, 0, 0, 84, 497, 1, 0, 0, 0, 86, 501, 1, 0, 0, 0, 88, 504, 1, 0, 0, 0, 90, 512, 1, 0, 0, 0, 92, 516, 1, 0, 0, 0, 94, 520, 1, 0, 0, 0, 96, 523, 1, 0, 0, 0, 98, 528, 1, 0, 0, 0, 100, 532, 1, 0, 0, 0, 102, 534, 1, 0, 0, 0, 104, 536, 1, 0, 0, 0, 106, 539, 1, 0, 0, 0, 108, 543, 1, 0, 0, 0, 110, 546, 1, 0, 0, 0, 112, 549, 1, 0, 0, 0, 114, 569, 1, 0, 0, 0, 116, 573, 1, 0, 0, 0, 118, 578, 1, 0, 0, 0, 120, 581, 1, 0, 0, 0, 122, 123, 3, 2, 1, 0, 123, 124, 5, 0, 0, 1, 124, 1, 1, 0, 0, 0, 125, 126, 6, 1, -1, 0, 126, 127, 3, 4, 2, 0, 127, 133, 1, 0, 0, 0, 128, 129, 10, 1, 0, 0, 129, 130, 5, 30, 0, 0, 130, 132, 3, 6, 3, 0, 131, 128, 1, 0, 0, 0, 132, 135, 1, 0, 0, 0, 133, 131, 1, 0, 0, 0, 133, 134, 1, 0, 0, 0, 134, 3, 1, 0, 0, 0, 135, 133, 1, 0, 0, 0, 136, 143, 3, 104, 52, 0, 137, 143, 3, 32, 16, 0, 138, 143, 3, 26, 13, 0, 139, 143, 3, 46, 23, 0, 140, 143, 3, 108, 54, 0, 141, 143, 3, 110, 55, 0, 142, 136, 1, 0, 0, 0, 142, 137, 1, 0, 0, 0, 142, 138, 1, 0, 0, 0, 142, 139, 1, 0, 0, 0, 142, 140, 1, 0, 0, 0, 142, 141, 1, 0, 0, 0, 143, 5, 1, 0, 0, 0, 144, 160, 3, 48, 24, 0, 145, 160, 3, 52, 26, 0, 146, 160, 3, 68, 34, 0, 147, 160, 3, 116, 58, 0, 148, 160, 3, 74, 37, 0, 149, 160, 3, 70, 35, 0, 150, 160, 3, 50, 25, 0, 151, 160, 3, 8, 4, 0, 152, 160, 3, 76, 38, 0, 153, 160, 3, 78, 39, 0, 154, 160, 3, 82, 41, 0, 155, 160, 3, 84, 42, 0, 156, 160, 3, 112, 56, 0, 157, 160, 3, 86, 43, 0, 158, 160, 3, 118, 59, 0, 159, 144, 1, 0, 0, 0, 159, 145, 1, 0, 0, 0, 159, 146, 1, 0, 0, 0, 159, 147, 1, 0, 0, 0, 159, 148, 1, 0, 0, 0, 159, 149, 1, 0, 0, 0, 159, 150, 1, 0, 0, 0, 159, 151, 1, 0, 0, 0, 159, 152, 1, 0, 0, 0, 159, 153, 1, 0, 0, 0, 159, 154, 1, 0, 0, 0, 159, 155, 1, 0, 0, 0, 159, 156, 1, 0, 0, 0, 159, 157, 1, 0, 0, 0, 159, 158, 1, 0, 0, 0, 160, 7, 1, 0, 0, 0, 161, 162, 5, 20, 0, 0, 162, 163, 3, 10, 5, 0, 163, 9, 1, 0, 0, 0, 164, 165, 6, 5, -1, 0, 165, 166, 5, 50, 0, 0, 166, 194, 3, 10, 5, 8, 167, 194, 3, 16, 8, 0, 168, 194, 3, 12, 6, 0, 169, 194, 3, 14, 7, 0, 170, 172, 3, 16, 8, 0, 171, 173, 5, 50, 0, 0, 172, 171, 1, 0, 0, 0, 172, 173, 1, 0, 0, 0, 173, 174, 1, 0, 0, 0, 174, 175, 5, 44, 0, 0, 175, 176, 5, 48, 0, 0, 176, 181, 3, 16, 8, 0, 177, 178, 5, 39, 0, 0, 178, 180, 3, 16, 8, 0, 179, 177, 1, 0, 0, 0, 180, 183, 1, 0, 0, 0, 181, 179, 1, 0, 0, 0, 181, 182, 1, 0, 0, 0, 182, 184, 1, 0, 0, 0, 183, 181, 1, 0, 0, 0, 184, 185, 5, 56, 0, 0, 185, 194, 1, 0, 0, 0, 186, 187, 3, 16, 8, 0, 187, 189, 5, 45, 0, 0, 188, 190, 5, 50, 0, 0, 189, 188, 1, 0, 0, 0, 189, 190, 1, 0, 0, 0, 190, 191, 1, 0, 0, 0, 191, 192, 5, 51, 0, 0, 192, 194, 1, 0, 0, 0, 193, 164, 1, 0, 0, 0, 193, 167, 1, 0, 0, 0, 193, 168, 1, 0, 0, 0, 193, 169, 1, 0, 0, 0, 193, 170, 1, 0, 0, 0, 193, 186, 1, 0, 0, 0, 194, 203, 1, 0, 0, 0, 195, 196, 10, 4, 0, 0, 196, 197, 5, 35, 0, 0, 197, 202, 3, 10, 5, 5, 198, 199, 10, 3, 0, 0, 199, 200, 5, 53, 0, 0, 200, 202, 3, 10, 5, 4, 201, 195, 1, 0, 0, 0, 201, 198, 1, 0, 0, 0, 202, 205, 1, 0, 0, 0, 203, 201, 1, 0, 0, 0, 203, 204, 1, 0, 0, 0, 204, 11, 1, 0, 0, 0, 205, 203, 1, 0, 0, 0, 206, 208, 3, 16, 8, 0, 207, 209, 5, 50, 0, 0, 208, 207, 1, 0, 0, 0, 208, 209, 1, 0, 0, 0, 209, 210, 1, 0, 0, 0, 210, 211, 5, 47, 0, 0, 211, 212, 3, 100, 50, 0, 212, 221, 1, 0, 0, 0, 213, 215, 3, 16, 8, 0, 214, 216, 5, 50, 0, 0, 215, 214, 1, 0, 0, 0, 215, 216, 1, 0, 0, 0, 216, 217, 1, 0, 0, 0, 217, 218, 5, 55, 0, 0, 218, 219, 3, 100, 50, 0, 219, 221, 1, 0, 0, 0, 220, 206, 1, 0, 0, 0, 220, 213, 1, 0, 0, 0, 221, 13, 1, 0, 0, 0, 222, 223, 3, 54, 27, 0, 223, 224, 5, 49, 0, 0, 224, 225, 3, 100, 50, 0, 225, 15, 1, 0, 0, 0, 226, 232, 3, 18, 9, 0, 227, 228, 3, 18, 9, 0, 228, 229, 3, 102, 51, 0, 229, 230, 3, 18, 9, 0, 230, 232, 1, 0, 0, 0, 231, 226, 1, 0, 0, 0, 231, 227, 1, 0, 0, 0, 232, 17, 1, 0, 0, 0, 233, 234, 6, 9, -1, 0, 234, 238, 3, 20, 10, 0, 235, 236, 7, 0, 0, 0, 236, 238, 3, 18, 9, 3, 237, 233, 1, 0, 0, 0, 237, 235, 1, 0, 0, 0, 238, 247, 1, 0, 0, 0, 239, 240, 10, 2, 0, 0, 240, 241, 7, 1, 0, 0, 241, 246, 3, 18, 9, 3, 242, 243, 10, 1, 0, 0, 243, 244, 7, 0, 0, 0, 244, 246, 3, 18, 9, 2, 245, 239, 1, 0, 0, 0, 245, 242, 1, 0, 0, 0, 246, 249, 1, 0, 0, 0, 247, 245, 1, 0, 0, 0, 247, 248, 1, 0, 0, 0, 248, 19, 1, 0, 0, 0, 249, 247, 1, 0, 0, 0, 250, 251, 6, 10, -1, 0, 251, 259, 3, 64, 32, 0, 252, 259, 3, 54, 27, 0, 253, 259, 3, 22, 11, 0, 254, 255, 5, 48, 0, 0, 255, 256, 3, 10, 5, 0, 256, 257, 5, 56, 0, 0, 257, 259, 1, 0, 0, 0, 258, 250, 1, 0, 0, 0, 258, 252, 1, 0, 0, 0, 258, 253, 1, 0, 0, 0, 258, 254, 1, 0, 0, 0, 259, 265, 1, 0, 0, 0, 260, 261, 10, 1, 0, 0, 261, 262, 5, 38, 0, 0, 262, 264, 3, 24, 12, 0, 263, 260, 1, 0, 0, 0, 264, 267, 1, 0, 0, 0, 265, 263, 1, 0, 0, 0, 265, 266, 1, 0, 0, 0, 266, 21, 1, 0, 0, 0, 267, 265, 1, 0, 0, 0, 268, 269, 3, 60, 30, 0, 269, 279, 5, 48, 0, 0, 270, 280, 5, 67, 0, 0, 271, 276, 3, 10, 5, 0, 272, 273, 5, 39, 0, 0, 273, 275, 3, 10, 5, 0, 274, 272, 1, 0, 0, 0, 275, 278, 1, 0, 0, 0, 276, 274, 1, 0, 0, 0, 276, 277, 1, 0, 0, 0, 277, 280, 1, 0, 0, 0, 278, 276, 1, 0, 0, 0, 279, 270, 1, 0, 0, 0, 279, 271, 1, 0, 0, 0, 279, 280, 1, 0, 0, 0, 280, 281, 1, 0, 0, 0, 281, 282, 5, 56, 0, 0, 282, 23, 1, 0, 0, 0, 283, 284, 3, 60, 30, 0, 284, 25, 1, 0, 0, 0, 285, 286, 5, 16, 0, 0, 286, 287, 3, 28, 14, 0, 287, 27, 1, 0, 0, 0, 288, 293, 3, 30, 15, 0, 289, 290, 5, 39, 0, 0, 290, 292, 3, 30, 15, 0, 291, 289, 1, 0, 0, 0, 292, 295, 1, 0, 0, 0, 293, 291, 1, 0, 0, 0, 293, 294, 1, 0, 0, 0, 294, 29, 1, 0, 0, 0, 295, 293, 1, 0, 0, 0, 296, 302, 3, 10, 5, 0, 297, 298, 3, 54, 27, 0, 298, 299, 5, 37, 0, 0, 299, 300, 3, 10, 5, 0, 300, 302, 1, 0, 0, 0, 301, 296, 1, 0, 0, 0, 301, 297, 1, 0, 0, 0, 302, 31, 1, 0, 0, 0, 303, 304, 5, 6, 0, 0, 304, 309, 3, 34, 17, 0, 305, 306, 5, 39, 0, 0, 306, 308, 3, 34, 17, 0, 307, 305, 1, 0, 0, 0, 308, 311, 1, 0, 0, 0, 309, 307, 1, 0, 0, 0, 309, 310, 1, 0, 0, 0, 310, 313, 1, 0, 0, 0, 311, 309, 1, 0, 0, 0, 312, 314, 3, 40, 20, 0, 313, 312, 1, 0, 0, 0, 313, 314, 1, 0, 0, 0, 314, 33, 1, 0, 0, 0, 315, 316, 3, 36, 18, 0, 316, 317, 5, 116, 0, 0, 317, 318, 3, 38, 19, 0, 318, 321, 1, 0, 0, 0, 319, 321, 3, 38, 19, 0, 320, 315, 1, 0, 0, 0, 320, 319, 1, 0, 0, 0, 321, 35, 1, 0, 0, 0, 322, 323, 5, 26, 0, 0, 323, 37, 1, 0, 0, 0, 324, 325, 7, 2, 0, 0, 325, 39, 1, 0, 0, 0, 326, 329, 3, 42, 21, 0, 327, 329, 3, 44, 22, 0, 328, 326, 1, 0, 0, 0, 328, 327, 1, 0, 0, 0, 329, 41, 1, 0, 0, 0, 330, 331, 5, 78, 0, 0, 331, 336, 5, 26, 0, 0, 332, 333, 5, 39, 0, 0, 333, 335, 5, 26, 0, 0, 334, 332, 1, 0, 0, 0, 335, 338, 1, 0, 0, 0, 336, 334, 1, 0, 0, 0, 336, 337, 1, 0, 0, 0, 337, 43, 1, 0, 0, 0, 338, 336, 1, 0, 0, 0, 339, 340, 5, 71, 0, 0, 340, 341, 3, 42, 21, 0, 341, 342, 5, 72, 0, 0, 342, 45, 1, 0, 0, 0, 343, 344, 5, 13, 0, 0, 344, 349, 3, 34, 17, 0, 345, 346, 5, 39, 0, 0, 346, 348, 3, 34, 17, 0, 347, 345, 1, 0, 0, 0, 348, 351, 1, 0, 0, 0, 349, 347, 1, 0, 0, 0, 349, 350, 1, 0, 0, 0, 350, 353, 1, 0, 0, 0, 351, 349, 1, 0, 0, 0, 352, 354, 3, 28, 14, 0, 353, 352, 1, 0, 0, 0, 353, 354, 1, 0, 0, 0, 354, 357, 1, 0, 0, 0, 355, 356, 5, 34, 0, 0, 356, 358, 3, 28, 14, 0, 357, 355, 1, 0, 0, 0, 357, 358, 1, 0, 0, 0, 358, 47, 1, 0, 0, 0, 359, 360, 5, 4, 0, 0, 360, 361, 3, 28, 14, 0, 361, 49, 1, 0, 0, 0, 362, 364, 5, 19, 0, 0, 363, 365, 3, 28, 14, 0, 364, 363, 1, 0, 0, 0, 364, 365, 1, 0, 0, 0, 365, 368, 1, 0, 0, 0, 366, 367, 5, 34, 0, 0, 367, 369, 3, 28, 14, 0, 368, 366, 1, 0, 0, 0, 368, 369, 1, 0, 0, 0, 369, 51, 1, 0, 0, 0, 370, 371, 5, 8, 0, 0, 371, 374, 3, 28, 14, 0, 372, 373, 5, 34, 0, 0, 373, 375, 3, 28, 14, 0, 374, 372, 1, 0, 0, 0, 374, 375, 1, 0, 0, 0, 375, 53, 1, 0, 0, 0, 376, 381, 3, 60, 30, 0, 377, 378, 5, 41, 0, 0, 378, 380, 3, 60, 30, 0, 379, 377, 1, 0, 0, 0, 380, 383, 1, 0, 0, 0, 381, 379, 1, 0, 0, 0, 381, 382, 1, 0, 0, 0, 382, 55, 1, 0, 0, 0, 383, 381, 1, 0, 0, 0, 384, 389, 3, 62, 31, 0, 385, 386, 5, 41, 0, 0, 386, 388, 3, 62, 31, 0, 387, 385, 1, 0, 0, 0, 388, 391, 1, 0, 0, 0, 389, 387, 1, 0, 0, 0, 389, 390, 1, 0, 0, 0, 390, 57, 1, 0, 0, 0, 391, 389, 1, 0, 0, 0, 392, 397, 3, 56, 28, 0, 393, 394, 5, 39, 0, 0, 394, 396, 3, 56, 28, 0, 395, 393, 1, 0, 0, 0, 396, 399, 1, 0, 0, 0, 397, 395, 1, 0, 0, 0, 397, 398, 1, 0, 0, 0, 398, 59, 1, 0, 0, 0, 399, 397, 1, 0, 0, 0, 400, 401, 7, 3, 0, 0, 401, 61, 1, 0, 0, 0, 402, 403, 5, 82, 0, 0, 403, 63, 1, 0, 0, 0, 404, 447, 5, 51, 0, 0, 405, 406, 3, 98, 49, 0, 406, 407, 5, 73, 0, 0, 407, 447, 1, 0, 0, 0, 408, 447, 3, 96, 48, 0, 409, 447, 3, 98, 49, 0, 410, 447, 3, 92, 46, 0, 411, 447, 3, 66, 33, 0, 412, 447, 3, 100, 50, 0, 413, 414, 5, 71, 0, 0, 414, 419, 3, 94, 47, 0, 415, 416, 5, 39, 0, 0, 416, 418, 3, 94, 47, 0, 417, 415, 1, 0, 0, 0, 418, 421, 1, 0, 0, 0, 419, 417, 1, 0, 0, 0, 419, 420, 1, 0, 0, 0, 420, 422, 1, 0, 0, 0, 421, 419, 1, 0, 0, 0, 422, 423, 5, 72, 0, 0, 423, 447, 1, 0, 0, 0, 424, 425, 5, 71, 0, 0, 425, 430, 3, 92, 46, 0, 426, 427, 5, 39, 0, 0, 427, 429, 3, 92, 46, 0, 428, 426, 1, 0, 0, 0, 429, 432, 1, 0, 0, 0, 430, 428, 1, 0, 0, 0, 430, 431, 1, 0, 0, 0, 431, 433, 1, 0, 0, 0, 432, 430, 1, 0, 0, 0, 433, 434, 5, 72, 0, 0, 434, 447, 1, 0, 0, 0, 435, 436, 5, 71, 0, 0, 436, 441, 3, 100, 50, 0, 437, 438, 5, 39, 0, 0, 438, 440, 3, 100, 50, 0, 439, 437, 1, 0, 0, 0, 440, 443, 1, 0, 0, 0, 441, 439, 1, 0, 0, 0, 441, 442, 1, 0, 0, 0, 442, 444, 1, 0, 0, 0, 443, 441, 1, 0, 0, 0, 444, 445, 5, 72, 0, 0, 445, 447, 1, 0, 0, 0, 446, 404, 1, 0, 0, 0, 446, 405, 1, 0, 0, 0, 446, 408, 1, 0, 0, 0, 446, 409, 1, 0, 0, 0, 446, 410, 1, 0, 0, 0, 446, 411, 1, 0, 0, 0, 446, 412, 1, 0, 0, 0, 446, 413, 1, 0, 0, 0, 446, 424, 1, 0, 0, 0, 446, 435, 1, 0, 0, 0, 447, 65, 1, 0, 0, 0, 448, 451, 5, 54, 0, 0, 449, 451, 5, 70, 0, 0, 450, 448, 1, 0, 0, 0, 450, 449, 1, 0, 0, 0, 451, 67, 1, 0, 0, 0, 452, 453, 5, 10, 0, 0, 453, 454, 5, 32, 0, 0, 454, 69, 1, 0, 0, 0, 455, 456, 5, 18, 0, 0, 456, 461, 3, 72, 36, 0, 457, 458, 5, 39, 0, 0, 458, 460, 3, 72, 36, 0, 459, 457, 1, 0, 0, 0, 460, 463, 1, 0, 0, 0, 461, 459, 1, 0, 0, 0, 461, 462, 1, 0, 0, 0, 462, 71, 1, 0, 0, 0, 463, 461, 1, 0, 0, 0, 464, 466, 3, 10, 5, 0, 465, 467, 7, 4, 0, 0, 466, 465, 1, 0, 0, 0, 466, 467, 1, 0, 0, 0, 467, 470, 1, 0, 0, 0, 468, 469, 5, 52, 0, 0, 469, 471, 7, 5, 0, 0, 470, 468, 1, 0, 0, 0, 470, 471, 1, 0, 0, 0, 471, 73, 1, 0, 0, 0, 472, 473, 5, 9, 0, 0, 473, 474, 3, 58, 29, 0, 474, 75, 1, 0, 0, 0, 475, 476, 5, 2, 0, 0, 476, 477, 3, 58, 29, 0, 477, 77, 1, 0, 0, 0, 478, 479, 5, 15, 0, 0, 479, 484, 3, 80, 40, 0, 480, 481, 5, 39, 0, 0, 481, 483, 3, 80, 40, 0, 482, 480, 1, 0, 0, 0, 483, 486, 1, 0, 0, 0, 484, 482, 1, 0, 0, 0, 484, 485, 1, 0, 0, 0, 485, 79, 1, 0, 0, 0, 486, 484, 1, 0, 0, 0, 487, 488, 3, 56, 28, 0, 488, 489, 5, 86, 0, 0, 489, 490, 3, 56, 28, 0, 490, 81, 1, 0, 0, 0, 491, 492, 5, 1, 0, 0, 492, 493, 3, 20, 10, 0, 493, 495, 3, 100, 50, 0, 494, 496, 3, 88, 44, 0, 495, 494, 1, 0, 0, 0, 495, 496, 1, 0, 0, 0, 496, 83, 1, 0, 0, 0, 497, 498, 5, 7, 0, 0, 498, 499, 3, 20, 10, 0, 499, 500, 3, 100, 50, 0, 500, 85, 1, 0, 0, 0, 501, 502, 5, 14, 0, 0, 502, 503, 3, 54, 27, 0, 503, 87, 1, 0, 0, 0, 504, 509, 3, 90, 45, 0, 505, 506, 5, 39, 0, 0, 506, 508, 3, 90, 45, 0, 507, 505, 1, 0, 0, 0, 508, 511, 1, 0, 0, 0, 509, 507, 1, 0, 0, 0, 509, 510, 1, 0, 0, 0, 510, 89, 1, 0, 0, 0, 511, 509, 1, 0, 0, 0, 512, 513, 3, 60, 30, 0, 513, 514, 5, 37, 0, 0, 514, 515, 3, 64, 32, 0, 515, 91, 1, 0, 0, 0, 516, 517, 7, 6, 0, 0, 517, 93, 1, 0, 0, 0, 518, 521, 3, 96, 48, 0, 519, 521, 3, 98, 49, 0, 520, 518, 1, 0, 0, 0, 520, 519, 1, 0, 0, 0, 521, 95, 1, 0, 0, 0, 522, 524, 7, 0, 0, 0, 523, 522, 1, 0, 0, 0, 523, 524, 1, 0, 0, 0, 524, 525, 1, 0, 0, 0, 525, 526, 5, 33, 0, 0, 526, 97, 1, 0, 0, 0, 527, 529, 7, 0, 0, 0, 528, 527, 1, 0, 0, 0, 528, 529, 1, 0, 0, 0, 529, 530, 1, 0, 0, 0, 530, 531, 5, 32, 0, 0, 531, 99, 1, 0, 0, 0, 532, 533, 5, 31, 0, 0, 533, 101, 1, 0, 0, 0, 534, 535, 7, 7, 0, 0, 535, 103, 1, 0, 0, 0, 536, 537, 5, 5, 0, 0, 537, 538, 3, 106, 53, 0, 538, 105, 1, 0, 0, 0, 539, 540, 5, 71, 0, 0, 540, 541, 3, 2, 1, 0, 541, 542, 5, 72, 0, 0, 542, 107, 1, 0, 0, 0, 543, 544, 5, 17, 0, 0, 544, 545, 5, 108, 0, 0, 545, 109, 1, 0, 0, 0, 546, 547, 5, 12, 0, 0, 547, 548, 5, 112, 0, 0, 548, 111, 1, 0, 0, 0, 549, 550, 5, 3, 0, 0, 550, 553, 5, 92, 0, 0, 551, 552, 5, 90, 0, 0, 552, 554, 3, 56, 28, 0, 553, 551, 1, 0, 0, 0, 553, 554, 1, 0, 0, 0, 554, 564, 1, 0, 0, 0, 555, 556, 5, 91, 0, 0, 556, 561, 3, 114, 57, 0, 557, 558, 5, 39, 0, 0, 558, 560, 3, 114, 57, 0, 559, 557, 1, 0, 0, 0, 560, 563, 1, 0, 0, 0, 561, 559, 1, 0, 0, 0, 561, 562, 1, 0, 0, 0, 562, 565, 1, 0, 0, 0, 563, 561, 1, 0, 0, 0, 564, 555, 1, 0, 0, 0, 564, 565, 1, 0, 0, 0, 565, 113, 1, 0, 0, 0, 566, 567, 3, 56, 28, 0, 567, 568, 5, 37, 0, 0, 568, 570, 1, 0, 0, 0, 569, 566, 1, 0, 0, 0, 569, 570, 1, 0, 0, 0, 570, 571, 1, 0, 0, 0, 571, 572, 3, 56, 28, 0, 572, 115, 1, 0, 0, 0, 573, 574, 5, 11, 0, 0, 574, 575, 3, 34, 17, 0, 575, 576, 5, 90, 0, 0, 576, 577, 3, 58, 29, 0, 577, 117, 1, 0, 0, 0, 578, 579, 5, 21, 0, 0, 579, 580, 3, 120, 60, 0, 580, 119, 1, 0, 0, 0, 581, 582, 5, 31, 0, 0, 582, 121, 1, 0, 0, 0, 54, 133, 142, 159, 172, 181, 189, 193, 201, 203, 208, 215, 220, 231, 237, 245, 247, 258, 265, 276, 279, 293, 301, 309, 313, 320, 328, 336, 349, 353, 357, 364, 368, 374, 381, 389, 397, 419, 430, 441, 446, 450, 461, 466, 470, 484, 495, 509, 520, 523, 528, 553, 561, 564, 569] \ No newline at end of file diff --git a/packages/kbn-esql-ast/src/antlr/esql_parser.tokens b/packages/kbn-esql-ast/src/antlr/esql_parser.tokens index 4cac289a33634..2d4bb481826f5 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_parser.tokens +++ b/packages/kbn-esql-ast/src/antlr/esql_parser.tokens @@ -18,111 +18,112 @@ SHOW=17 SORT=18 STATS=19 WHERE=20 -UNKNOWN_CMD=21 -LINE_COMMENT=22 -MULTILINE_COMMENT=23 -WS=24 -UNQUOTED_SOURCE=25 -EXPLAIN_WS=26 -EXPLAIN_LINE_COMMENT=27 -EXPLAIN_MULTILINE_COMMENT=28 -PIPE=29 -QUOTED_STRING=30 -INTEGER_LITERAL=31 -DECIMAL_LITERAL=32 -BY=33 -AND=34 -ASC=35 -ASSIGN=36 -CAST_OP=37 -COMMA=38 -DESC=39 -DOT=40 -FALSE=41 -FIRST=42 -IN=43 -IS=44 -LAST=45 -LIKE=46 -LP=47 -MATCH=48 -NOT=49 -NULL=50 -NULLS=51 -OR=52 -PARAM=53 -RLIKE=54 -RP=55 -TRUE=56 -EQ=57 -CIEQ=58 -NEQ=59 -LT=60 -LTE=61 -GT=62 -GTE=63 -PLUS=64 -MINUS=65 -ASTERISK=66 -SLASH=67 -PERCENT=68 -NAMED_OR_POSITIONAL_PARAM=69 -OPENING_BRACKET=70 -CLOSING_BRACKET=71 -UNQUOTED_IDENTIFIER=72 -QUOTED_IDENTIFIER=73 -EXPR_LINE_COMMENT=74 -EXPR_MULTILINE_COMMENT=75 -EXPR_WS=76 -METADATA=77 -FROM_LINE_COMMENT=78 -FROM_MULTILINE_COMMENT=79 -FROM_WS=80 -ID_PATTERN=81 -PROJECT_LINE_COMMENT=82 -PROJECT_MULTILINE_COMMENT=83 -PROJECT_WS=84 -AS=85 -RENAME_LINE_COMMENT=86 -RENAME_MULTILINE_COMMENT=87 -RENAME_WS=88 -ON=89 -WITH=90 -ENRICH_POLICY_NAME=91 -ENRICH_LINE_COMMENT=92 -ENRICH_MULTILINE_COMMENT=93 -ENRICH_WS=94 -ENRICH_FIELD_LINE_COMMENT=95 -ENRICH_FIELD_MULTILINE_COMMENT=96 -ENRICH_FIELD_WS=97 -LOOKUP_LINE_COMMENT=98 -LOOKUP_MULTILINE_COMMENT=99 -LOOKUP_WS=100 -LOOKUP_FIELD_LINE_COMMENT=101 -LOOKUP_FIELD_MULTILINE_COMMENT=102 -LOOKUP_FIELD_WS=103 -MVEXPAND_LINE_COMMENT=104 -MVEXPAND_MULTILINE_COMMENT=105 -MVEXPAND_WS=106 -INFO=107 -SHOW_LINE_COMMENT=108 -SHOW_MULTILINE_COMMENT=109 -SHOW_WS=110 -FUNCTIONS=111 -META_LINE_COMMENT=112 -META_MULTILINE_COMMENT=113 -META_WS=114 -COLON=115 -SETTING=116 -SETTING_LINE_COMMENT=117 -SETTTING_MULTILINE_COMMENT=118 -SETTING_WS=119 -METRICS_LINE_COMMENT=120 -METRICS_MULTILINE_COMMENT=121 -METRICS_WS=122 -CLOSING_METRICS_LINE_COMMENT=123 -CLOSING_METRICS_MULTILINE_COMMENT=124 -CLOSING_METRICS_WS=125 +MATCH=21 +UNKNOWN_CMD=22 +LINE_COMMENT=23 +MULTILINE_COMMENT=24 +WS=25 +UNQUOTED_SOURCE=26 +EXPLAIN_WS=27 +EXPLAIN_LINE_COMMENT=28 +EXPLAIN_MULTILINE_COMMENT=29 +PIPE=30 +QUOTED_STRING=31 +INTEGER_LITERAL=32 +DECIMAL_LITERAL=33 +BY=34 +AND=35 +ASC=36 +ASSIGN=37 +CAST_OP=38 +COMMA=39 +DESC=40 +DOT=41 +FALSE=42 +FIRST=43 +IN=44 +IS=45 +LAST=46 +LIKE=47 +LP=48 +MATCH_OPERATOR=49 +NOT=50 +NULL=51 +NULLS=52 +OR=53 +PARAM=54 +RLIKE=55 +RP=56 +TRUE=57 +EQ=58 +CIEQ=59 +NEQ=60 +LT=61 +LTE=62 +GT=63 +GTE=64 +PLUS=65 +MINUS=66 +ASTERISK=67 +SLASH=68 +PERCENT=69 +NAMED_OR_POSITIONAL_PARAM=70 +OPENING_BRACKET=71 +CLOSING_BRACKET=72 +UNQUOTED_IDENTIFIER=73 +QUOTED_IDENTIFIER=74 +EXPR_LINE_COMMENT=75 +EXPR_MULTILINE_COMMENT=76 +EXPR_WS=77 +METADATA=78 +FROM_LINE_COMMENT=79 +FROM_MULTILINE_COMMENT=80 +FROM_WS=81 +ID_PATTERN=82 +PROJECT_LINE_COMMENT=83 +PROJECT_MULTILINE_COMMENT=84 +PROJECT_WS=85 +AS=86 +RENAME_LINE_COMMENT=87 +RENAME_MULTILINE_COMMENT=88 +RENAME_WS=89 +ON=90 +WITH=91 +ENRICH_POLICY_NAME=92 +ENRICH_LINE_COMMENT=93 +ENRICH_MULTILINE_COMMENT=94 +ENRICH_WS=95 +ENRICH_FIELD_LINE_COMMENT=96 +ENRICH_FIELD_MULTILINE_COMMENT=97 +ENRICH_FIELD_WS=98 +LOOKUP_LINE_COMMENT=99 +LOOKUP_MULTILINE_COMMENT=100 +LOOKUP_WS=101 +LOOKUP_FIELD_LINE_COMMENT=102 +LOOKUP_FIELD_MULTILINE_COMMENT=103 +LOOKUP_FIELD_WS=104 +MVEXPAND_LINE_COMMENT=105 +MVEXPAND_MULTILINE_COMMENT=106 +MVEXPAND_WS=107 +INFO=108 +SHOW_LINE_COMMENT=109 +SHOW_MULTILINE_COMMENT=110 +SHOW_WS=111 +FUNCTIONS=112 +META_LINE_COMMENT=113 +META_MULTILINE_COMMENT=114 +META_WS=115 +COLON=116 +SETTING=117 +SETTING_LINE_COMMENT=118 +SETTTING_MULTILINE_COMMENT=119 +SETTING_WS=120 +METRICS_LINE_COMMENT=121 +METRICS_MULTILINE_COMMENT=122 +METRICS_WS=123 +CLOSING_METRICS_LINE_COMMENT=124 +CLOSING_METRICS_MULTILINE_COMMENT=125 +CLOSING_METRICS_WS=126 'dissect'=1 'drop'=2 'enrich'=3 @@ -143,48 +144,47 @@ CLOSING_METRICS_WS=125 'sort'=18 'stats'=19 'where'=20 -'|'=29 -'by'=33 -'and'=34 -'asc'=35 -'='=36 -'::'=37 -','=38 -'desc'=39 -'.'=40 -'false'=41 -'first'=42 -'in'=43 -'is'=44 -'last'=45 -'like'=46 -'('=47 -'match'=48 -'not'=49 -'null'=50 -'nulls'=51 -'or'=52 -'?'=53 -'rlike'=54 -')'=55 -'true'=56 -'=='=57 -'=~'=58 -'!='=59 -'<'=60 -'<='=61 -'>'=62 -'>='=63 -'+'=64 -'-'=65 -'*'=66 -'/'=67 -'%'=68 -']'=71 -'metadata'=77 -'as'=85 -'on'=89 -'with'=90 -'info'=107 -'functions'=111 -':'=115 +'|'=30 +'by'=34 +'and'=35 +'asc'=36 +'='=37 +'::'=38 +','=39 +'desc'=40 +'.'=41 +'false'=42 +'first'=43 +'in'=44 +'is'=45 +'last'=46 +'like'=47 +'('=48 +'not'=50 +'null'=51 +'nulls'=52 +'or'=53 +'?'=54 +'rlike'=55 +')'=56 +'true'=57 +'=='=58 +'=~'=59 +'!='=60 +'<'=61 +'<='=62 +'>'=63 +'>='=64 +'+'=65 +'-'=66 +'*'=67 +'/'=68 +'%'=69 +']'=72 +'metadata'=78 +'as'=86 +'on'=90 +'with'=91 +'info'=108 +'functions'=112 +':'=116 diff --git a/packages/kbn-esql-ast/src/antlr/esql_parser.ts b/packages/kbn-esql-ast/src/antlr/esql_parser.ts index b6b55f3c1d089..f2903de828ca5 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_parser.ts +++ b/packages/kbn-esql-ast/src/antlr/esql_parser.ts @@ -1,5 +1,5 @@ // @ts-nocheck -// Generated from src/antlr/esql_parser.g4 by ANTLR 4.13.1 +// Generated from src/antlr/esql_parser.g4 by ANTLR 4.13.2 // noinspection ES6UnusedImports,JSUnusedGlobalSymbols,JSUnusedLocalSymbols import { @@ -38,112 +38,113 @@ export default class esql_parser extends Parser { public static readonly SORT = 18; public static readonly STATS = 19; public static readonly WHERE = 20; - public static readonly UNKNOWN_CMD = 21; - public static readonly LINE_COMMENT = 22; - public static readonly MULTILINE_COMMENT = 23; - public static readonly WS = 24; - public static readonly UNQUOTED_SOURCE = 25; - public static readonly EXPLAIN_WS = 26; - public static readonly EXPLAIN_LINE_COMMENT = 27; - public static readonly EXPLAIN_MULTILINE_COMMENT = 28; - public static readonly PIPE = 29; - public static readonly QUOTED_STRING = 30; - public static readonly INTEGER_LITERAL = 31; - public static readonly DECIMAL_LITERAL = 32; - public static readonly BY = 33; - public static readonly AND = 34; - public static readonly ASC = 35; - public static readonly ASSIGN = 36; - public static readonly CAST_OP = 37; - public static readonly COMMA = 38; - public static readonly DESC = 39; - public static readonly DOT = 40; - public static readonly FALSE = 41; - public static readonly FIRST = 42; - public static readonly IN = 43; - public static readonly IS = 44; - public static readonly LAST = 45; - public static readonly LIKE = 46; - public static readonly LP = 47; - public static readonly MATCH = 48; - public static readonly NOT = 49; - public static readonly NULL = 50; - public static readonly NULLS = 51; - public static readonly OR = 52; - public static readonly PARAM = 53; - public static readonly RLIKE = 54; - public static readonly RP = 55; - public static readonly TRUE = 56; - public static readonly EQ = 57; - public static readonly CIEQ = 58; - public static readonly NEQ = 59; - public static readonly LT = 60; - public static readonly LTE = 61; - public static readonly GT = 62; - public static readonly GTE = 63; - public static readonly PLUS = 64; - public static readonly MINUS = 65; - public static readonly ASTERISK = 66; - public static readonly SLASH = 67; - public static readonly PERCENT = 68; - public static readonly NAMED_OR_POSITIONAL_PARAM = 69; - public static readonly OPENING_BRACKET = 70; - public static readonly CLOSING_BRACKET = 71; - public static readonly UNQUOTED_IDENTIFIER = 72; - public static readonly QUOTED_IDENTIFIER = 73; - public static readonly EXPR_LINE_COMMENT = 74; - public static readonly EXPR_MULTILINE_COMMENT = 75; - public static readonly EXPR_WS = 76; - public static readonly METADATA = 77; - public static readonly FROM_LINE_COMMENT = 78; - public static readonly FROM_MULTILINE_COMMENT = 79; - public static readonly FROM_WS = 80; - public static readonly ID_PATTERN = 81; - public static readonly PROJECT_LINE_COMMENT = 82; - public static readonly PROJECT_MULTILINE_COMMENT = 83; - public static readonly PROJECT_WS = 84; - public static readonly AS = 85; - public static readonly RENAME_LINE_COMMENT = 86; - public static readonly RENAME_MULTILINE_COMMENT = 87; - public static readonly RENAME_WS = 88; - public static readonly ON = 89; - public static readonly WITH = 90; - public static readonly ENRICH_POLICY_NAME = 91; - public static readonly ENRICH_LINE_COMMENT = 92; - public static readonly ENRICH_MULTILINE_COMMENT = 93; - public static readonly ENRICH_WS = 94; - public static readonly ENRICH_FIELD_LINE_COMMENT = 95; - public static readonly ENRICH_FIELD_MULTILINE_COMMENT = 96; - public static readonly ENRICH_FIELD_WS = 97; - public static readonly LOOKUP_LINE_COMMENT = 98; - public static readonly LOOKUP_MULTILINE_COMMENT = 99; - public static readonly LOOKUP_WS = 100; - public static readonly LOOKUP_FIELD_LINE_COMMENT = 101; - public static readonly LOOKUP_FIELD_MULTILINE_COMMENT = 102; - public static readonly LOOKUP_FIELD_WS = 103; - public static readonly MVEXPAND_LINE_COMMENT = 104; - public static readonly MVEXPAND_MULTILINE_COMMENT = 105; - public static readonly MVEXPAND_WS = 106; - public static readonly INFO = 107; - public static readonly SHOW_LINE_COMMENT = 108; - public static readonly SHOW_MULTILINE_COMMENT = 109; - public static readonly SHOW_WS = 110; - public static readonly FUNCTIONS = 111; - public static readonly META_LINE_COMMENT = 112; - public static readonly META_MULTILINE_COMMENT = 113; - public static readonly META_WS = 114; - public static readonly COLON = 115; - public static readonly SETTING = 116; - public static readonly SETTING_LINE_COMMENT = 117; - public static readonly SETTTING_MULTILINE_COMMENT = 118; - public static readonly SETTING_WS = 119; - public static readonly METRICS_LINE_COMMENT = 120; - public static readonly METRICS_MULTILINE_COMMENT = 121; - public static readonly METRICS_WS = 122; - public static readonly CLOSING_METRICS_LINE_COMMENT = 123; - public static readonly CLOSING_METRICS_MULTILINE_COMMENT = 124; - public static readonly CLOSING_METRICS_WS = 125; - public static readonly EOF = Token.EOF; + public static readonly MATCH = 21; + public static readonly UNKNOWN_CMD = 22; + public static readonly LINE_COMMENT = 23; + public static readonly MULTILINE_COMMENT = 24; + public static readonly WS = 25; + public static readonly UNQUOTED_SOURCE = 26; + public static readonly EXPLAIN_WS = 27; + public static readonly EXPLAIN_LINE_COMMENT = 28; + public static readonly EXPLAIN_MULTILINE_COMMENT = 29; + public static readonly PIPE = 30; + public static readonly QUOTED_STRING = 31; + public static readonly INTEGER_LITERAL = 32; + public static readonly DECIMAL_LITERAL = 33; + public static readonly BY = 34; + public static readonly AND = 35; + public static readonly ASC = 36; + public static readonly ASSIGN = 37; + public static readonly CAST_OP = 38; + public static readonly COMMA = 39; + public static readonly DESC = 40; + public static readonly DOT = 41; + public static readonly FALSE = 42; + public static readonly FIRST = 43; + public static readonly IN = 44; + public static readonly IS = 45; + public static readonly LAST = 46; + public static readonly LIKE = 47; + public static readonly LP = 48; + public static readonly MATCH_OPERATOR = 49; + public static readonly NOT = 50; + public static readonly NULL = 51; + public static readonly NULLS = 52; + public static readonly OR = 53; + public static readonly PARAM = 54; + public static readonly RLIKE = 55; + public static readonly RP = 56; + public static readonly TRUE = 57; + public static readonly EQ = 58; + public static readonly CIEQ = 59; + public static readonly NEQ = 60; + public static readonly LT = 61; + public static readonly LTE = 62; + public static readonly GT = 63; + public static readonly GTE = 64; + public static readonly PLUS = 65; + public static readonly MINUS = 66; + public static readonly ASTERISK = 67; + public static readonly SLASH = 68; + public static readonly PERCENT = 69; + public static readonly NAMED_OR_POSITIONAL_PARAM = 70; + public static readonly OPENING_BRACKET = 71; + public static readonly CLOSING_BRACKET = 72; + public static readonly UNQUOTED_IDENTIFIER = 73; + public static readonly QUOTED_IDENTIFIER = 74; + public static readonly EXPR_LINE_COMMENT = 75; + public static readonly EXPR_MULTILINE_COMMENT = 76; + public static readonly EXPR_WS = 77; + public static readonly METADATA = 78; + public static readonly FROM_LINE_COMMENT = 79; + public static readonly FROM_MULTILINE_COMMENT = 80; + public static readonly FROM_WS = 81; + public static readonly ID_PATTERN = 82; + public static readonly PROJECT_LINE_COMMENT = 83; + public static readonly PROJECT_MULTILINE_COMMENT = 84; + public static readonly PROJECT_WS = 85; + public static readonly AS = 86; + public static readonly RENAME_LINE_COMMENT = 87; + public static readonly RENAME_MULTILINE_COMMENT = 88; + public static readonly RENAME_WS = 89; + public static readonly ON = 90; + public static readonly WITH = 91; + public static readonly ENRICH_POLICY_NAME = 92; + public static readonly ENRICH_LINE_COMMENT = 93; + public static readonly ENRICH_MULTILINE_COMMENT = 94; + public static readonly ENRICH_WS = 95; + public static readonly ENRICH_FIELD_LINE_COMMENT = 96; + public static readonly ENRICH_FIELD_MULTILINE_COMMENT = 97; + public static readonly ENRICH_FIELD_WS = 98; + public static readonly LOOKUP_LINE_COMMENT = 99; + public static readonly LOOKUP_MULTILINE_COMMENT = 100; + public static readonly LOOKUP_WS = 101; + public static readonly LOOKUP_FIELD_LINE_COMMENT = 102; + public static readonly LOOKUP_FIELD_MULTILINE_COMMENT = 103; + public static readonly LOOKUP_FIELD_WS = 104; + public static readonly MVEXPAND_LINE_COMMENT = 105; + public static readonly MVEXPAND_MULTILINE_COMMENT = 106; + public static readonly MVEXPAND_WS = 107; + public static readonly INFO = 108; + public static readonly SHOW_LINE_COMMENT = 109; + public static readonly SHOW_MULTILINE_COMMENT = 110; + public static readonly SHOW_WS = 111; + public static readonly FUNCTIONS = 112; + public static readonly META_LINE_COMMENT = 113; + public static readonly META_MULTILINE_COMMENT = 114; + public static readonly META_WS = 115; + public static readonly COLON = 116; + public static readonly SETTING = 117; + public static readonly SETTING_LINE_COMMENT = 118; + public static readonly SETTTING_MULTILINE_COMMENT = 119; + public static readonly SETTING_WS = 120; + public static readonly METRICS_LINE_COMMENT = 121; + public static readonly METRICS_MULTILINE_COMMENT = 122; + public static readonly METRICS_WS = 123; + public static readonly CLOSING_METRICS_LINE_COMMENT = 124; + public static readonly CLOSING_METRICS_MULTILINE_COMMENT = 125; + public static readonly CLOSING_METRICS_WS = 126; + public static override readonly EOF = Token.EOF; public static readonly RULE_singleStatement = 0; public static readonly RULE_query = 1; public static readonly RULE_sourceCommand = 2; @@ -203,6 +204,8 @@ export default class esql_parser extends Parser { public static readonly RULE_enrichCommand = 56; public static readonly RULE_enrichWithClause = 57; public static readonly RULE_lookupCommand = 58; + public static readonly RULE_matchCommand = 59; + public static readonly RULE_matchQuery = 60; public static readonly literalNames: (string | null)[] = [ null, "'dissect'", "'drop'", "'enrich'", "'eval'", "'explain'", @@ -219,31 +222,32 @@ export default class esql_parser extends Parser { null, null, null, null, null, null, - null, "'|'", null, null, - null, "'by'", - "'and'", "'asc'", - "'='", "'::'", - "','", "'desc'", - "'.'", "'false'", - "'first'", "'in'", - "'is'", "'last'", - "'like'", "'('", - "'match'", "'not'", - "'null'", "'nulls'", - "'or'", "'?'", - "'rlike'", "')'", - "'true'", "'=='", - "'=~'", "'!='", - "'<'", "'<='", - "'>'", "'>='", - "'+'", "'-'", - "'*'", "'/'", - "'%'", null, - null, "']'", + "'|'", null, null, null, + "'by'", "'and'", + "'asc'", "'='", + "'::'", "','", + "'desc'", "'.'", + "'false'", "'first'", + "'in'", "'is'", + "'last'", "'like'", + "'('", null, + "'not'", "'null'", + "'nulls'", "'or'", + "'?'", "'rlike'", + "')'", "'true'", + "'=='", "'=~'", + "'!='", "'<'", + "'<='", "'>'", + "'>='", "'+'", + "'-'", "'*'", + "'/'", "'%'", null, null, - null, "'metadata'", + "']'", null, + null, null, + null, null, + "'metadata'", null, null, null, null, null, null, @@ -275,7 +279,7 @@ export default class esql_parser extends Parser { "RENAME", "ROW", "SHOW", "SORT", "STATS", "WHERE", - "UNKNOWN_CMD", + "MATCH", "UNKNOWN_CMD", "LINE_COMMENT", "MULTILINE_COMMENT", "WS", "UNQUOTED_SOURCE", @@ -293,16 +297,16 @@ export default class esql_parser extends Parser { "FIRST", "IN", "IS", "LAST", "LIKE", "LP", - "MATCH", "NOT", - "NULL", "NULLS", - "OR", "PARAM", - "RLIKE", "RP", - "TRUE", "EQ", - "CIEQ", "NEQ", - "LT", "LTE", - "GT", "GTE", - "PLUS", "MINUS", - "ASTERISK", + "MATCH_OPERATOR", + "NOT", "NULL", + "NULLS", "OR", + "PARAM", "RLIKE", + "RP", "TRUE", + "EQ", "CIEQ", + "NEQ", "LT", + "LTE", "GT", + "GTE", "PLUS", + "MINUS", "ASTERISK", "SLASH", "PERCENT", "NAMED_OR_POSITIONAL_PARAM", "OPENING_BRACKET", @@ -371,7 +375,8 @@ export default class esql_parser extends Parser { "dissectCommand", "grokCommand", "mvExpandCommand", "commandOptions", "commandOption", "booleanValue", "numericValue", "decimalValue", "integerValue", "string", "comparisonOperator", "explainCommand", "subqueryExpression", - "showCommand", "metaCommand", "enrichCommand", "enrichWithClause", "lookupCommand", + "showCommand", "metaCommand", "enrichCommand", "enrichWithClause", "lookupCommand", + "matchCommand", "matchQuery", ]; public get grammarFileName(): string { return "esql_parser.g4"; } public get literalNames(): (string | null)[] { return esql_parser.literalNames; } @@ -394,9 +399,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 118; + this.state = 122; this.query(0); - this.state = 119; + this.state = 123; this.match(esql_parser.EOF); } } @@ -438,11 +443,11 @@ export default class esql_parser extends Parser { this._ctx = localctx; _prevctx = localctx; - this.state = 122; + this.state = 126; this.sourceCommand(); } this._ctx.stop = this._input.LT(-1); - this.state = 129; + this.state = 133; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 0, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { @@ -455,18 +460,18 @@ export default class esql_parser extends Parser { { localctx = new CompositeQueryContext(this, new QueryContext(this, _parentctx, _parentState)); this.pushNewRecursionContext(localctx, _startState, esql_parser.RULE_query); - this.state = 124; + this.state = 128; if (!(this.precpred(this._ctx, 1))) { throw this.createFailedPredicateException("this.precpred(this._ctx, 1)"); } - this.state = 125; + this.state = 129; this.match(esql_parser.PIPE); - this.state = 126; + this.state = 130; this.processingCommand(); } } } - this.state = 131; + this.state = 135; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 0, this._ctx); } @@ -491,48 +496,48 @@ export default class esql_parser extends Parser { let localctx: SourceCommandContext = new SourceCommandContext(this, this._ctx, this.state); this.enterRule(localctx, 4, esql_parser.RULE_sourceCommand); try { - this.state = 138; + this.state = 142; this._errHandler.sync(this); switch (this._input.LA(1)) { case 5: this.enterOuterAlt(localctx, 1); { - this.state = 132; + this.state = 136; this.explainCommand(); } break; case 6: this.enterOuterAlt(localctx, 2); { - this.state = 133; + this.state = 137; this.fromCommand(); } break; case 16: this.enterOuterAlt(localctx, 3); { - this.state = 134; + this.state = 138; this.rowCommand(); } break; case 13: this.enterOuterAlt(localctx, 4); { - this.state = 135; + this.state = 139; this.metricsCommand(); } break; case 17: this.enterOuterAlt(localctx, 5); { - this.state = 136; + this.state = 140; this.showCommand(); } break; case 12: this.enterOuterAlt(localctx, 6); { - this.state = 137; + this.state = 141; this.metaCommand(); } break; @@ -559,107 +564,114 @@ export default class esql_parser extends Parser { let localctx: ProcessingCommandContext = new ProcessingCommandContext(this, this._ctx, this.state); this.enterRule(localctx, 6, esql_parser.RULE_processingCommand); try { - this.state = 154; + this.state = 159; this._errHandler.sync(this); switch (this._input.LA(1)) { case 4: this.enterOuterAlt(localctx, 1); { - this.state = 140; + this.state = 144; this.evalCommand(); } break; case 8: this.enterOuterAlt(localctx, 2); { - this.state = 141; + this.state = 145; this.inlinestatsCommand(); } break; case 10: this.enterOuterAlt(localctx, 3); { - this.state = 142; + this.state = 146; this.limitCommand(); } break; case 11: this.enterOuterAlt(localctx, 4); { - this.state = 143; + this.state = 147; this.lookupCommand(); } break; case 9: this.enterOuterAlt(localctx, 5); { - this.state = 144; + this.state = 148; this.keepCommand(); } break; case 18: this.enterOuterAlt(localctx, 6); { - this.state = 145; + this.state = 149; this.sortCommand(); } break; case 19: this.enterOuterAlt(localctx, 7); { - this.state = 146; + this.state = 150; this.statsCommand(); } break; case 20: this.enterOuterAlt(localctx, 8); { - this.state = 147; + this.state = 151; this.whereCommand(); } break; case 2: this.enterOuterAlt(localctx, 9); { - this.state = 148; + this.state = 152; this.dropCommand(); } break; case 15: this.enterOuterAlt(localctx, 10); { - this.state = 149; + this.state = 153; this.renameCommand(); } break; case 1: this.enterOuterAlt(localctx, 11); { - this.state = 150; + this.state = 154; this.dissectCommand(); } break; case 7: this.enterOuterAlt(localctx, 12); { - this.state = 151; + this.state = 155; this.grokCommand(); } break; case 3: this.enterOuterAlt(localctx, 13); { - this.state = 152; + this.state = 156; this.enrichCommand(); } break; case 14: this.enterOuterAlt(localctx, 14); { - this.state = 153; + this.state = 157; this.mvExpandCommand(); } break; + case 21: + this.enterOuterAlt(localctx, 15); + { + this.state = 158; + this.matchCommand(); + } + break; default: throw new NoViableAltException(this); } @@ -685,9 +697,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 156; + this.state = 161; this.match(esql_parser.WHERE); - this.state = 157; + this.state = 162; this.booleanExpression(0); } } @@ -725,7 +737,7 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 188; + this.state = 193; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 6, this._ctx) ) { case 1: @@ -734,9 +746,9 @@ export default class esql_parser extends Parser { this._ctx = localctx; _prevctx = localctx; - this.state = 160; + this.state = 165; this.match(esql_parser.NOT); - this.state = 161; + this.state = 166; this.booleanExpression(8); } break; @@ -745,7 +757,7 @@ export default class esql_parser extends Parser { localctx = new BooleanDefaultContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 162; + this.state = 167; this.valueExpression(); } break; @@ -754,7 +766,7 @@ export default class esql_parser extends Parser { localctx = new RegexExpressionContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 163; + this.state = 168; this.regexBooleanExpression(); } break; @@ -763,7 +775,7 @@ export default class esql_parser extends Parser { localctx = new MatchExpressionContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 164; + this.state = 169; this.matchBooleanExpression(); } break; @@ -772,41 +784,41 @@ export default class esql_parser extends Parser { localctx = new LogicalInContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 165; + this.state = 170; this.valueExpression(); - this.state = 167; + this.state = 172; this._errHandler.sync(this); _la = this._input.LA(1); - if (_la===49) { + if (_la===50) { { - this.state = 166; + this.state = 171; this.match(esql_parser.NOT); } } - this.state = 169; + this.state = 174; this.match(esql_parser.IN); - this.state = 170; + this.state = 175; this.match(esql_parser.LP); - this.state = 171; - this.valueExpression(); this.state = 176; + this.valueExpression(); + this.state = 181; this._errHandler.sync(this); _la = this._input.LA(1); - while (_la===38) { + while (_la===39) { { { - this.state = 172; + this.state = 177; this.match(esql_parser.COMMA); - this.state = 173; + this.state = 178; this.valueExpression(); } } - this.state = 178; + this.state = 183; this._errHandler.sync(this); _la = this._input.LA(1); } - this.state = 179; + this.state = 184; this.match(esql_parser.RP); } break; @@ -815,27 +827,27 @@ export default class esql_parser extends Parser { localctx = new IsNullContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 181; + this.state = 186; this.valueExpression(); - this.state = 182; + this.state = 187; this.match(esql_parser.IS); - this.state = 184; + this.state = 189; this._errHandler.sync(this); _la = this._input.LA(1); - if (_la===49) { + if (_la===50) { { - this.state = 183; + this.state = 188; this.match(esql_parser.NOT); } } - this.state = 186; + this.state = 191; this.match(esql_parser.NULL); } break; } this._ctx.stop = this._input.LT(-1); - this.state = 198; + this.state = 203; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 8, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { @@ -845,7 +857,7 @@ export default class esql_parser extends Parser { } _prevctx = localctx; { - this.state = 196; + this.state = 201; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 7, this._ctx) ) { case 1: @@ -853,13 +865,13 @@ export default class esql_parser extends Parser { localctx = new LogicalBinaryContext(this, new BooleanExpressionContext(this, _parentctx, _parentState)); (localctx as LogicalBinaryContext)._left = _prevctx; this.pushNewRecursionContext(localctx, _startState, esql_parser.RULE_booleanExpression); - this.state = 190; + this.state = 195; if (!(this.precpred(this._ctx, 4))) { throw this.createFailedPredicateException("this.precpred(this._ctx, 4)"); } - this.state = 191; + this.state = 196; (localctx as LogicalBinaryContext)._operator = this.match(esql_parser.AND); - this.state = 192; + this.state = 197; (localctx as LogicalBinaryContext)._right = this.booleanExpression(5); } break; @@ -868,20 +880,20 @@ export default class esql_parser extends Parser { localctx = new LogicalBinaryContext(this, new BooleanExpressionContext(this, _parentctx, _parentState)); (localctx as LogicalBinaryContext)._left = _prevctx; this.pushNewRecursionContext(localctx, _startState, esql_parser.RULE_booleanExpression); - this.state = 193; + this.state = 198; if (!(this.precpred(this._ctx, 3))) { throw this.createFailedPredicateException("this.precpred(this._ctx, 3)"); } - this.state = 194; + this.state = 199; (localctx as LogicalBinaryContext)._operator = this.match(esql_parser.OR); - this.state = 195; + this.state = 200; (localctx as LogicalBinaryContext)._right = this.booleanExpression(4); } break; } } } - this.state = 200; + this.state = 205; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 8, this._ctx); } @@ -907,48 +919,48 @@ export default class esql_parser extends Parser { this.enterRule(localctx, 12, esql_parser.RULE_regexBooleanExpression); let _la: number; try { - this.state = 215; + this.state = 220; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 11, this._ctx) ) { case 1: this.enterOuterAlt(localctx, 1); { - this.state = 201; + this.state = 206; this.valueExpression(); - this.state = 203; + this.state = 208; this._errHandler.sync(this); _la = this._input.LA(1); - if (_la===49) { + if (_la===50) { { - this.state = 202; + this.state = 207; this.match(esql_parser.NOT); } } - this.state = 205; + this.state = 210; localctx._kind = this.match(esql_parser.LIKE); - this.state = 206; + this.state = 211; localctx._pattern = this.string_(); } break; case 2: this.enterOuterAlt(localctx, 2); { - this.state = 208; + this.state = 213; this.valueExpression(); - this.state = 210; + this.state = 215; this._errHandler.sync(this); _la = this._input.LA(1); - if (_la===49) { + if (_la===50) { { - this.state = 209; + this.state = 214; this.match(esql_parser.NOT); } } - this.state = 212; + this.state = 217; localctx._kind = this.match(esql_parser.RLIKE); - this.state = 213; + this.state = 218; localctx._pattern = this.string_(); } break; @@ -975,11 +987,11 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 217; + this.state = 222; this.qualifiedName(); - this.state = 218; - this.match(esql_parser.MATCH); - this.state = 219; + this.state = 223; + this.match(esql_parser.MATCH_OPERATOR); + this.state = 224; localctx._queryString = this.string_(); } } @@ -1002,14 +1014,14 @@ export default class esql_parser extends Parser { let localctx: ValueExpressionContext = new ValueExpressionContext(this, this._ctx, this.state); this.enterRule(localctx, 16, esql_parser.RULE_valueExpression); try { - this.state = 226; + this.state = 231; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 12, this._ctx) ) { case 1: localctx = new ValueExpressionDefaultContext(this, localctx); this.enterOuterAlt(localctx, 1); { - this.state = 221; + this.state = 226; this.operatorExpression(0); } break; @@ -1017,11 +1029,11 @@ export default class esql_parser extends Parser { localctx = new ComparisonContext(this, localctx); this.enterOuterAlt(localctx, 2); { - this.state = 222; + this.state = 227; (localctx as ComparisonContext)._left = this.operatorExpression(0); - this.state = 223; + this.state = 228; this.comparisonOperator(); - this.state = 224; + this.state = 229; (localctx as ComparisonContext)._right = this.operatorExpression(0); } break; @@ -1061,7 +1073,7 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 232; + this.state = 237; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 13, this._ctx) ) { case 1: @@ -1070,7 +1082,7 @@ export default class esql_parser extends Parser { this._ctx = localctx; _prevctx = localctx; - this.state = 229; + this.state = 234; this.primaryExpression(0); } break; @@ -1079,23 +1091,23 @@ export default class esql_parser extends Parser { localctx = new ArithmeticUnaryContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 230; + this.state = 235; (localctx as ArithmeticUnaryContext)._operator = this._input.LT(1); _la = this._input.LA(1); - if(!(_la===64 || _la===65)) { + if(!(_la===65 || _la===66)) { (localctx as ArithmeticUnaryContext)._operator = this._errHandler.recoverInline(this); } else { this._errHandler.reportMatch(this); this.consume(); } - this.state = 231; + this.state = 236; this.operatorExpression(3); } break; } this._ctx.stop = this._input.LT(-1); - this.state = 242; + this.state = 247; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 15, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { @@ -1105,7 +1117,7 @@ export default class esql_parser extends Parser { } _prevctx = localctx; { - this.state = 240; + this.state = 245; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 14, this._ctx) ) { case 1: @@ -1113,21 +1125,21 @@ export default class esql_parser extends Parser { localctx = new ArithmeticBinaryContext(this, new OperatorExpressionContext(this, _parentctx, _parentState)); (localctx as ArithmeticBinaryContext)._left = _prevctx; this.pushNewRecursionContext(localctx, _startState, esql_parser.RULE_operatorExpression); - this.state = 234; + this.state = 239; if (!(this.precpred(this._ctx, 2))) { throw this.createFailedPredicateException("this.precpred(this._ctx, 2)"); } - this.state = 235; + this.state = 240; (localctx as ArithmeticBinaryContext)._operator = this._input.LT(1); _la = this._input.LA(1); - if(!(((((_la - 66)) & ~0x1F) === 0 && ((1 << (_la - 66)) & 7) !== 0))) { + if(!(((((_la - 67)) & ~0x1F) === 0 && ((1 << (_la - 67)) & 7) !== 0))) { (localctx as ArithmeticBinaryContext)._operator = this._errHandler.recoverInline(this); } else { this._errHandler.reportMatch(this); this.consume(); } - this.state = 236; + this.state = 241; (localctx as ArithmeticBinaryContext)._right = this.operatorExpression(3); } break; @@ -1136,28 +1148,28 @@ export default class esql_parser extends Parser { localctx = new ArithmeticBinaryContext(this, new OperatorExpressionContext(this, _parentctx, _parentState)); (localctx as ArithmeticBinaryContext)._left = _prevctx; this.pushNewRecursionContext(localctx, _startState, esql_parser.RULE_operatorExpression); - this.state = 237; + this.state = 242; if (!(this.precpred(this._ctx, 1))) { throw this.createFailedPredicateException("this.precpred(this._ctx, 1)"); } - this.state = 238; + this.state = 243; (localctx as ArithmeticBinaryContext)._operator = this._input.LT(1); _la = this._input.LA(1); - if(!(_la===64 || _la===65)) { + if(!(_la===65 || _la===66)) { (localctx as ArithmeticBinaryContext)._operator = this._errHandler.recoverInline(this); } else { this._errHandler.reportMatch(this); this.consume(); } - this.state = 239; + this.state = 244; (localctx as ArithmeticBinaryContext)._right = this.operatorExpression(2); } break; } } } - this.state = 244; + this.state = 249; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 15, this._ctx); } @@ -1196,7 +1208,7 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 253; + this.state = 258; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 16, this._ctx) ) { case 1: @@ -1205,7 +1217,7 @@ export default class esql_parser extends Parser { this._ctx = localctx; _prevctx = localctx; - this.state = 246; + this.state = 251; this.constant(); } break; @@ -1214,7 +1226,7 @@ export default class esql_parser extends Parser { localctx = new DereferenceContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 247; + this.state = 252; this.qualifiedName(); } break; @@ -1223,7 +1235,7 @@ export default class esql_parser extends Parser { localctx = new FunctionContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 248; + this.state = 253; this.functionExpression(); } break; @@ -1232,17 +1244,17 @@ export default class esql_parser extends Parser { localctx = new ParenthesizedExpressionContext(this, localctx); this._ctx = localctx; _prevctx = localctx; - this.state = 249; + this.state = 254; this.match(esql_parser.LP); - this.state = 250; + this.state = 255; this.booleanExpression(0); - this.state = 251; + this.state = 256; this.match(esql_parser.RP); } break; } this._ctx.stop = this._input.LT(-1); - this.state = 260; + this.state = 265; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 17, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { @@ -1255,18 +1267,18 @@ export default class esql_parser extends Parser { { localctx = new InlineCastContext(this, new PrimaryExpressionContext(this, _parentctx, _parentState)); this.pushNewRecursionContext(localctx, _startState, esql_parser.RULE_primaryExpression); - this.state = 255; + this.state = 260; if (!(this.precpred(this._ctx, 1))) { throw this.createFailedPredicateException("this.precpred(this._ctx, 1)"); } - this.state = 256; + this.state = 261; this.match(esql_parser.CAST_OP); - this.state = 257; + this.state = 262; this.dataType(); } } } - this.state = 262; + this.state = 267; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 17, this._ctx); } @@ -1294,63 +1306,63 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 263; + this.state = 268; this.identifier(); - this.state = 264; + this.state = 269; this.match(esql_parser.LP); - this.state = 274; + this.state = 279; this._errHandler.sync(this); switch (this._input.LA(1)) { - case 66: + case 67: { - this.state = 265; + this.state = 270; this.match(esql_parser.ASTERISK); } break; - case 30: case 31: case 32: - case 41: - case 47: - case 49: + case 33: + case 42: + case 48: case 50: - case 53: - case 56: - case 64: + case 51: + case 54: + case 57: case 65: - case 69: + case 66: case 70: - case 72: + case 71: case 73: + case 74: { { - this.state = 266; - this.booleanExpression(0); this.state = 271; + this.booleanExpression(0); + this.state = 276; this._errHandler.sync(this); _la = this._input.LA(1); - while (_la===38) { + while (_la===39) { { { - this.state = 267; + this.state = 272; this.match(esql_parser.COMMA); - this.state = 268; + this.state = 273; this.booleanExpression(0); } } - this.state = 273; + this.state = 278; this._errHandler.sync(this); _la = this._input.LA(1); } } } break; - case 55: + case 56: break; default: break; } - this.state = 276; + this.state = 281; this.match(esql_parser.RP); } } @@ -1376,7 +1388,7 @@ export default class esql_parser extends Parser { localctx = new ToDataTypeContext(this, localctx); this.enterOuterAlt(localctx, 1); { - this.state = 278; + this.state = 283; this.identifier(); } } @@ -1401,9 +1413,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 280; + this.state = 285; this.match(esql_parser.ROW); - this.state = 281; + this.state = 286; this.fields(); } } @@ -1429,23 +1441,23 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 283; - this.field(); this.state = 288; + this.field(); + this.state = 293; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 20, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 284; + this.state = 289; this.match(esql_parser.COMMA); - this.state = 285; + this.state = 290; this.field(); } } } - this.state = 290; + this.state = 295; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 20, this._ctx); } @@ -1470,24 +1482,24 @@ export default class esql_parser extends Parser { let localctx: FieldContext = new FieldContext(this, this._ctx, this.state); this.enterRule(localctx, 30, esql_parser.RULE_field); try { - this.state = 296; + this.state = 301; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 21, this._ctx) ) { case 1: this.enterOuterAlt(localctx, 1); { - this.state = 291; + this.state = 296; this.booleanExpression(0); } break; case 2: this.enterOuterAlt(localctx, 2); { - this.state = 292; + this.state = 297; this.qualifiedName(); - this.state = 293; + this.state = 298; this.match(esql_parser.ASSIGN); - this.state = 294; + this.state = 299; this.booleanExpression(0); } break; @@ -1515,34 +1527,34 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 298; + this.state = 303; this.match(esql_parser.FROM); - this.state = 299; - this.indexPattern(); this.state = 304; + this.indexPattern(); + this.state = 309; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 22, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 300; + this.state = 305; this.match(esql_parser.COMMA); - this.state = 301; + this.state = 306; this.indexPattern(); } } } - this.state = 306; + this.state = 311; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 22, this._ctx); } - this.state = 308; + this.state = 313; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 23, this._ctx) ) { case 1: { - this.state = 307; + this.state = 312; this.metadata(); } break; @@ -1568,24 +1580,24 @@ export default class esql_parser extends Parser { let localctx: IndexPatternContext = new IndexPatternContext(this, this._ctx, this.state); this.enterRule(localctx, 34, esql_parser.RULE_indexPattern); try { - this.state = 315; + this.state = 320; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 24, this._ctx) ) { case 1: this.enterOuterAlt(localctx, 1); { - this.state = 310; + this.state = 315; this.clusterString(); - this.state = 311; + this.state = 316; this.match(esql_parser.COLON); - this.state = 312; + this.state = 317; this.indexString(); } break; case 2: this.enterOuterAlt(localctx, 2); { - this.state = 314; + this.state = 319; this.indexString(); } break; @@ -1612,7 +1624,7 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 317; + this.state = 322; this.match(esql_parser.UNQUOTED_SOURCE); } } @@ -1638,9 +1650,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 319; + this.state = 324; _la = this._input.LA(1); - if(!(_la===25 || _la===30)) { + if(!(_la===26 || _la===31)) { this._errHandler.recoverInline(this); } else { @@ -1668,20 +1680,20 @@ export default class esql_parser extends Parser { let localctx: MetadataContext = new MetadataContext(this, this._ctx, this.state); this.enterRule(localctx, 40, esql_parser.RULE_metadata); try { - this.state = 323; + this.state = 328; this._errHandler.sync(this); switch (this._input.LA(1)) { - case 77: + case 78: this.enterOuterAlt(localctx, 1); { - this.state = 321; + this.state = 326; this.metadataOption(); } break; - case 70: + case 71: this.enterOuterAlt(localctx, 2); { - this.state = 322; + this.state = 327; this.deprecated_metadata(); } break; @@ -1711,25 +1723,25 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 325; + this.state = 330; this.match(esql_parser.METADATA); - this.state = 326; - this.match(esql_parser.UNQUOTED_SOURCE); this.state = 331; + this.match(esql_parser.UNQUOTED_SOURCE); + this.state = 336; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 26, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 327; + this.state = 332; this.match(esql_parser.COMMA); - this.state = 328; + this.state = 333; this.match(esql_parser.UNQUOTED_SOURCE); } } } - this.state = 333; + this.state = 338; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 26, this._ctx); } @@ -1756,11 +1768,11 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 334; + this.state = 339; this.match(esql_parser.OPENING_BRACKET); - this.state = 335; + this.state = 340; this.metadataOption(); - this.state = 336; + this.state = 341; this.match(esql_parser.CLOSING_BRACKET); } } @@ -1786,46 +1798,46 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 338; + this.state = 343; this.match(esql_parser.METRICS); - this.state = 339; - this.indexPattern(); this.state = 344; + this.indexPattern(); + this.state = 349; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 27, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 340; + this.state = 345; this.match(esql_parser.COMMA); - this.state = 341; + this.state = 346; this.indexPattern(); } } } - this.state = 346; + this.state = 351; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 27, this._ctx); } - this.state = 348; + this.state = 353; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 28, this._ctx) ) { case 1: { - this.state = 347; + this.state = 352; localctx._aggregates = this.fields(); } break; } - this.state = 352; + this.state = 357; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 29, this._ctx) ) { case 1: { - this.state = 350; + this.state = 355; this.match(esql_parser.BY); - this.state = 351; + this.state = 356; localctx._grouping = this.fields(); } break; @@ -1853,9 +1865,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 354; + this.state = 359; this.match(esql_parser.EVAL); - this.state = 355; + this.state = 360; this.fields(); } } @@ -1880,26 +1892,26 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 357; + this.state = 362; this.match(esql_parser.STATS); - this.state = 359; + this.state = 364; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 30, this._ctx) ) { case 1: { - this.state = 358; + this.state = 363; localctx._stats = this.fields(); } break; } - this.state = 363; + this.state = 368; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 31, this._ctx) ) { case 1: { - this.state = 361; + this.state = 366; this.match(esql_parser.BY); - this.state = 362; + this.state = 367; localctx._grouping = this.fields(); } break; @@ -1927,18 +1939,18 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 365; + this.state = 370; this.match(esql_parser.INLINESTATS); - this.state = 366; + this.state = 371; localctx._stats = this.fields(); - this.state = 369; + this.state = 374; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 32, this._ctx) ) { case 1: { - this.state = 367; + this.state = 372; this.match(esql_parser.BY); - this.state = 368; + this.state = 373; localctx._grouping = this.fields(); } break; @@ -1967,23 +1979,23 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 371; - this.identifier(); this.state = 376; + this.identifier(); + this.state = 381; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 33, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 372; + this.state = 377; this.match(esql_parser.DOT); - this.state = 373; + this.state = 378; this.identifier(); } } } - this.state = 378; + this.state = 383; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 33, this._ctx); } @@ -2011,23 +2023,23 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 379; - this.identifierPattern(); this.state = 384; + this.identifierPattern(); + this.state = 389; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 34, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 380; + this.state = 385; this.match(esql_parser.DOT); - this.state = 381; + this.state = 386; this.identifierPattern(); } } } - this.state = 386; + this.state = 391; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 34, this._ctx); } @@ -2055,23 +2067,23 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 387; - this.qualifiedNamePattern(); this.state = 392; + this.qualifiedNamePattern(); + this.state = 397; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 35, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 388; + this.state = 393; this.match(esql_parser.COMMA); - this.state = 389; + this.state = 394; this.qualifiedNamePattern(); } } } - this.state = 394; + this.state = 399; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 35, this._ctx); } @@ -2099,9 +2111,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 395; + this.state = 400; _la = this._input.LA(1); - if(!(_la===72 || _la===73)) { + if(!(_la===73 || _la===74)) { this._errHandler.recoverInline(this); } else { @@ -2131,7 +2143,7 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 397; + this.state = 402; this.match(esql_parser.ID_PATTERN); } } @@ -2155,14 +2167,14 @@ export default class esql_parser extends Parser { this.enterRule(localctx, 64, esql_parser.RULE_constant); let _la: number; try { - this.state = 441; + this.state = 446; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 39, this._ctx) ) { case 1: localctx = new NullLiteralContext(this, localctx); this.enterOuterAlt(localctx, 1); { - this.state = 399; + this.state = 404; this.match(esql_parser.NULL); } break; @@ -2170,9 +2182,9 @@ export default class esql_parser extends Parser { localctx = new QualifiedIntegerLiteralContext(this, localctx); this.enterOuterAlt(localctx, 2); { - this.state = 400; + this.state = 405; this.integerValue(); - this.state = 401; + this.state = 406; this.match(esql_parser.UNQUOTED_IDENTIFIER); } break; @@ -2180,7 +2192,7 @@ export default class esql_parser extends Parser { localctx = new DecimalLiteralContext(this, localctx); this.enterOuterAlt(localctx, 3); { - this.state = 403; + this.state = 408; this.decimalValue(); } break; @@ -2188,7 +2200,7 @@ export default class esql_parser extends Parser { localctx = new IntegerLiteralContext(this, localctx); this.enterOuterAlt(localctx, 4); { - this.state = 404; + this.state = 409; this.integerValue(); } break; @@ -2196,7 +2208,7 @@ export default class esql_parser extends Parser { localctx = new BooleanLiteralContext(this, localctx); this.enterOuterAlt(localctx, 5); { - this.state = 405; + this.state = 410; this.booleanValue(); } break; @@ -2204,7 +2216,7 @@ export default class esql_parser extends Parser { localctx = new InputParamsContext(this, localctx); this.enterOuterAlt(localctx, 6); { - this.state = 406; + this.state = 411; this.params(); } break; @@ -2212,7 +2224,7 @@ export default class esql_parser extends Parser { localctx = new StringLiteralContext(this, localctx); this.enterOuterAlt(localctx, 7); { - this.state = 407; + this.state = 412; this.string_(); } break; @@ -2220,27 +2232,27 @@ export default class esql_parser extends Parser { localctx = new NumericArrayLiteralContext(this, localctx); this.enterOuterAlt(localctx, 8); { - this.state = 408; + this.state = 413; this.match(esql_parser.OPENING_BRACKET); - this.state = 409; - this.numericValue(); this.state = 414; + this.numericValue(); + this.state = 419; this._errHandler.sync(this); _la = this._input.LA(1); - while (_la===38) { + while (_la===39) { { { - this.state = 410; + this.state = 415; this.match(esql_parser.COMMA); - this.state = 411; + this.state = 416; this.numericValue(); } } - this.state = 416; + this.state = 421; this._errHandler.sync(this); _la = this._input.LA(1); } - this.state = 417; + this.state = 422; this.match(esql_parser.CLOSING_BRACKET); } break; @@ -2248,27 +2260,27 @@ export default class esql_parser extends Parser { localctx = new BooleanArrayLiteralContext(this, localctx); this.enterOuterAlt(localctx, 9); { - this.state = 419; + this.state = 424; this.match(esql_parser.OPENING_BRACKET); - this.state = 420; - this.booleanValue(); this.state = 425; + this.booleanValue(); + this.state = 430; this._errHandler.sync(this); _la = this._input.LA(1); - while (_la===38) { + while (_la===39) { { { - this.state = 421; + this.state = 426; this.match(esql_parser.COMMA); - this.state = 422; + this.state = 427; this.booleanValue(); } } - this.state = 427; + this.state = 432; this._errHandler.sync(this); _la = this._input.LA(1); } - this.state = 428; + this.state = 433; this.match(esql_parser.CLOSING_BRACKET); } break; @@ -2276,27 +2288,27 @@ export default class esql_parser extends Parser { localctx = new StringArrayLiteralContext(this, localctx); this.enterOuterAlt(localctx, 10); { - this.state = 430; + this.state = 435; this.match(esql_parser.OPENING_BRACKET); - this.state = 431; - this.string_(); this.state = 436; + this.string_(); + this.state = 441; this._errHandler.sync(this); _la = this._input.LA(1); - while (_la===38) { + while (_la===39) { { { - this.state = 432; + this.state = 437; this.match(esql_parser.COMMA); - this.state = 433; + this.state = 438; this.string_(); } } - this.state = 438; + this.state = 443; this._errHandler.sync(this); _la = this._input.LA(1); } - this.state = 439; + this.state = 444; this.match(esql_parser.CLOSING_BRACKET); } break; @@ -2321,22 +2333,22 @@ export default class esql_parser extends Parser { let localctx: ParamsContext = new ParamsContext(this, this._ctx, this.state); this.enterRule(localctx, 66, esql_parser.RULE_params); try { - this.state = 445; + this.state = 450; this._errHandler.sync(this); switch (this._input.LA(1)) { - case 53: + case 54: localctx = new InputParamContext(this, localctx); this.enterOuterAlt(localctx, 1); { - this.state = 443; + this.state = 448; this.match(esql_parser.PARAM); } break; - case 69: + case 70: localctx = new InputNamedOrPositionalParamContext(this, localctx); this.enterOuterAlt(localctx, 2); { - this.state = 444; + this.state = 449; this.match(esql_parser.NAMED_OR_POSITIONAL_PARAM); } break; @@ -2365,9 +2377,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 447; + this.state = 452; this.match(esql_parser.LIMIT); - this.state = 448; + this.state = 453; this.match(esql_parser.INTEGER_LITERAL); } } @@ -2393,25 +2405,25 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 450; + this.state = 455; this.match(esql_parser.SORT); - this.state = 451; - this.orderExpression(); this.state = 456; + this.orderExpression(); + this.state = 461; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 41, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 452; + this.state = 457; this.match(esql_parser.COMMA); - this.state = 453; + this.state = 458; this.orderExpression(); } } } - this.state = 458; + this.state = 463; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 41, this._ctx); } @@ -2439,17 +2451,17 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 459; + this.state = 464; this.booleanExpression(0); - this.state = 461; + this.state = 466; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 42, this._ctx) ) { case 1: { - this.state = 460; + this.state = 465; localctx._ordering = this._input.LT(1); _la = this._input.LA(1); - if(!(_la===35 || _la===39)) { + if(!(_la===36 || _la===40)) { localctx._ordering = this._errHandler.recoverInline(this); } else { @@ -2459,17 +2471,17 @@ export default class esql_parser extends Parser { } break; } - this.state = 465; + this.state = 470; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 43, this._ctx) ) { case 1: { - this.state = 463; + this.state = 468; this.match(esql_parser.NULLS); - this.state = 464; + this.state = 469; localctx._nullOrdering = this._input.LT(1); _la = this._input.LA(1); - if(!(_la===42 || _la===45)) { + if(!(_la===43 || _la===46)) { localctx._nullOrdering = this._errHandler.recoverInline(this); } else { @@ -2502,9 +2514,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 467; + this.state = 472; this.match(esql_parser.KEEP); - this.state = 468; + this.state = 473; this.qualifiedNamePatterns(); } } @@ -2529,9 +2541,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 470; + this.state = 475; this.match(esql_parser.DROP); - this.state = 471; + this.state = 476; this.qualifiedNamePatterns(); } } @@ -2557,25 +2569,25 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 473; + this.state = 478; this.match(esql_parser.RENAME); - this.state = 474; - this.renameClause(); this.state = 479; + this.renameClause(); + this.state = 484; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 44, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 475; + this.state = 480; this.match(esql_parser.COMMA); - this.state = 476; + this.state = 481; this.renameClause(); } } } - this.state = 481; + this.state = 486; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 44, this._ctx); } @@ -2602,11 +2614,11 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 482; + this.state = 487; localctx._oldName = this.qualifiedNamePattern(); - this.state = 483; + this.state = 488; this.match(esql_parser.AS); - this.state = 484; + this.state = 489; localctx._newName = this.qualifiedNamePattern(); } } @@ -2631,18 +2643,18 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 486; + this.state = 491; this.match(esql_parser.DISSECT); - this.state = 487; + this.state = 492; this.primaryExpression(0); - this.state = 488; + this.state = 493; this.string_(); - this.state = 490; + this.state = 495; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 45, this._ctx) ) { case 1: { - this.state = 489; + this.state = 494; this.commandOptions(); } break; @@ -2670,11 +2682,11 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 492; + this.state = 497; this.match(esql_parser.GROK); - this.state = 493; + this.state = 498; this.primaryExpression(0); - this.state = 494; + this.state = 499; this.string_(); } } @@ -2699,9 +2711,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 496; + this.state = 501; this.match(esql_parser.MV_EXPAND); - this.state = 497; + this.state = 502; this.qualifiedName(); } } @@ -2727,23 +2739,23 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 499; - this.commandOption(); this.state = 504; + this.commandOption(); + this.state = 509; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 46, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 500; + this.state = 505; this.match(esql_parser.COMMA); - this.state = 501; + this.state = 506; this.commandOption(); } } } - this.state = 506; + this.state = 511; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 46, this._ctx); } @@ -2770,11 +2782,11 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 507; + this.state = 512; this.identifier(); - this.state = 508; + this.state = 513; this.match(esql_parser.ASSIGN); - this.state = 509; + this.state = 514; this.constant(); } } @@ -2800,9 +2812,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 511; + this.state = 516; _la = this._input.LA(1); - if(!(_la===41 || _la===56)) { + if(!(_la===42 || _la===57)) { this._errHandler.recoverInline(this); } else { @@ -2830,20 +2842,20 @@ export default class esql_parser extends Parser { let localctx: NumericValueContext = new NumericValueContext(this, this._ctx, this.state); this.enterRule(localctx, 94, esql_parser.RULE_numericValue); try { - this.state = 515; + this.state = 520; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 47, this._ctx) ) { case 1: this.enterOuterAlt(localctx, 1); { - this.state = 513; + this.state = 518; this.decimalValue(); } break; case 2: this.enterOuterAlt(localctx, 2); { - this.state = 514; + this.state = 519; this.integerValue(); } break; @@ -2871,14 +2883,14 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 518; + this.state = 523; this._errHandler.sync(this); _la = this._input.LA(1); - if (_la===64 || _la===65) { + if (_la===65 || _la===66) { { - this.state = 517; + this.state = 522; _la = this._input.LA(1); - if(!(_la===64 || _la===65)) { + if(!(_la===65 || _la===66)) { this._errHandler.recoverInline(this); } else { @@ -2888,7 +2900,7 @@ export default class esql_parser extends Parser { } } - this.state = 520; + this.state = 525; this.match(esql_parser.DECIMAL_LITERAL); } } @@ -2914,14 +2926,14 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 523; + this.state = 528; this._errHandler.sync(this); _la = this._input.LA(1); - if (_la===64 || _la===65) { + if (_la===65 || _la===66) { { - this.state = 522; + this.state = 527; _la = this._input.LA(1); - if(!(_la===64 || _la===65)) { + if(!(_la===65 || _la===66)) { this._errHandler.recoverInline(this); } else { @@ -2931,7 +2943,7 @@ export default class esql_parser extends Parser { } } - this.state = 525; + this.state = 530; this.match(esql_parser.INTEGER_LITERAL); } } @@ -2956,7 +2968,7 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 527; + this.state = 532; this.match(esql_parser.QUOTED_STRING); } } @@ -2982,9 +2994,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 529; + this.state = 534; _la = this._input.LA(1); - if(!(((((_la - 57)) & ~0x1F) === 0 && ((1 << (_la - 57)) & 125) !== 0))) { + if(!(((((_la - 58)) & ~0x1F) === 0 && ((1 << (_la - 58)) & 125) !== 0))) { this._errHandler.recoverInline(this); } else { @@ -3014,9 +3026,9 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 531; + this.state = 536; this.match(esql_parser.EXPLAIN); - this.state = 532; + this.state = 537; this.subqueryExpression(); } } @@ -3041,11 +3053,11 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 534; + this.state = 539; this.match(esql_parser.OPENING_BRACKET); - this.state = 535; + this.state = 540; this.query(0); - this.state = 536; + this.state = 541; this.match(esql_parser.CLOSING_BRACKET); } } @@ -3071,9 +3083,9 @@ export default class esql_parser extends Parser { localctx = new ShowInfoContext(this, localctx); this.enterOuterAlt(localctx, 1); { - this.state = 538; + this.state = 543; this.match(esql_parser.SHOW); - this.state = 539; + this.state = 544; this.match(esql_parser.INFO); } } @@ -3099,9 +3111,9 @@ export default class esql_parser extends Parser { localctx = new MetaFunctionsContext(this, localctx); this.enterOuterAlt(localctx, 1); { - this.state = 541; + this.state = 546; this.match(esql_parser.META); - this.state = 542; + this.state = 547; this.match(esql_parser.FUNCTIONS); } } @@ -3127,46 +3139,46 @@ export default class esql_parser extends Parser { let _alt: number; this.enterOuterAlt(localctx, 1); { - this.state = 544; + this.state = 549; this.match(esql_parser.ENRICH); - this.state = 545; + this.state = 550; localctx._policyName = this.match(esql_parser.ENRICH_POLICY_NAME); - this.state = 548; + this.state = 553; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 50, this._ctx) ) { case 1: { - this.state = 546; + this.state = 551; this.match(esql_parser.ON); - this.state = 547; + this.state = 552; localctx._matchField = this.qualifiedNamePattern(); } break; } - this.state = 559; + this.state = 564; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 52, this._ctx) ) { case 1: { - this.state = 550; + this.state = 555; this.match(esql_parser.WITH); - this.state = 551; - this.enrichWithClause(); this.state = 556; + this.enrichWithClause(); + this.state = 561; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 51, this._ctx); while (_alt !== 2 && _alt !== ATN.INVALID_ALT_NUMBER) { if (_alt === 1) { { { - this.state = 552; + this.state = 557; this.match(esql_parser.COMMA); - this.state = 553; + this.state = 558; this.enrichWithClause(); } } } - this.state = 558; + this.state = 563; this._errHandler.sync(this); _alt = this._interp.adaptivePredict(this._input, 51, this._ctx); } @@ -3196,19 +3208,19 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 564; + this.state = 569; this._errHandler.sync(this); switch ( this._interp.adaptivePredict(this._input, 53, this._ctx) ) { case 1: { - this.state = 561; + this.state = 566; localctx._newName = this.qualifiedNamePattern(); - this.state = 562; + this.state = 567; this.match(esql_parser.ASSIGN); } break; } - this.state = 566; + this.state = 571; localctx._enrichField = this.qualifiedNamePattern(); } } @@ -3233,13 +3245,13 @@ export default class esql_parser extends Parser { try { this.enterOuterAlt(localctx, 1); { - this.state = 568; + this.state = 573; this.match(esql_parser.LOOKUP); - this.state = 569; + this.state = 574; localctx._tableName = this.indexPattern(); - this.state = 570; + this.state = 575; this.match(esql_parser.ON); - this.state = 571; + this.state = 576; localctx._matchFields = this.qualifiedNamePatterns(); } } @@ -3257,6 +3269,58 @@ export default class esql_parser extends Parser { } return localctx; } + // @RuleVersion(0) + public matchCommand(): MatchCommandContext { + let localctx: MatchCommandContext = new MatchCommandContext(this, this._ctx, this.state); + this.enterRule(localctx, 118, esql_parser.RULE_matchCommand); + try { + this.enterOuterAlt(localctx, 1); + { + this.state = 578; + this.match(esql_parser.MATCH); + this.state = 579; + this.matchQuery(); + } + } + catch (re) { + if (re instanceof RecognitionException) { + localctx.exception = re; + this._errHandler.reportError(this, re); + this._errHandler.recover(this, re); + } else { + throw re; + } + } + finally { + this.exitRule(); + } + return localctx; + } + // @RuleVersion(0) + public matchQuery(): MatchQueryContext { + let localctx: MatchQueryContext = new MatchQueryContext(this, this._ctx, this.state); + this.enterRule(localctx, 120, esql_parser.RULE_matchQuery); + try { + this.enterOuterAlt(localctx, 1); + { + this.state = 581; + this.match(esql_parser.QUOTED_STRING); + } + } + catch (re) { + if (re instanceof RecognitionException) { + localctx.exception = re; + this._errHandler.reportError(this, re); + this._errHandler.recover(this, re); + } else { + throw re; + } + } + finally { + this.exitRule(); + } + return localctx; + } public sempred(localctx: RuleContext, ruleIndex: number, predIndex: number): boolean { switch (ruleIndex) { @@ -3304,7 +3368,7 @@ export default class esql_parser extends Parser { return true; } - public static readonly _serializedATN: number[] = [4,1,125,574,2,0,7,0, + public static readonly _serializedATN: number[] = [4,1,126,584,2,0,7,0, 2,1,7,1,2,2,7,2,2,3,7,3,2,4,7,4,2,5,7,5,2,6,7,6,2,7,7,7,2,8,7,8,2,9,7,9, 2,10,7,10,2,11,7,11,2,12,7,12,2,13,7,13,2,14,7,14,2,15,7,15,2,16,7,16,2, 17,7,17,2,18,7,18,2,19,7,19,2,20,7,20,2,21,7,21,2,22,7,22,2,23,7,23,2,24, @@ -3312,185 +3376,188 @@ export default class esql_parser extends Parser { 31,2,32,7,32,2,33,7,33,2,34,7,34,2,35,7,35,2,36,7,36,2,37,7,37,2,38,7,38, 2,39,7,39,2,40,7,40,2,41,7,41,2,42,7,42,2,43,7,43,2,44,7,44,2,45,7,45,2, 46,7,46,2,47,7,47,2,48,7,48,2,49,7,49,2,50,7,50,2,51,7,51,2,52,7,52,2,53, - 7,53,2,54,7,54,2,55,7,55,2,56,7,56,2,57,7,57,2,58,7,58,1,0,1,0,1,0,1,1, - 1,1,1,1,1,1,1,1,1,1,5,1,128,8,1,10,1,12,1,131,9,1,1,2,1,2,1,2,1,2,1,2,1, - 2,3,2,139,8,2,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,3, - 3,155,8,3,1,4,1,4,1,4,1,5,1,5,1,5,1,5,1,5,1,5,1,5,1,5,3,5,168,8,5,1,5,1, - 5,1,5,1,5,1,5,5,5,175,8,5,10,5,12,5,178,9,5,1,5,1,5,1,5,1,5,1,5,3,5,185, - 8,5,1,5,1,5,3,5,189,8,5,1,5,1,5,1,5,1,5,1,5,1,5,5,5,197,8,5,10,5,12,5,200, - 9,5,1,6,1,6,3,6,204,8,6,1,6,1,6,1,6,1,6,1,6,3,6,211,8,6,1,6,1,6,1,6,3,6, - 216,8,6,1,7,1,7,1,7,1,7,1,8,1,8,1,8,1,8,1,8,3,8,227,8,8,1,9,1,9,1,9,1,9, - 3,9,233,8,9,1,9,1,9,1,9,1,9,1,9,1,9,5,9,241,8,9,10,9,12,9,244,9,9,1,10, - 1,10,1,10,1,10,1,10,1,10,1,10,1,10,3,10,254,8,10,1,10,1,10,1,10,5,10,259, - 8,10,10,10,12,10,262,9,10,1,11,1,11,1,11,1,11,1,11,1,11,5,11,270,8,11,10, - 11,12,11,273,9,11,3,11,275,8,11,1,11,1,11,1,12,1,12,1,13,1,13,1,13,1,14, - 1,14,1,14,5,14,287,8,14,10,14,12,14,290,9,14,1,15,1,15,1,15,1,15,1,15,3, - 15,297,8,15,1,16,1,16,1,16,1,16,5,16,303,8,16,10,16,12,16,306,9,16,1,16, - 3,16,309,8,16,1,17,1,17,1,17,1,17,1,17,3,17,316,8,17,1,18,1,18,1,19,1,19, - 1,20,1,20,3,20,324,8,20,1,21,1,21,1,21,1,21,5,21,330,8,21,10,21,12,21,333, - 9,21,1,22,1,22,1,22,1,22,1,23,1,23,1,23,1,23,5,23,343,8,23,10,23,12,23, - 346,9,23,1,23,3,23,349,8,23,1,23,1,23,3,23,353,8,23,1,24,1,24,1,24,1,25, - 1,25,3,25,360,8,25,1,25,1,25,3,25,364,8,25,1,26,1,26,1,26,1,26,3,26,370, - 8,26,1,27,1,27,1,27,5,27,375,8,27,10,27,12,27,378,9,27,1,28,1,28,1,28,5, - 28,383,8,28,10,28,12,28,386,9,28,1,29,1,29,1,29,5,29,391,8,29,10,29,12, - 29,394,9,29,1,30,1,30,1,31,1,31,1,32,1,32,1,32,1,32,1,32,1,32,1,32,1,32, - 1,32,1,32,1,32,1,32,1,32,5,32,413,8,32,10,32,12,32,416,9,32,1,32,1,32,1, - 32,1,32,1,32,1,32,5,32,424,8,32,10,32,12,32,427,9,32,1,32,1,32,1,32,1,32, - 1,32,1,32,5,32,435,8,32,10,32,12,32,438,9,32,1,32,1,32,3,32,442,8,32,1, - 33,1,33,3,33,446,8,33,1,34,1,34,1,34,1,35,1,35,1,35,1,35,5,35,455,8,35, - 10,35,12,35,458,9,35,1,36,1,36,3,36,462,8,36,1,36,1,36,3,36,466,8,36,1, - 37,1,37,1,37,1,38,1,38,1,38,1,39,1,39,1,39,1,39,5,39,478,8,39,10,39,12, - 39,481,9,39,1,40,1,40,1,40,1,40,1,41,1,41,1,41,1,41,3,41,491,8,41,1,42, - 1,42,1,42,1,42,1,43,1,43,1,43,1,44,1,44,1,44,5,44,503,8,44,10,44,12,44, - 506,9,44,1,45,1,45,1,45,1,45,1,46,1,46,1,47,1,47,3,47,516,8,47,1,48,3,48, - 519,8,48,1,48,1,48,1,49,3,49,524,8,49,1,49,1,49,1,50,1,50,1,51,1,51,1,52, - 1,52,1,52,1,53,1,53,1,53,1,53,1,54,1,54,1,54,1,55,1,55,1,55,1,56,1,56,1, - 56,1,56,3,56,549,8,56,1,56,1,56,1,56,1,56,5,56,555,8,56,10,56,12,56,558, - 9,56,3,56,560,8,56,1,57,1,57,1,57,3,57,565,8,57,1,57,1,57,1,58,1,58,1,58, - 1,58,1,58,1,58,0,4,2,10,18,20,59,0,2,4,6,8,10,12,14,16,18,20,22,24,26,28, - 30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76, - 78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,0, - 8,1,0,64,65,1,0,66,68,2,0,25,25,30,30,1,0,72,73,2,0,35,35,39,39,2,0,42, - 42,45,45,2,0,41,41,56,56,2,0,57,57,59,63,599,0,118,1,0,0,0,2,121,1,0,0, - 0,4,138,1,0,0,0,6,154,1,0,0,0,8,156,1,0,0,0,10,188,1,0,0,0,12,215,1,0,0, - 0,14,217,1,0,0,0,16,226,1,0,0,0,18,232,1,0,0,0,20,253,1,0,0,0,22,263,1, - 0,0,0,24,278,1,0,0,0,26,280,1,0,0,0,28,283,1,0,0,0,30,296,1,0,0,0,32,298, - 1,0,0,0,34,315,1,0,0,0,36,317,1,0,0,0,38,319,1,0,0,0,40,323,1,0,0,0,42, - 325,1,0,0,0,44,334,1,0,0,0,46,338,1,0,0,0,48,354,1,0,0,0,50,357,1,0,0,0, - 52,365,1,0,0,0,54,371,1,0,0,0,56,379,1,0,0,0,58,387,1,0,0,0,60,395,1,0, - 0,0,62,397,1,0,0,0,64,441,1,0,0,0,66,445,1,0,0,0,68,447,1,0,0,0,70,450, - 1,0,0,0,72,459,1,0,0,0,74,467,1,0,0,0,76,470,1,0,0,0,78,473,1,0,0,0,80, - 482,1,0,0,0,82,486,1,0,0,0,84,492,1,0,0,0,86,496,1,0,0,0,88,499,1,0,0,0, - 90,507,1,0,0,0,92,511,1,0,0,0,94,515,1,0,0,0,96,518,1,0,0,0,98,523,1,0, - 0,0,100,527,1,0,0,0,102,529,1,0,0,0,104,531,1,0,0,0,106,534,1,0,0,0,108, - 538,1,0,0,0,110,541,1,0,0,0,112,544,1,0,0,0,114,564,1,0,0,0,116,568,1,0, - 0,0,118,119,3,2,1,0,119,120,5,0,0,1,120,1,1,0,0,0,121,122,6,1,-1,0,122, - 123,3,4,2,0,123,129,1,0,0,0,124,125,10,1,0,0,125,126,5,29,0,0,126,128,3, - 6,3,0,127,124,1,0,0,0,128,131,1,0,0,0,129,127,1,0,0,0,129,130,1,0,0,0,130, - 3,1,0,0,0,131,129,1,0,0,0,132,139,3,104,52,0,133,139,3,32,16,0,134,139, - 3,26,13,0,135,139,3,46,23,0,136,139,3,108,54,0,137,139,3,110,55,0,138,132, - 1,0,0,0,138,133,1,0,0,0,138,134,1,0,0,0,138,135,1,0,0,0,138,136,1,0,0,0, - 138,137,1,0,0,0,139,5,1,0,0,0,140,155,3,48,24,0,141,155,3,52,26,0,142,155, - 3,68,34,0,143,155,3,116,58,0,144,155,3,74,37,0,145,155,3,70,35,0,146,155, - 3,50,25,0,147,155,3,8,4,0,148,155,3,76,38,0,149,155,3,78,39,0,150,155,3, - 82,41,0,151,155,3,84,42,0,152,155,3,112,56,0,153,155,3,86,43,0,154,140, - 1,0,0,0,154,141,1,0,0,0,154,142,1,0,0,0,154,143,1,0,0,0,154,144,1,0,0,0, - 154,145,1,0,0,0,154,146,1,0,0,0,154,147,1,0,0,0,154,148,1,0,0,0,154,149, - 1,0,0,0,154,150,1,0,0,0,154,151,1,0,0,0,154,152,1,0,0,0,154,153,1,0,0,0, - 155,7,1,0,0,0,156,157,5,20,0,0,157,158,3,10,5,0,158,9,1,0,0,0,159,160,6, - 5,-1,0,160,161,5,49,0,0,161,189,3,10,5,8,162,189,3,16,8,0,163,189,3,12, - 6,0,164,189,3,14,7,0,165,167,3,16,8,0,166,168,5,49,0,0,167,166,1,0,0,0, - 167,168,1,0,0,0,168,169,1,0,0,0,169,170,5,43,0,0,170,171,5,47,0,0,171,176, - 3,16,8,0,172,173,5,38,0,0,173,175,3,16,8,0,174,172,1,0,0,0,175,178,1,0, - 0,0,176,174,1,0,0,0,176,177,1,0,0,0,177,179,1,0,0,0,178,176,1,0,0,0,179, - 180,5,55,0,0,180,189,1,0,0,0,181,182,3,16,8,0,182,184,5,44,0,0,183,185, - 5,49,0,0,184,183,1,0,0,0,184,185,1,0,0,0,185,186,1,0,0,0,186,187,5,50,0, - 0,187,189,1,0,0,0,188,159,1,0,0,0,188,162,1,0,0,0,188,163,1,0,0,0,188,164, - 1,0,0,0,188,165,1,0,0,0,188,181,1,0,0,0,189,198,1,0,0,0,190,191,10,4,0, - 0,191,192,5,34,0,0,192,197,3,10,5,5,193,194,10,3,0,0,194,195,5,52,0,0,195, - 197,3,10,5,4,196,190,1,0,0,0,196,193,1,0,0,0,197,200,1,0,0,0,198,196,1, - 0,0,0,198,199,1,0,0,0,199,11,1,0,0,0,200,198,1,0,0,0,201,203,3,16,8,0,202, - 204,5,49,0,0,203,202,1,0,0,0,203,204,1,0,0,0,204,205,1,0,0,0,205,206,5, - 46,0,0,206,207,3,100,50,0,207,216,1,0,0,0,208,210,3,16,8,0,209,211,5,49, - 0,0,210,209,1,0,0,0,210,211,1,0,0,0,211,212,1,0,0,0,212,213,5,54,0,0,213, - 214,3,100,50,0,214,216,1,0,0,0,215,201,1,0,0,0,215,208,1,0,0,0,216,13,1, - 0,0,0,217,218,3,54,27,0,218,219,5,48,0,0,219,220,3,100,50,0,220,15,1,0, - 0,0,221,227,3,18,9,0,222,223,3,18,9,0,223,224,3,102,51,0,224,225,3,18,9, - 0,225,227,1,0,0,0,226,221,1,0,0,0,226,222,1,0,0,0,227,17,1,0,0,0,228,229, - 6,9,-1,0,229,233,3,20,10,0,230,231,7,0,0,0,231,233,3,18,9,3,232,228,1,0, - 0,0,232,230,1,0,0,0,233,242,1,0,0,0,234,235,10,2,0,0,235,236,7,1,0,0,236, - 241,3,18,9,3,237,238,10,1,0,0,238,239,7,0,0,0,239,241,3,18,9,2,240,234, - 1,0,0,0,240,237,1,0,0,0,241,244,1,0,0,0,242,240,1,0,0,0,242,243,1,0,0,0, - 243,19,1,0,0,0,244,242,1,0,0,0,245,246,6,10,-1,0,246,254,3,64,32,0,247, - 254,3,54,27,0,248,254,3,22,11,0,249,250,5,47,0,0,250,251,3,10,5,0,251,252, - 5,55,0,0,252,254,1,0,0,0,253,245,1,0,0,0,253,247,1,0,0,0,253,248,1,0,0, - 0,253,249,1,0,0,0,254,260,1,0,0,0,255,256,10,1,0,0,256,257,5,37,0,0,257, - 259,3,24,12,0,258,255,1,0,0,0,259,262,1,0,0,0,260,258,1,0,0,0,260,261,1, - 0,0,0,261,21,1,0,0,0,262,260,1,0,0,0,263,264,3,60,30,0,264,274,5,47,0,0, - 265,275,5,66,0,0,266,271,3,10,5,0,267,268,5,38,0,0,268,270,3,10,5,0,269, - 267,1,0,0,0,270,273,1,0,0,0,271,269,1,0,0,0,271,272,1,0,0,0,272,275,1,0, - 0,0,273,271,1,0,0,0,274,265,1,0,0,0,274,266,1,0,0,0,274,275,1,0,0,0,275, - 276,1,0,0,0,276,277,5,55,0,0,277,23,1,0,0,0,278,279,3,60,30,0,279,25,1, - 0,0,0,280,281,5,16,0,0,281,282,3,28,14,0,282,27,1,0,0,0,283,288,3,30,15, - 0,284,285,5,38,0,0,285,287,3,30,15,0,286,284,1,0,0,0,287,290,1,0,0,0,288, - 286,1,0,0,0,288,289,1,0,0,0,289,29,1,0,0,0,290,288,1,0,0,0,291,297,3,10, - 5,0,292,293,3,54,27,0,293,294,5,36,0,0,294,295,3,10,5,0,295,297,1,0,0,0, - 296,291,1,0,0,0,296,292,1,0,0,0,297,31,1,0,0,0,298,299,5,6,0,0,299,304, - 3,34,17,0,300,301,5,38,0,0,301,303,3,34,17,0,302,300,1,0,0,0,303,306,1, - 0,0,0,304,302,1,0,0,0,304,305,1,0,0,0,305,308,1,0,0,0,306,304,1,0,0,0,307, - 309,3,40,20,0,308,307,1,0,0,0,308,309,1,0,0,0,309,33,1,0,0,0,310,311,3, - 36,18,0,311,312,5,115,0,0,312,313,3,38,19,0,313,316,1,0,0,0,314,316,3,38, - 19,0,315,310,1,0,0,0,315,314,1,0,0,0,316,35,1,0,0,0,317,318,5,25,0,0,318, - 37,1,0,0,0,319,320,7,2,0,0,320,39,1,0,0,0,321,324,3,42,21,0,322,324,3,44, - 22,0,323,321,1,0,0,0,323,322,1,0,0,0,324,41,1,0,0,0,325,326,5,77,0,0,326, - 331,5,25,0,0,327,328,5,38,0,0,328,330,5,25,0,0,329,327,1,0,0,0,330,333, - 1,0,0,0,331,329,1,0,0,0,331,332,1,0,0,0,332,43,1,0,0,0,333,331,1,0,0,0, - 334,335,5,70,0,0,335,336,3,42,21,0,336,337,5,71,0,0,337,45,1,0,0,0,338, - 339,5,13,0,0,339,344,3,34,17,0,340,341,5,38,0,0,341,343,3,34,17,0,342,340, - 1,0,0,0,343,346,1,0,0,0,344,342,1,0,0,0,344,345,1,0,0,0,345,348,1,0,0,0, - 346,344,1,0,0,0,347,349,3,28,14,0,348,347,1,0,0,0,348,349,1,0,0,0,349,352, - 1,0,0,0,350,351,5,33,0,0,351,353,3,28,14,0,352,350,1,0,0,0,352,353,1,0, - 0,0,353,47,1,0,0,0,354,355,5,4,0,0,355,356,3,28,14,0,356,49,1,0,0,0,357, - 359,5,19,0,0,358,360,3,28,14,0,359,358,1,0,0,0,359,360,1,0,0,0,360,363, - 1,0,0,0,361,362,5,33,0,0,362,364,3,28,14,0,363,361,1,0,0,0,363,364,1,0, - 0,0,364,51,1,0,0,0,365,366,5,8,0,0,366,369,3,28,14,0,367,368,5,33,0,0,368, - 370,3,28,14,0,369,367,1,0,0,0,369,370,1,0,0,0,370,53,1,0,0,0,371,376,3, - 60,30,0,372,373,5,40,0,0,373,375,3,60,30,0,374,372,1,0,0,0,375,378,1,0, - 0,0,376,374,1,0,0,0,376,377,1,0,0,0,377,55,1,0,0,0,378,376,1,0,0,0,379, - 384,3,62,31,0,380,381,5,40,0,0,381,383,3,62,31,0,382,380,1,0,0,0,383,386, - 1,0,0,0,384,382,1,0,0,0,384,385,1,0,0,0,385,57,1,0,0,0,386,384,1,0,0,0, - 387,392,3,56,28,0,388,389,5,38,0,0,389,391,3,56,28,0,390,388,1,0,0,0,391, - 394,1,0,0,0,392,390,1,0,0,0,392,393,1,0,0,0,393,59,1,0,0,0,394,392,1,0, - 0,0,395,396,7,3,0,0,396,61,1,0,0,0,397,398,5,81,0,0,398,63,1,0,0,0,399, - 442,5,50,0,0,400,401,3,98,49,0,401,402,5,72,0,0,402,442,1,0,0,0,403,442, - 3,96,48,0,404,442,3,98,49,0,405,442,3,92,46,0,406,442,3,66,33,0,407,442, - 3,100,50,0,408,409,5,70,0,0,409,414,3,94,47,0,410,411,5,38,0,0,411,413, - 3,94,47,0,412,410,1,0,0,0,413,416,1,0,0,0,414,412,1,0,0,0,414,415,1,0,0, - 0,415,417,1,0,0,0,416,414,1,0,0,0,417,418,5,71,0,0,418,442,1,0,0,0,419, - 420,5,70,0,0,420,425,3,92,46,0,421,422,5,38,0,0,422,424,3,92,46,0,423,421, - 1,0,0,0,424,427,1,0,0,0,425,423,1,0,0,0,425,426,1,0,0,0,426,428,1,0,0,0, - 427,425,1,0,0,0,428,429,5,71,0,0,429,442,1,0,0,0,430,431,5,70,0,0,431,436, - 3,100,50,0,432,433,5,38,0,0,433,435,3,100,50,0,434,432,1,0,0,0,435,438, - 1,0,0,0,436,434,1,0,0,0,436,437,1,0,0,0,437,439,1,0,0,0,438,436,1,0,0,0, - 439,440,5,71,0,0,440,442,1,0,0,0,441,399,1,0,0,0,441,400,1,0,0,0,441,403, - 1,0,0,0,441,404,1,0,0,0,441,405,1,0,0,0,441,406,1,0,0,0,441,407,1,0,0,0, - 441,408,1,0,0,0,441,419,1,0,0,0,441,430,1,0,0,0,442,65,1,0,0,0,443,446, - 5,53,0,0,444,446,5,69,0,0,445,443,1,0,0,0,445,444,1,0,0,0,446,67,1,0,0, - 0,447,448,5,10,0,0,448,449,5,31,0,0,449,69,1,0,0,0,450,451,5,18,0,0,451, - 456,3,72,36,0,452,453,5,38,0,0,453,455,3,72,36,0,454,452,1,0,0,0,455,458, - 1,0,0,0,456,454,1,0,0,0,456,457,1,0,0,0,457,71,1,0,0,0,458,456,1,0,0,0, - 459,461,3,10,5,0,460,462,7,4,0,0,461,460,1,0,0,0,461,462,1,0,0,0,462,465, - 1,0,0,0,463,464,5,51,0,0,464,466,7,5,0,0,465,463,1,0,0,0,465,466,1,0,0, - 0,466,73,1,0,0,0,467,468,5,9,0,0,468,469,3,58,29,0,469,75,1,0,0,0,470,471, - 5,2,0,0,471,472,3,58,29,0,472,77,1,0,0,0,473,474,5,15,0,0,474,479,3,80, - 40,0,475,476,5,38,0,0,476,478,3,80,40,0,477,475,1,0,0,0,478,481,1,0,0,0, - 479,477,1,0,0,0,479,480,1,0,0,0,480,79,1,0,0,0,481,479,1,0,0,0,482,483, - 3,56,28,0,483,484,5,85,0,0,484,485,3,56,28,0,485,81,1,0,0,0,486,487,5,1, - 0,0,487,488,3,20,10,0,488,490,3,100,50,0,489,491,3,88,44,0,490,489,1,0, - 0,0,490,491,1,0,0,0,491,83,1,0,0,0,492,493,5,7,0,0,493,494,3,20,10,0,494, - 495,3,100,50,0,495,85,1,0,0,0,496,497,5,14,0,0,497,498,3,54,27,0,498,87, - 1,0,0,0,499,504,3,90,45,0,500,501,5,38,0,0,501,503,3,90,45,0,502,500,1, - 0,0,0,503,506,1,0,0,0,504,502,1,0,0,0,504,505,1,0,0,0,505,89,1,0,0,0,506, - 504,1,0,0,0,507,508,3,60,30,0,508,509,5,36,0,0,509,510,3,64,32,0,510,91, - 1,0,0,0,511,512,7,6,0,0,512,93,1,0,0,0,513,516,3,96,48,0,514,516,3,98,49, - 0,515,513,1,0,0,0,515,514,1,0,0,0,516,95,1,0,0,0,517,519,7,0,0,0,518,517, - 1,0,0,0,518,519,1,0,0,0,519,520,1,0,0,0,520,521,5,32,0,0,521,97,1,0,0,0, - 522,524,7,0,0,0,523,522,1,0,0,0,523,524,1,0,0,0,524,525,1,0,0,0,525,526, - 5,31,0,0,526,99,1,0,0,0,527,528,5,30,0,0,528,101,1,0,0,0,529,530,7,7,0, - 0,530,103,1,0,0,0,531,532,5,5,0,0,532,533,3,106,53,0,533,105,1,0,0,0,534, - 535,5,70,0,0,535,536,3,2,1,0,536,537,5,71,0,0,537,107,1,0,0,0,538,539,5, - 17,0,0,539,540,5,107,0,0,540,109,1,0,0,0,541,542,5,12,0,0,542,543,5,111, - 0,0,543,111,1,0,0,0,544,545,5,3,0,0,545,548,5,91,0,0,546,547,5,89,0,0,547, - 549,3,56,28,0,548,546,1,0,0,0,548,549,1,0,0,0,549,559,1,0,0,0,550,551,5, - 90,0,0,551,556,3,114,57,0,552,553,5,38,0,0,553,555,3,114,57,0,554,552,1, - 0,0,0,555,558,1,0,0,0,556,554,1,0,0,0,556,557,1,0,0,0,557,560,1,0,0,0,558, - 556,1,0,0,0,559,550,1,0,0,0,559,560,1,0,0,0,560,113,1,0,0,0,561,562,3,56, - 28,0,562,563,5,36,0,0,563,565,1,0,0,0,564,561,1,0,0,0,564,565,1,0,0,0,565, - 566,1,0,0,0,566,567,3,56,28,0,567,115,1,0,0,0,568,569,5,11,0,0,569,570, - 3,34,17,0,570,571,5,89,0,0,571,572,3,58,29,0,572,117,1,0,0,0,54,129,138, - 154,167,176,184,188,196,198,203,210,215,226,232,240,242,253,260,271,274, - 288,296,304,308,315,323,331,344,348,352,359,363,369,376,384,392,414,425, - 436,441,445,456,461,465,479,490,504,515,518,523,548,556,559,564]; + 7,53,2,54,7,54,2,55,7,55,2,56,7,56,2,57,7,57,2,58,7,58,2,59,7,59,2,60,7, + 60,1,0,1,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,5,1,132,8,1,10,1,12,1,135,9,1,1, + 2,1,2,1,2,1,2,1,2,1,2,3,2,143,8,2,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1,3,1, + 3,1,3,1,3,1,3,1,3,1,3,3,3,160,8,3,1,4,1,4,1,4,1,5,1,5,1,5,1,5,1,5,1,5,1, + 5,1,5,3,5,173,8,5,1,5,1,5,1,5,1,5,1,5,5,5,180,8,5,10,5,12,5,183,9,5,1,5, + 1,5,1,5,1,5,1,5,3,5,190,8,5,1,5,1,5,3,5,194,8,5,1,5,1,5,1,5,1,5,1,5,1,5, + 5,5,202,8,5,10,5,12,5,205,9,5,1,6,1,6,3,6,209,8,6,1,6,1,6,1,6,1,6,1,6,3, + 6,216,8,6,1,6,1,6,1,6,3,6,221,8,6,1,7,1,7,1,7,1,7,1,8,1,8,1,8,1,8,1,8,3, + 8,232,8,8,1,9,1,9,1,9,1,9,3,9,238,8,9,1,9,1,9,1,9,1,9,1,9,1,9,5,9,246,8, + 9,10,9,12,9,249,9,9,1,10,1,10,1,10,1,10,1,10,1,10,1,10,1,10,3,10,259,8, + 10,1,10,1,10,1,10,5,10,264,8,10,10,10,12,10,267,9,10,1,11,1,11,1,11,1,11, + 1,11,1,11,5,11,275,8,11,10,11,12,11,278,9,11,3,11,280,8,11,1,11,1,11,1, + 12,1,12,1,13,1,13,1,13,1,14,1,14,1,14,5,14,292,8,14,10,14,12,14,295,9,14, + 1,15,1,15,1,15,1,15,1,15,3,15,302,8,15,1,16,1,16,1,16,1,16,5,16,308,8,16, + 10,16,12,16,311,9,16,1,16,3,16,314,8,16,1,17,1,17,1,17,1,17,1,17,3,17,321, + 8,17,1,18,1,18,1,19,1,19,1,20,1,20,3,20,329,8,20,1,21,1,21,1,21,1,21,5, + 21,335,8,21,10,21,12,21,338,9,21,1,22,1,22,1,22,1,22,1,23,1,23,1,23,1,23, + 5,23,348,8,23,10,23,12,23,351,9,23,1,23,3,23,354,8,23,1,23,1,23,3,23,358, + 8,23,1,24,1,24,1,24,1,25,1,25,3,25,365,8,25,1,25,1,25,3,25,369,8,25,1,26, + 1,26,1,26,1,26,3,26,375,8,26,1,27,1,27,1,27,5,27,380,8,27,10,27,12,27,383, + 9,27,1,28,1,28,1,28,5,28,388,8,28,10,28,12,28,391,9,28,1,29,1,29,1,29,5, + 29,396,8,29,10,29,12,29,399,9,29,1,30,1,30,1,31,1,31,1,32,1,32,1,32,1,32, + 1,32,1,32,1,32,1,32,1,32,1,32,1,32,1,32,1,32,5,32,418,8,32,10,32,12,32, + 421,9,32,1,32,1,32,1,32,1,32,1,32,1,32,5,32,429,8,32,10,32,12,32,432,9, + 32,1,32,1,32,1,32,1,32,1,32,1,32,5,32,440,8,32,10,32,12,32,443,9,32,1,32, + 1,32,3,32,447,8,32,1,33,1,33,3,33,451,8,33,1,34,1,34,1,34,1,35,1,35,1,35, + 1,35,5,35,460,8,35,10,35,12,35,463,9,35,1,36,1,36,3,36,467,8,36,1,36,1, + 36,3,36,471,8,36,1,37,1,37,1,37,1,38,1,38,1,38,1,39,1,39,1,39,1,39,5,39, + 483,8,39,10,39,12,39,486,9,39,1,40,1,40,1,40,1,40,1,41,1,41,1,41,1,41,3, + 41,496,8,41,1,42,1,42,1,42,1,42,1,43,1,43,1,43,1,44,1,44,1,44,5,44,508, + 8,44,10,44,12,44,511,9,44,1,45,1,45,1,45,1,45,1,46,1,46,1,47,1,47,3,47, + 521,8,47,1,48,3,48,524,8,48,1,48,1,48,1,49,3,49,529,8,49,1,49,1,49,1,50, + 1,50,1,51,1,51,1,52,1,52,1,52,1,53,1,53,1,53,1,53,1,54,1,54,1,54,1,55,1, + 55,1,55,1,56,1,56,1,56,1,56,3,56,554,8,56,1,56,1,56,1,56,1,56,5,56,560, + 8,56,10,56,12,56,563,9,56,3,56,565,8,56,1,57,1,57,1,57,3,57,570,8,57,1, + 57,1,57,1,58,1,58,1,58,1,58,1,58,1,59,1,59,1,59,1,60,1,60,1,60,0,4,2,10, + 18,20,61,0,2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44, + 46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92, + 94,96,98,100,102,104,106,108,110,112,114,116,118,120,0,8,1,0,65,66,1,0, + 67,69,2,0,26,26,31,31,1,0,73,74,2,0,36,36,40,40,2,0,43,43,46,46,2,0,42, + 42,57,57,2,0,58,58,60,64,608,0,122,1,0,0,0,2,125,1,0,0,0,4,142,1,0,0,0, + 6,159,1,0,0,0,8,161,1,0,0,0,10,193,1,0,0,0,12,220,1,0,0,0,14,222,1,0,0, + 0,16,231,1,0,0,0,18,237,1,0,0,0,20,258,1,0,0,0,22,268,1,0,0,0,24,283,1, + 0,0,0,26,285,1,0,0,0,28,288,1,0,0,0,30,301,1,0,0,0,32,303,1,0,0,0,34,320, + 1,0,0,0,36,322,1,0,0,0,38,324,1,0,0,0,40,328,1,0,0,0,42,330,1,0,0,0,44, + 339,1,0,0,0,46,343,1,0,0,0,48,359,1,0,0,0,50,362,1,0,0,0,52,370,1,0,0,0, + 54,376,1,0,0,0,56,384,1,0,0,0,58,392,1,0,0,0,60,400,1,0,0,0,62,402,1,0, + 0,0,64,446,1,0,0,0,66,450,1,0,0,0,68,452,1,0,0,0,70,455,1,0,0,0,72,464, + 1,0,0,0,74,472,1,0,0,0,76,475,1,0,0,0,78,478,1,0,0,0,80,487,1,0,0,0,82, + 491,1,0,0,0,84,497,1,0,0,0,86,501,1,0,0,0,88,504,1,0,0,0,90,512,1,0,0,0, + 92,516,1,0,0,0,94,520,1,0,0,0,96,523,1,0,0,0,98,528,1,0,0,0,100,532,1,0, + 0,0,102,534,1,0,0,0,104,536,1,0,0,0,106,539,1,0,0,0,108,543,1,0,0,0,110, + 546,1,0,0,0,112,549,1,0,0,0,114,569,1,0,0,0,116,573,1,0,0,0,118,578,1,0, + 0,0,120,581,1,0,0,0,122,123,3,2,1,0,123,124,5,0,0,1,124,1,1,0,0,0,125,126, + 6,1,-1,0,126,127,3,4,2,0,127,133,1,0,0,0,128,129,10,1,0,0,129,130,5,30, + 0,0,130,132,3,6,3,0,131,128,1,0,0,0,132,135,1,0,0,0,133,131,1,0,0,0,133, + 134,1,0,0,0,134,3,1,0,0,0,135,133,1,0,0,0,136,143,3,104,52,0,137,143,3, + 32,16,0,138,143,3,26,13,0,139,143,3,46,23,0,140,143,3,108,54,0,141,143, + 3,110,55,0,142,136,1,0,0,0,142,137,1,0,0,0,142,138,1,0,0,0,142,139,1,0, + 0,0,142,140,1,0,0,0,142,141,1,0,0,0,143,5,1,0,0,0,144,160,3,48,24,0,145, + 160,3,52,26,0,146,160,3,68,34,0,147,160,3,116,58,0,148,160,3,74,37,0,149, + 160,3,70,35,0,150,160,3,50,25,0,151,160,3,8,4,0,152,160,3,76,38,0,153,160, + 3,78,39,0,154,160,3,82,41,0,155,160,3,84,42,0,156,160,3,112,56,0,157,160, + 3,86,43,0,158,160,3,118,59,0,159,144,1,0,0,0,159,145,1,0,0,0,159,146,1, + 0,0,0,159,147,1,0,0,0,159,148,1,0,0,0,159,149,1,0,0,0,159,150,1,0,0,0,159, + 151,1,0,0,0,159,152,1,0,0,0,159,153,1,0,0,0,159,154,1,0,0,0,159,155,1,0, + 0,0,159,156,1,0,0,0,159,157,1,0,0,0,159,158,1,0,0,0,160,7,1,0,0,0,161,162, + 5,20,0,0,162,163,3,10,5,0,163,9,1,0,0,0,164,165,6,5,-1,0,165,166,5,50,0, + 0,166,194,3,10,5,8,167,194,3,16,8,0,168,194,3,12,6,0,169,194,3,14,7,0,170, + 172,3,16,8,0,171,173,5,50,0,0,172,171,1,0,0,0,172,173,1,0,0,0,173,174,1, + 0,0,0,174,175,5,44,0,0,175,176,5,48,0,0,176,181,3,16,8,0,177,178,5,39,0, + 0,178,180,3,16,8,0,179,177,1,0,0,0,180,183,1,0,0,0,181,179,1,0,0,0,181, + 182,1,0,0,0,182,184,1,0,0,0,183,181,1,0,0,0,184,185,5,56,0,0,185,194,1, + 0,0,0,186,187,3,16,8,0,187,189,5,45,0,0,188,190,5,50,0,0,189,188,1,0,0, + 0,189,190,1,0,0,0,190,191,1,0,0,0,191,192,5,51,0,0,192,194,1,0,0,0,193, + 164,1,0,0,0,193,167,1,0,0,0,193,168,1,0,0,0,193,169,1,0,0,0,193,170,1,0, + 0,0,193,186,1,0,0,0,194,203,1,0,0,0,195,196,10,4,0,0,196,197,5,35,0,0,197, + 202,3,10,5,5,198,199,10,3,0,0,199,200,5,53,0,0,200,202,3,10,5,4,201,195, + 1,0,0,0,201,198,1,0,0,0,202,205,1,0,0,0,203,201,1,0,0,0,203,204,1,0,0,0, + 204,11,1,0,0,0,205,203,1,0,0,0,206,208,3,16,8,0,207,209,5,50,0,0,208,207, + 1,0,0,0,208,209,1,0,0,0,209,210,1,0,0,0,210,211,5,47,0,0,211,212,3,100, + 50,0,212,221,1,0,0,0,213,215,3,16,8,0,214,216,5,50,0,0,215,214,1,0,0,0, + 215,216,1,0,0,0,216,217,1,0,0,0,217,218,5,55,0,0,218,219,3,100,50,0,219, + 221,1,0,0,0,220,206,1,0,0,0,220,213,1,0,0,0,221,13,1,0,0,0,222,223,3,54, + 27,0,223,224,5,49,0,0,224,225,3,100,50,0,225,15,1,0,0,0,226,232,3,18,9, + 0,227,228,3,18,9,0,228,229,3,102,51,0,229,230,3,18,9,0,230,232,1,0,0,0, + 231,226,1,0,0,0,231,227,1,0,0,0,232,17,1,0,0,0,233,234,6,9,-1,0,234,238, + 3,20,10,0,235,236,7,0,0,0,236,238,3,18,9,3,237,233,1,0,0,0,237,235,1,0, + 0,0,238,247,1,0,0,0,239,240,10,2,0,0,240,241,7,1,0,0,241,246,3,18,9,3,242, + 243,10,1,0,0,243,244,7,0,0,0,244,246,3,18,9,2,245,239,1,0,0,0,245,242,1, + 0,0,0,246,249,1,0,0,0,247,245,1,0,0,0,247,248,1,0,0,0,248,19,1,0,0,0,249, + 247,1,0,0,0,250,251,6,10,-1,0,251,259,3,64,32,0,252,259,3,54,27,0,253,259, + 3,22,11,0,254,255,5,48,0,0,255,256,3,10,5,0,256,257,5,56,0,0,257,259,1, + 0,0,0,258,250,1,0,0,0,258,252,1,0,0,0,258,253,1,0,0,0,258,254,1,0,0,0,259, + 265,1,0,0,0,260,261,10,1,0,0,261,262,5,38,0,0,262,264,3,24,12,0,263,260, + 1,0,0,0,264,267,1,0,0,0,265,263,1,0,0,0,265,266,1,0,0,0,266,21,1,0,0,0, + 267,265,1,0,0,0,268,269,3,60,30,0,269,279,5,48,0,0,270,280,5,67,0,0,271, + 276,3,10,5,0,272,273,5,39,0,0,273,275,3,10,5,0,274,272,1,0,0,0,275,278, + 1,0,0,0,276,274,1,0,0,0,276,277,1,0,0,0,277,280,1,0,0,0,278,276,1,0,0,0, + 279,270,1,0,0,0,279,271,1,0,0,0,279,280,1,0,0,0,280,281,1,0,0,0,281,282, + 5,56,0,0,282,23,1,0,0,0,283,284,3,60,30,0,284,25,1,0,0,0,285,286,5,16,0, + 0,286,287,3,28,14,0,287,27,1,0,0,0,288,293,3,30,15,0,289,290,5,39,0,0,290, + 292,3,30,15,0,291,289,1,0,0,0,292,295,1,0,0,0,293,291,1,0,0,0,293,294,1, + 0,0,0,294,29,1,0,0,0,295,293,1,0,0,0,296,302,3,10,5,0,297,298,3,54,27,0, + 298,299,5,37,0,0,299,300,3,10,5,0,300,302,1,0,0,0,301,296,1,0,0,0,301,297, + 1,0,0,0,302,31,1,0,0,0,303,304,5,6,0,0,304,309,3,34,17,0,305,306,5,39,0, + 0,306,308,3,34,17,0,307,305,1,0,0,0,308,311,1,0,0,0,309,307,1,0,0,0,309, + 310,1,0,0,0,310,313,1,0,0,0,311,309,1,0,0,0,312,314,3,40,20,0,313,312,1, + 0,0,0,313,314,1,0,0,0,314,33,1,0,0,0,315,316,3,36,18,0,316,317,5,116,0, + 0,317,318,3,38,19,0,318,321,1,0,0,0,319,321,3,38,19,0,320,315,1,0,0,0,320, + 319,1,0,0,0,321,35,1,0,0,0,322,323,5,26,0,0,323,37,1,0,0,0,324,325,7,2, + 0,0,325,39,1,0,0,0,326,329,3,42,21,0,327,329,3,44,22,0,328,326,1,0,0,0, + 328,327,1,0,0,0,329,41,1,0,0,0,330,331,5,78,0,0,331,336,5,26,0,0,332,333, + 5,39,0,0,333,335,5,26,0,0,334,332,1,0,0,0,335,338,1,0,0,0,336,334,1,0,0, + 0,336,337,1,0,0,0,337,43,1,0,0,0,338,336,1,0,0,0,339,340,5,71,0,0,340,341, + 3,42,21,0,341,342,5,72,0,0,342,45,1,0,0,0,343,344,5,13,0,0,344,349,3,34, + 17,0,345,346,5,39,0,0,346,348,3,34,17,0,347,345,1,0,0,0,348,351,1,0,0,0, + 349,347,1,0,0,0,349,350,1,0,0,0,350,353,1,0,0,0,351,349,1,0,0,0,352,354, + 3,28,14,0,353,352,1,0,0,0,353,354,1,0,0,0,354,357,1,0,0,0,355,356,5,34, + 0,0,356,358,3,28,14,0,357,355,1,0,0,0,357,358,1,0,0,0,358,47,1,0,0,0,359, + 360,5,4,0,0,360,361,3,28,14,0,361,49,1,0,0,0,362,364,5,19,0,0,363,365,3, + 28,14,0,364,363,1,0,0,0,364,365,1,0,0,0,365,368,1,0,0,0,366,367,5,34,0, + 0,367,369,3,28,14,0,368,366,1,0,0,0,368,369,1,0,0,0,369,51,1,0,0,0,370, + 371,5,8,0,0,371,374,3,28,14,0,372,373,5,34,0,0,373,375,3,28,14,0,374,372, + 1,0,0,0,374,375,1,0,0,0,375,53,1,0,0,0,376,381,3,60,30,0,377,378,5,41,0, + 0,378,380,3,60,30,0,379,377,1,0,0,0,380,383,1,0,0,0,381,379,1,0,0,0,381, + 382,1,0,0,0,382,55,1,0,0,0,383,381,1,0,0,0,384,389,3,62,31,0,385,386,5, + 41,0,0,386,388,3,62,31,0,387,385,1,0,0,0,388,391,1,0,0,0,389,387,1,0,0, + 0,389,390,1,0,0,0,390,57,1,0,0,0,391,389,1,0,0,0,392,397,3,56,28,0,393, + 394,5,39,0,0,394,396,3,56,28,0,395,393,1,0,0,0,396,399,1,0,0,0,397,395, + 1,0,0,0,397,398,1,0,0,0,398,59,1,0,0,0,399,397,1,0,0,0,400,401,7,3,0,0, + 401,61,1,0,0,0,402,403,5,82,0,0,403,63,1,0,0,0,404,447,5,51,0,0,405,406, + 3,98,49,0,406,407,5,73,0,0,407,447,1,0,0,0,408,447,3,96,48,0,409,447,3, + 98,49,0,410,447,3,92,46,0,411,447,3,66,33,0,412,447,3,100,50,0,413,414, + 5,71,0,0,414,419,3,94,47,0,415,416,5,39,0,0,416,418,3,94,47,0,417,415,1, + 0,0,0,418,421,1,0,0,0,419,417,1,0,0,0,419,420,1,0,0,0,420,422,1,0,0,0,421, + 419,1,0,0,0,422,423,5,72,0,0,423,447,1,0,0,0,424,425,5,71,0,0,425,430,3, + 92,46,0,426,427,5,39,0,0,427,429,3,92,46,0,428,426,1,0,0,0,429,432,1,0, + 0,0,430,428,1,0,0,0,430,431,1,0,0,0,431,433,1,0,0,0,432,430,1,0,0,0,433, + 434,5,72,0,0,434,447,1,0,0,0,435,436,5,71,0,0,436,441,3,100,50,0,437,438, + 5,39,0,0,438,440,3,100,50,0,439,437,1,0,0,0,440,443,1,0,0,0,441,439,1,0, + 0,0,441,442,1,0,0,0,442,444,1,0,0,0,443,441,1,0,0,0,444,445,5,72,0,0,445, + 447,1,0,0,0,446,404,1,0,0,0,446,405,1,0,0,0,446,408,1,0,0,0,446,409,1,0, + 0,0,446,410,1,0,0,0,446,411,1,0,0,0,446,412,1,0,0,0,446,413,1,0,0,0,446, + 424,1,0,0,0,446,435,1,0,0,0,447,65,1,0,0,0,448,451,5,54,0,0,449,451,5,70, + 0,0,450,448,1,0,0,0,450,449,1,0,0,0,451,67,1,0,0,0,452,453,5,10,0,0,453, + 454,5,32,0,0,454,69,1,0,0,0,455,456,5,18,0,0,456,461,3,72,36,0,457,458, + 5,39,0,0,458,460,3,72,36,0,459,457,1,0,0,0,460,463,1,0,0,0,461,459,1,0, + 0,0,461,462,1,0,0,0,462,71,1,0,0,0,463,461,1,0,0,0,464,466,3,10,5,0,465, + 467,7,4,0,0,466,465,1,0,0,0,466,467,1,0,0,0,467,470,1,0,0,0,468,469,5,52, + 0,0,469,471,7,5,0,0,470,468,1,0,0,0,470,471,1,0,0,0,471,73,1,0,0,0,472, + 473,5,9,0,0,473,474,3,58,29,0,474,75,1,0,0,0,475,476,5,2,0,0,476,477,3, + 58,29,0,477,77,1,0,0,0,478,479,5,15,0,0,479,484,3,80,40,0,480,481,5,39, + 0,0,481,483,3,80,40,0,482,480,1,0,0,0,483,486,1,0,0,0,484,482,1,0,0,0,484, + 485,1,0,0,0,485,79,1,0,0,0,486,484,1,0,0,0,487,488,3,56,28,0,488,489,5, + 86,0,0,489,490,3,56,28,0,490,81,1,0,0,0,491,492,5,1,0,0,492,493,3,20,10, + 0,493,495,3,100,50,0,494,496,3,88,44,0,495,494,1,0,0,0,495,496,1,0,0,0, + 496,83,1,0,0,0,497,498,5,7,0,0,498,499,3,20,10,0,499,500,3,100,50,0,500, + 85,1,0,0,0,501,502,5,14,0,0,502,503,3,54,27,0,503,87,1,0,0,0,504,509,3, + 90,45,0,505,506,5,39,0,0,506,508,3,90,45,0,507,505,1,0,0,0,508,511,1,0, + 0,0,509,507,1,0,0,0,509,510,1,0,0,0,510,89,1,0,0,0,511,509,1,0,0,0,512, + 513,3,60,30,0,513,514,5,37,0,0,514,515,3,64,32,0,515,91,1,0,0,0,516,517, + 7,6,0,0,517,93,1,0,0,0,518,521,3,96,48,0,519,521,3,98,49,0,520,518,1,0, + 0,0,520,519,1,0,0,0,521,95,1,0,0,0,522,524,7,0,0,0,523,522,1,0,0,0,523, + 524,1,0,0,0,524,525,1,0,0,0,525,526,5,33,0,0,526,97,1,0,0,0,527,529,7,0, + 0,0,528,527,1,0,0,0,528,529,1,0,0,0,529,530,1,0,0,0,530,531,5,32,0,0,531, + 99,1,0,0,0,532,533,5,31,0,0,533,101,1,0,0,0,534,535,7,7,0,0,535,103,1,0, + 0,0,536,537,5,5,0,0,537,538,3,106,53,0,538,105,1,0,0,0,539,540,5,71,0,0, + 540,541,3,2,1,0,541,542,5,72,0,0,542,107,1,0,0,0,543,544,5,17,0,0,544,545, + 5,108,0,0,545,109,1,0,0,0,546,547,5,12,0,0,547,548,5,112,0,0,548,111,1, + 0,0,0,549,550,5,3,0,0,550,553,5,92,0,0,551,552,5,90,0,0,552,554,3,56,28, + 0,553,551,1,0,0,0,553,554,1,0,0,0,554,564,1,0,0,0,555,556,5,91,0,0,556, + 561,3,114,57,0,557,558,5,39,0,0,558,560,3,114,57,0,559,557,1,0,0,0,560, + 563,1,0,0,0,561,559,1,0,0,0,561,562,1,0,0,0,562,565,1,0,0,0,563,561,1,0, + 0,0,564,555,1,0,0,0,564,565,1,0,0,0,565,113,1,0,0,0,566,567,3,56,28,0,567, + 568,5,37,0,0,568,570,1,0,0,0,569,566,1,0,0,0,569,570,1,0,0,0,570,571,1, + 0,0,0,571,572,3,56,28,0,572,115,1,0,0,0,573,574,5,11,0,0,574,575,3,34,17, + 0,575,576,5,90,0,0,576,577,3,58,29,0,577,117,1,0,0,0,578,579,5,21,0,0,579, + 580,3,120,60,0,580,119,1,0,0,0,581,582,5,31,0,0,582,121,1,0,0,0,54,133, + 142,159,172,181,189,193,201,203,208,215,220,231,237,245,247,258,265,276, + 279,293,301,309,313,320,328,336,349,353,357,364,368,374,381,389,397,419, + 430,441,446,450,461,466,470,484,495,509,520,523,528,553,561,564,569]; private static __ATN: ATN; public static get _ATN(): ATN { @@ -3541,7 +3608,7 @@ export class QueryContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_query; } - public copyFrom(ctx: QueryContext): void { + public override copyFrom(ctx: QueryContext): void { super.copyFrom(ctx); } } @@ -3677,6 +3744,9 @@ export class ProcessingCommandContext extends ParserRuleContext { public mvExpandCommand(): MvExpandCommandContext { return this.getTypedRuleContext(MvExpandCommandContext, 0) as MvExpandCommandContext; } + public matchCommand(): MatchCommandContext { + return this.getTypedRuleContext(MatchCommandContext, 0) as MatchCommandContext; + } public get ruleIndex(): number { return esql_parser.RULE_processingCommand; } @@ -3728,7 +3798,7 @@ export class BooleanExpressionContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_booleanExpression; } - public copyFrom(ctx: BooleanExpressionContext): void { + public override copyFrom(ctx: BooleanExpressionContext): void { super.copyFrom(ctx); } } @@ -3959,8 +4029,8 @@ export class MatchBooleanExpressionContext extends ParserRuleContext { public qualifiedName(): QualifiedNameContext { return this.getTypedRuleContext(QualifiedNameContext, 0) as QualifiedNameContext; } - public MATCH(): TerminalNode { - return this.getToken(esql_parser.MATCH, 0); + public MATCH_OPERATOR(): TerminalNode { + return this.getToken(esql_parser.MATCH_OPERATOR, 0); } public string_(): StringContext { return this.getTypedRuleContext(StringContext, 0) as StringContext; @@ -3989,7 +4059,7 @@ export class ValueExpressionContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_valueExpression; } - public copyFrom(ctx: ValueExpressionContext): void { + public override copyFrom(ctx: ValueExpressionContext): void { super.copyFrom(ctx); } } @@ -4049,7 +4119,7 @@ export class OperatorExpressionContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_operatorExpression; } - public copyFrom(ctx: OperatorExpressionContext): void { + public override copyFrom(ctx: OperatorExpressionContext): void { super.copyFrom(ctx); } } @@ -4148,7 +4218,7 @@ export class PrimaryExpressionContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_primaryExpression; } - public copyFrom(ctx: PrimaryExpressionContext): void { + public override copyFrom(ctx: PrimaryExpressionContext): void { super.copyFrom(ctx); } } @@ -4314,7 +4384,7 @@ export class DataTypeContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_dataType; } - public copyFrom(ctx: DataTypeContext): void { + public override copyFrom(ctx: DataTypeContext): void { super.copyFrom(ctx); } } @@ -4944,7 +5014,7 @@ export class ConstantContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_constant; } - public copyFrom(ctx: ConstantContext): void { + public override copyFrom(ctx: ConstantContext): void { super.copyFrom(ctx); } } @@ -5196,7 +5266,7 @@ export class ParamsContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_params; } - public copyFrom(ctx: ParamsContext): void { + public override copyFrom(ctx: ParamsContext): void { super.copyFrom(ctx); } } @@ -5861,7 +5931,7 @@ export class ShowCommandContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_showCommand; } - public copyFrom(ctx: ShowCommandContext): void { + public override copyFrom(ctx: ShowCommandContext): void { super.copyFrom(ctx); } } @@ -5897,7 +5967,7 @@ export class MetaCommandContext extends ParserRuleContext { public get ruleIndex(): number { return esql_parser.RULE_metaCommand; } - public copyFrom(ctx: MetaCommandContext): void { + public override copyFrom(ctx: MetaCommandContext): void { super.copyFrom(ctx); } } @@ -6040,3 +6110,54 @@ export class LookupCommandContext extends ParserRuleContext { } } } + + +export class MatchCommandContext extends ParserRuleContext { + constructor(parser?: esql_parser, parent?: ParserRuleContext, invokingState?: number) { + super(parent, invokingState); + this.parser = parser; + } + public MATCH(): TerminalNode { + return this.getToken(esql_parser.MATCH, 0); + } + public matchQuery(): MatchQueryContext { + return this.getTypedRuleContext(MatchQueryContext, 0) as MatchQueryContext; + } + public get ruleIndex(): number { + return esql_parser.RULE_matchCommand; + } + public enterRule(listener: esql_parserListener): void { + if(listener.enterMatchCommand) { + listener.enterMatchCommand(this); + } + } + public exitRule(listener: esql_parserListener): void { + if(listener.exitMatchCommand) { + listener.exitMatchCommand(this); + } + } +} + + +export class MatchQueryContext extends ParserRuleContext { + constructor(parser?: esql_parser, parent?: ParserRuleContext, invokingState?: number) { + super(parent, invokingState); + this.parser = parser; + } + public QUOTED_STRING(): TerminalNode { + return this.getToken(esql_parser.QUOTED_STRING, 0); + } + public get ruleIndex(): number { + return esql_parser.RULE_matchQuery; + } + public enterRule(listener: esql_parserListener): void { + if(listener.enterMatchQuery) { + listener.enterMatchQuery(this); + } + } + public exitRule(listener: esql_parserListener): void { + if(listener.exitMatchQuery) { + listener.exitMatchQuery(this); + } + } +} diff --git a/packages/kbn-esql-ast/src/antlr/esql_parser_listener.ts b/packages/kbn-esql-ast/src/antlr/esql_parser_listener.ts index 13d5049a6ba9d..768ff5910602f 100644 --- a/packages/kbn-esql-ast/src/antlr/esql_parser_listener.ts +++ b/packages/kbn-esql-ast/src/antlr/esql_parser_listener.ts @@ -1,92 +1,94 @@ // @ts-nocheck -// Generated from src/antlr/esql_parser.g4 by ANTLR 4.13.1 +// Generated from src/antlr/esql_parser.g4 by ANTLR 4.13.2 import {ParseTreeListener} from "antlr4"; -import { SingleStatementContext } from "./esql_parser"; -import { CompositeQueryContext } from "./esql_parser"; -import { SingleCommandQueryContext } from "./esql_parser"; -import { SourceCommandContext } from "./esql_parser"; -import { ProcessingCommandContext } from "./esql_parser"; -import { WhereCommandContext } from "./esql_parser"; -import { MatchExpressionContext } from "./esql_parser"; -import { LogicalNotContext } from "./esql_parser"; -import { BooleanDefaultContext } from "./esql_parser"; -import { IsNullContext } from "./esql_parser"; -import { RegexExpressionContext } from "./esql_parser"; -import { LogicalInContext } from "./esql_parser"; -import { LogicalBinaryContext } from "./esql_parser"; -import { RegexBooleanExpressionContext } from "./esql_parser"; -import { MatchBooleanExpressionContext } from "./esql_parser"; -import { ValueExpressionDefaultContext } from "./esql_parser"; -import { ComparisonContext } from "./esql_parser"; -import { OperatorExpressionDefaultContext } from "./esql_parser"; -import { ArithmeticBinaryContext } from "./esql_parser"; -import { ArithmeticUnaryContext } from "./esql_parser"; -import { DereferenceContext } from "./esql_parser"; -import { InlineCastContext } from "./esql_parser"; -import { ConstantDefaultContext } from "./esql_parser"; -import { ParenthesizedExpressionContext } from "./esql_parser"; -import { FunctionContext } from "./esql_parser"; -import { FunctionExpressionContext } from "./esql_parser"; -import { ToDataTypeContext } from "./esql_parser"; -import { RowCommandContext } from "./esql_parser"; -import { FieldsContext } from "./esql_parser"; -import { FieldContext } from "./esql_parser"; -import { FromCommandContext } from "./esql_parser"; -import { IndexPatternContext } from "./esql_parser"; -import { ClusterStringContext } from "./esql_parser"; -import { IndexStringContext } from "./esql_parser"; -import { MetadataContext } from "./esql_parser"; -import { MetadataOptionContext } from "./esql_parser"; -import { Deprecated_metadataContext } from "./esql_parser"; -import { MetricsCommandContext } from "./esql_parser"; -import { EvalCommandContext } from "./esql_parser"; -import { StatsCommandContext } from "./esql_parser"; -import { InlinestatsCommandContext } from "./esql_parser"; -import { QualifiedNameContext } from "./esql_parser"; -import { QualifiedNamePatternContext } from "./esql_parser"; -import { QualifiedNamePatternsContext } from "./esql_parser"; -import { IdentifierContext } from "./esql_parser"; -import { IdentifierPatternContext } from "./esql_parser"; -import { NullLiteralContext } from "./esql_parser"; -import { QualifiedIntegerLiteralContext } from "./esql_parser"; -import { DecimalLiteralContext } from "./esql_parser"; -import { IntegerLiteralContext } from "./esql_parser"; -import { BooleanLiteralContext } from "./esql_parser"; -import { InputParamsContext } from "./esql_parser"; -import { StringLiteralContext } from "./esql_parser"; -import { NumericArrayLiteralContext } from "./esql_parser"; -import { BooleanArrayLiteralContext } from "./esql_parser"; -import { StringArrayLiteralContext } from "./esql_parser"; -import { InputParamContext } from "./esql_parser"; -import { InputNamedOrPositionalParamContext } from "./esql_parser"; -import { LimitCommandContext } from "./esql_parser"; -import { SortCommandContext } from "./esql_parser"; -import { OrderExpressionContext } from "./esql_parser"; -import { KeepCommandContext } from "./esql_parser"; -import { DropCommandContext } from "./esql_parser"; -import { RenameCommandContext } from "./esql_parser"; -import { RenameClauseContext } from "./esql_parser"; -import { DissectCommandContext } from "./esql_parser"; -import { GrokCommandContext } from "./esql_parser"; -import { MvExpandCommandContext } from "./esql_parser"; -import { CommandOptionsContext } from "./esql_parser"; -import { CommandOptionContext } from "./esql_parser"; -import { BooleanValueContext } from "./esql_parser"; -import { NumericValueContext } from "./esql_parser"; -import { DecimalValueContext } from "./esql_parser"; -import { IntegerValueContext } from "./esql_parser"; -import { StringContext } from "./esql_parser"; -import { ComparisonOperatorContext } from "./esql_parser"; -import { ExplainCommandContext } from "./esql_parser"; -import { SubqueryExpressionContext } from "./esql_parser"; -import { ShowInfoContext } from "./esql_parser"; -import { MetaFunctionsContext } from "./esql_parser"; -import { EnrichCommandContext } from "./esql_parser"; -import { EnrichWithClauseContext } from "./esql_parser"; -import { LookupCommandContext } from "./esql_parser"; +import { SingleStatementContext } from "./esql_parser.js"; +import { CompositeQueryContext } from "./esql_parser.js"; +import { SingleCommandQueryContext } from "./esql_parser.js"; +import { SourceCommandContext } from "./esql_parser.js"; +import { ProcessingCommandContext } from "./esql_parser.js"; +import { WhereCommandContext } from "./esql_parser.js"; +import { MatchExpressionContext } from "./esql_parser.js"; +import { LogicalNotContext } from "./esql_parser.js"; +import { BooleanDefaultContext } from "./esql_parser.js"; +import { IsNullContext } from "./esql_parser.js"; +import { RegexExpressionContext } from "./esql_parser.js"; +import { LogicalInContext } from "./esql_parser.js"; +import { LogicalBinaryContext } from "./esql_parser.js"; +import { RegexBooleanExpressionContext } from "./esql_parser.js"; +import { MatchBooleanExpressionContext } from "./esql_parser.js"; +import { ValueExpressionDefaultContext } from "./esql_parser.js"; +import { ComparisonContext } from "./esql_parser.js"; +import { OperatorExpressionDefaultContext } from "./esql_parser.js"; +import { ArithmeticBinaryContext } from "./esql_parser.js"; +import { ArithmeticUnaryContext } from "./esql_parser.js"; +import { DereferenceContext } from "./esql_parser.js"; +import { InlineCastContext } from "./esql_parser.js"; +import { ConstantDefaultContext } from "./esql_parser.js"; +import { ParenthesizedExpressionContext } from "./esql_parser.js"; +import { FunctionContext } from "./esql_parser.js"; +import { FunctionExpressionContext } from "./esql_parser.js"; +import { ToDataTypeContext } from "./esql_parser.js"; +import { RowCommandContext } from "./esql_parser.js"; +import { FieldsContext } from "./esql_parser.js"; +import { FieldContext } from "./esql_parser.js"; +import { FromCommandContext } from "./esql_parser.js"; +import { IndexPatternContext } from "./esql_parser.js"; +import { ClusterStringContext } from "./esql_parser.js"; +import { IndexStringContext } from "./esql_parser.js"; +import { MetadataContext } from "./esql_parser.js"; +import { MetadataOptionContext } from "./esql_parser.js"; +import { Deprecated_metadataContext } from "./esql_parser.js"; +import { MetricsCommandContext } from "./esql_parser.js"; +import { EvalCommandContext } from "./esql_parser.js"; +import { StatsCommandContext } from "./esql_parser.js"; +import { InlinestatsCommandContext } from "./esql_parser.js"; +import { QualifiedNameContext } from "./esql_parser.js"; +import { QualifiedNamePatternContext } from "./esql_parser.js"; +import { QualifiedNamePatternsContext } from "./esql_parser.js"; +import { IdentifierContext } from "./esql_parser.js"; +import { IdentifierPatternContext } from "./esql_parser.js"; +import { NullLiteralContext } from "./esql_parser.js"; +import { QualifiedIntegerLiteralContext } from "./esql_parser.js"; +import { DecimalLiteralContext } from "./esql_parser.js"; +import { IntegerLiteralContext } from "./esql_parser.js"; +import { BooleanLiteralContext } from "./esql_parser.js"; +import { InputParamsContext } from "./esql_parser.js"; +import { StringLiteralContext } from "./esql_parser.js"; +import { NumericArrayLiteralContext } from "./esql_parser.js"; +import { BooleanArrayLiteralContext } from "./esql_parser.js"; +import { StringArrayLiteralContext } from "./esql_parser.js"; +import { InputParamContext } from "./esql_parser.js"; +import { InputNamedOrPositionalParamContext } from "./esql_parser.js"; +import { LimitCommandContext } from "./esql_parser.js"; +import { SortCommandContext } from "./esql_parser.js"; +import { OrderExpressionContext } from "./esql_parser.js"; +import { KeepCommandContext } from "./esql_parser.js"; +import { DropCommandContext } from "./esql_parser.js"; +import { RenameCommandContext } from "./esql_parser.js"; +import { RenameClauseContext } from "./esql_parser.js"; +import { DissectCommandContext } from "./esql_parser.js"; +import { GrokCommandContext } from "./esql_parser.js"; +import { MvExpandCommandContext } from "./esql_parser.js"; +import { CommandOptionsContext } from "./esql_parser.js"; +import { CommandOptionContext } from "./esql_parser.js"; +import { BooleanValueContext } from "./esql_parser.js"; +import { NumericValueContext } from "./esql_parser.js"; +import { DecimalValueContext } from "./esql_parser.js"; +import { IntegerValueContext } from "./esql_parser.js"; +import { StringContext } from "./esql_parser.js"; +import { ComparisonOperatorContext } from "./esql_parser.js"; +import { ExplainCommandContext } from "./esql_parser.js"; +import { SubqueryExpressionContext } from "./esql_parser.js"; +import { ShowInfoContext } from "./esql_parser.js"; +import { MetaFunctionsContext } from "./esql_parser.js"; +import { EnrichCommandContext } from "./esql_parser.js"; +import { EnrichWithClauseContext } from "./esql_parser.js"; +import { LookupCommandContext } from "./esql_parser.js"; +import { MatchCommandContext } from "./esql_parser.js"; +import { MatchQueryContext } from "./esql_parser.js"; /** @@ -992,5 +994,25 @@ export default class esql_parserListener extends ParseTreeListener { * @param ctx the parse tree */ exitLookupCommand?: (ctx: LookupCommandContext) => void; + /** + * Enter a parse tree produced by `esql_parser.matchCommand`. + * @param ctx the parse tree + */ + enterMatchCommand?: (ctx: MatchCommandContext) => void; + /** + * Exit a parse tree produced by `esql_parser.matchCommand`. + * @param ctx the parse tree + */ + exitMatchCommand?: (ctx: MatchCommandContext) => void; + /** + * Enter a parse tree produced by `esql_parser.matchQuery`. + * @param ctx the parse tree + */ + enterMatchQuery?: (ctx: MatchQueryContext) => void; + /** + * Exit a parse tree produced by `esql_parser.matchQuery`. + * @param ctx the parse tree + */ + exitMatchQuery?: (ctx: MatchQueryContext) => void; } diff --git a/packages/kbn-esql-validation-autocomplete/scripts/generate_function_validation_tests.ts b/packages/kbn-esql-validation-autocomplete/scripts/generate_function_validation_tests.ts index f431d3cddb2c5..3118c78f0dbf7 100644 --- a/packages/kbn-esql-validation-autocomplete/scripts/generate_function_validation_tests.ts +++ b/packages/kbn-esql-validation-autocomplete/scripts/generate_function_validation_tests.ts @@ -991,6 +991,7 @@ const fieldTypesToConstants: Record = { // by the ES function definitions. Just making types happy time_literal: '1 day', unsupported: '', + date_nanos: '1420070400000', }; const supportedTypesAndFieldNames = fieldTypes.map((type) => ({ diff --git a/packages/kbn-esql-validation-autocomplete/src/autocomplete/__tests__/helpers.ts b/packages/kbn-esql-validation-autocomplete/src/autocomplete/__tests__/helpers.ts index 4c4ad9902ac8c..a05e8059d1308 100644 --- a/packages/kbn-esql-validation-autocomplete/src/autocomplete/__tests__/helpers.ts +++ b/packages/kbn-esql-validation-autocomplete/src/autocomplete/__tests__/helpers.ts @@ -286,7 +286,7 @@ export function getPolicyFields(policyName: string) { } export interface SuggestOptions { - ctx?: EditorContext; + triggerCharacter?: string; callbacks?: ESQLCallbacks; } @@ -301,9 +301,10 @@ export const setup = async (caret = '/') => { const pos = query.indexOf(caret); if (pos < 0) throw new Error(`User cursor/caret "${caret}" not found in query: ${query}`); const querySansCaret = query.slice(0, pos) + query.slice(pos + 1); - const ctx = - opts.ctx ?? - (pos > 0 ? { triggerKind: 1, triggerCharacter: query[pos - 1] } : { triggerKind: 0 }); + const ctx: EditorContext = opts.triggerCharacter + ? { triggerKind: 1, triggerCharacter: opts.triggerCharacter } + : { triggerKind: 0 }; + return await autocomplete.suggest( querySansCaret, pos, diff --git a/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.test.ts b/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.test.ts index dcb0aaa76adb8..dfae9d76a73af 100644 --- a/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.test.ts +++ b/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.test.ts @@ -37,6 +37,7 @@ import { getPolicyFields, PartialSuggestionWithText, TIME_PICKER_SUGGESTION, + setup, } from './__tests__/helpers'; import { METADATA_FIELDS } from '../shared/constants'; import { ESQL_COMMON_NUMERIC_TYPES, ESQL_STRING_TYPES } from '../shared/esql_types'; @@ -51,7 +52,6 @@ describe('autocomplete', () => { string, Array, string?, - number?, Parameters? ]; @@ -60,45 +60,17 @@ describe('autocomplete', () => { statement: string, expected: Array, triggerCharacter?: string, - _offset?: number, customCallbacksArgs: Parameters = [ undefined, undefined, undefined, ] ) => { - const context = createCompletionContext(triggerCharacter); const testFn = only ? test.only : skip ? test.skip : test; - const offset = _offset - ? _offset - : triggerCharacter - ? statement.lastIndexOf(triggerCharacter) + 1 - : statement.length; - testFn(statement, async () => { const callbackMocks = createCustomCallbackMocks(...customCallbacksArgs); - const suggestions = await suggest( - statement, - offset, - context, - async (text) => (text ? getAstAndSyntaxErrors(text) : { ast: [], errors: [] }), - callbackMocks - ); - - const sortedSuggestionTexts = suggestions.map((suggestion) => suggestion.text).sort(); - const sortedExpectedTexts = expected - .map((suggestion) => (typeof suggestion === 'string' ? suggestion : suggestion.text ?? '')) - .sort(); - - expect(sortedSuggestionTexts).toEqual(sortedExpectedTexts); - const expectedNonStringSuggestions = expected.filter( - (suggestion) => typeof suggestion !== 'string' - ) as PartialSuggestionWithText[]; - - for (const expectedSuggestion of expectedNonStringSuggestions) { - const suggestion = suggestions.find((s) => s.text === expectedSuggestion.text); - expect(suggestion).toEqual(expect.objectContaining(expectedSuggestion)); - } + const { assertSuggestions } = await setup(); + await assertSuggestions(statement, expected, { callbacks: callbackMocks, triggerCharacter }); }); }; @@ -121,29 +93,29 @@ describe('autocomplete', () => { describe('New command', () => { testSuggestions( - ' ', + '/', sourceCommands.map((name) => name.toUpperCase() + ' $0') ); testSuggestions( - 'from a | ', + 'from a | /', commandDefinitions .filter(({ name }) => !sourceCommands.includes(name)) .map(({ name }) => name.toUpperCase() + ' $0') ); testSuggestions( - 'from a [metadata _id] | ', + 'from a [metadata _id] | /', commandDefinitions .filter(({ name }) => !sourceCommands.includes(name)) .map(({ name }) => name.toUpperCase() + ' $0') ); testSuggestions( - 'from a | eval var0 = a | ', + 'from a | eval var0 = a | /', commandDefinitions .filter(({ name }) => !sourceCommands.includes(name)) .map(({ name }) => name.toUpperCase() + ' $0') ); testSuggestions( - 'from a [metadata _id] | eval var0 = a | ', + 'from a [metadata _id] | eval var0 = a | /', commandDefinitions .filter(({ name }) => !sourceCommands.includes(name)) .map(({ name }) => name.toUpperCase() + ' $0') @@ -151,9 +123,9 @@ describe('autocomplete', () => { }); describe('show', () => { - testSuggestions('show ', ['INFO']); + testSuggestions('show /', ['INFO']); for (const fn of ['info']) { - testSuggestions(`show ${fn} `, ['| ']); + testSuggestions(`show ${fn} /`, ['| ']); } }); @@ -161,16 +133,16 @@ describe('autocomplete', () => { const allEvalFns = getFunctionSignaturesByReturnType('where', 'any', { scalar: true, }); - testSuggestions('from a | where ', [ + testSuggestions('from a | where /', [ ...getFieldNamesByType('any').map((field) => `${field} `), ...allEvalFns, ]); - testSuggestions('from a | eval var0 = 1 | where ', [ + testSuggestions('from a | eval var0 = 1 | where /', [ ...getFieldNamesByType('any').map((name) => `${name} `), 'var0', ...allEvalFns, ]); - testSuggestions('from a | where keywordField ', [ + testSuggestions('from a | where keywordField /', [ // all functions compatible with a keywordField type ...getFunctionSignaturesByReturnType( 'where', @@ -188,27 +160,27 @@ describe('autocomplete', () => { scalar: true, }), ]; - testSuggestions('from a | where textField >= ', expectedComparisonWithTextFieldSuggestions); + testSuggestions('from a | where textField >= /', expectedComparisonWithTextFieldSuggestions); testSuggestions( - 'from a | where textField >= textField', + 'from a | where textField >= textField/', expectedComparisonWithTextFieldSuggestions ); for (const op of ['and', 'or']) { - testSuggestions(`from a | where keywordField >= keywordField ${op} `, [ + testSuggestions(`from a | where keywordField >= keywordField ${op} /`, [ ...getFieldNamesByType('any'), ...getFunctionSignaturesByReturnType('where', 'any', { scalar: true }), ]); - testSuggestions(`from a | where keywordField >= keywordField ${op} doubleField `, [ + testSuggestions(`from a | where keywordField >= keywordField ${op} doubleField /`, [ ...getFunctionSignaturesByReturnType('where', 'boolean', { builtin: true }, ['double']), ]); - testSuggestions(`from a | where keywordField >= keywordField ${op} doubleField == `, [ + testSuggestions(`from a | where keywordField >= keywordField ${op} doubleField == /`, [ ...getFieldNamesByType(ESQL_COMMON_NUMERIC_TYPES), ...getFunctionSignaturesByReturnType('where', ESQL_COMMON_NUMERIC_TYPES, { scalar: true, }), ]); } - testSuggestions('from a | stats a=avg(doubleField) | where a ', [ + testSuggestions('from a | stats a=avg(doubleField) | where a /', [ ...getFunctionSignaturesByReturnType('where', 'any', { builtin: true, skipAssign: true }, [ 'double', ]), @@ -217,16 +189,15 @@ describe('autocomplete', () => { // in this case the doubleField has been wiped by the STATS command and suggest cannot find it's type // @TODO: verify this is the correct behaviour in this case or if we want a "generic" suggestion anyway testSuggestions( - 'from a | stats a=avg(doubleField) | where doubleField ', + 'from a | stats a=avg(doubleField) | where doubleField /', [], undefined, - undefined, // make the fields suggest aware of the previous STATS, leave the other callbacks untouched [[{ name: 'a', type: 'double' }], undefined, undefined] ); // The editor automatically inject the final bracket, so it is not useful to test with just open bracket testSuggestions( - 'from a | where log10()', + 'from a | where log10(/)', [ ...getFieldNamesByType(log10ParameterTypes), ...getFunctionSignaturesByReturnType( @@ -239,12 +210,12 @@ describe('autocomplete', () => { ], '(' ); - testSuggestions('from a | where log10(doubleField) ', [ + testSuggestions('from a | where log10(doubleField) /', [ ...getFunctionSignaturesByReturnType('where', 'double', { builtin: true }, ['double']), ...getFunctionSignaturesByReturnType('where', 'boolean', { builtin: true }, ['double']), ]); testSuggestions( - 'from a | WHERE pow(doubleField, )', + 'from a | WHERE pow(doubleField, /)', [ ...getFieldNamesByType(powParameterTypes), ...getFunctionSignaturesByReturnType( @@ -258,44 +229,34 @@ describe('autocomplete', () => { ',' ); - testSuggestions('from index | WHERE keywordField not ', ['LIKE $0', 'RLIKE $0', 'IN $0']); - testSuggestions('from index | WHERE keywordField NOT ', ['LIKE $0', 'RLIKE $0', 'IN $0']); - testSuggestions('from index | WHERE not ', [ + testSuggestions('from index | WHERE keywordField not /', ['LIKE $0', 'RLIKE $0', 'IN $0']); + testSuggestions('from index | WHERE keywordField NOT /', ['LIKE $0', 'RLIKE $0', 'IN $0']); + testSuggestions('from index | WHERE not /', [ ...getFieldNamesByType('boolean'), ...getFunctionSignaturesByReturnType('eval', 'boolean', { scalar: true }), ]); - testSuggestions('from index | WHERE doubleField in ', ['( $0 )']); - testSuggestions('from index | WHERE doubleField not in ', ['( $0 )']); + testSuggestions('from index | WHERE doubleField in /', ['( $0 )']); + testSuggestions('from index | WHERE doubleField not in /', ['( $0 )']); testSuggestions( - 'from index | WHERE doubleField not in ( )', + 'from index | WHERE doubleField not in (/)', [ ...getFieldNamesByType('double').filter((name) => name !== 'doubleField'), ...getFunctionSignaturesByReturnType('where', 'double', { scalar: true }), ], '(' ); - testSuggestions( - 'from index | WHERE doubleField in ( `any#Char$Field`, )', - [ - ...getFieldNamesByType('double').filter( - (name) => name !== '`any#Char$Field`' && name !== 'doubleField' - ), - ...getFunctionSignaturesByReturnType('where', 'double', { scalar: true }), - ], - undefined, - 54 // after the first suggestions - ); - testSuggestions( - 'from index | WHERE doubleField not in ( `any#Char$Field`, )', - [ - ...getFieldNamesByType('double').filter( - (name) => name !== '`any#Char$Field`' && name !== 'doubleField' - ), - ...getFunctionSignaturesByReturnType('where', 'double', { scalar: true }), - ], - undefined, - 58 // after the first suggestions - ); + testSuggestions('from index | WHERE doubleField in ( `any#Char$Field`, /)', [ + ...getFieldNamesByType('double').filter( + (name) => name !== '`any#Char$Field`' && name !== 'doubleField' + ), + ...getFunctionSignaturesByReturnType('where', 'double', { scalar: true }), + ]); + testSuggestions('from index | WHERE doubleField not in ( `any#Char$Field`, /)', [ + ...getFieldNamesByType('double').filter( + (name) => name !== '`any#Char$Field`' && name !== 'doubleField' + ), + ...getFunctionSignaturesByReturnType('where', 'double', { scalar: true }), + ]); }); describe('grok', () => { @@ -310,11 +271,11 @@ describe('autocomplete', () => { for (const subExpression of subExpressions) { // Unskip once https://github.com/elastic/kibana/issues/190070 is fixed testSuggestions.skip( - `from a | ${subExpression} grok `, + `from a | ${subExpression} grok /`, getFieldNamesByType(ESQL_STRING_TYPES) ); - testSuggestions(`from a | ${subExpression} grok keywordField `, [constantPattern], ' '); - testSuggestions(`from a | ${subExpression} grok keywordField ${constantPattern} `, ['| ']); + testSuggestions(`from a | ${subExpression} grok keywordField /`, [constantPattern], ' '); + testSuggestions(`from a | ${subExpression} grok keywordField ${constantPattern} /`, ['| ']); } }); @@ -329,69 +290,74 @@ describe('autocomplete', () => { for (const subExpression of subExpressions) { // Unskip once https://github.com/elastic/kibana/issues/190070 is fixed testSuggestions.skip( - `from a | ${subExpression} dissect `, + `from a | ${subExpression} dissect /`, getFieldNamesByType(ESQL_STRING_TYPES) ); - testSuggestions(`from a | ${subExpression} dissect keywordField `, [constantPattern], ' '); + testSuggestions(`from a | ${subExpression} dissect keywordField /`, [constantPattern], ' '); testSuggestions( - `from a | ${subExpression} dissect keywordField ${constantPattern} `, + `from a | ${subExpression} dissect keywordField ${constantPattern} /`, ['APPEND_SEPARATOR = $0', '| '], ' ' ); testSuggestions( - `from a | ${subExpression} dissect keywordField ${constantPattern} append_separator = `, + `from a | ${subExpression} dissect keywordField ${constantPattern} append_separator = /`, ['":"', '";"'] ); testSuggestions( - `from a | ${subExpression} dissect keywordField ${constantPattern} append_separator = ":" `, + `from a | ${subExpression} dissect keywordField ${constantPattern} append_separator = ":" /`, ['| '] ); } }); describe('sort', () => { - testSuggestions('from a | sort ', [ + testSuggestions('from a | sort /', [ ...getFieldNamesByType('any').map((name) => `${name} `), ...getFunctionSignaturesByReturnType('sort', 'any', { scalar: true }), ]); - testSuggestions('from a | sort keywordField ', ['ASC ', 'DESC ', ',', '| ']); - testSuggestions('from a | sort keywordField desc ', ['NULLS FIRST ', 'NULLS LAST ', ',', '| ']); + testSuggestions('from a | sort keywordField /', ['ASC ', 'DESC ', ',', '| ']); + testSuggestions('from a | sort keywordField desc /', [ + 'NULLS FIRST ', + 'NULLS LAST ', + ',', + '| ', + ]); // @TODO: improve here // testSuggestions('from a | sort keywordField desc ', ['first', 'last']); }); describe('limit', () => { - testSuggestions('from a | limit ', ['10 ', '100 ', '1000 ']); - testSuggestions('from a | limit 4 ', ['| ']); + testSuggestions('from a | limit /', ['10 ', '100 ', '1000 ']); + testSuggestions('from a | limit 4 /', ['| ']); }); describe('mv_expand', () => { - testSuggestions('from a | mv_expand ', getFieldNamesByType('any')); - testSuggestions('from a | mv_expand a ', ['| ']); + testSuggestions('from a | mv_expand /', getFieldNamesByType('any')); + testSuggestions('from a | mv_expand a /', ['| ']); }); describe('rename', () => { - testSuggestions('from a | rename ', getFieldNamesByType('any')); - testSuggestions('from a | rename keywordField ', ['AS $0'], ' '); - testSuggestions('from a | rename keywordField as ', ['var0']); + testSuggestions('from a | rename /', getFieldNamesByType('any')); + testSuggestions('from a | rename keywordField /', ['AS $0'], ' '); + testSuggestions('from a | rename keywordField as /', ['var0']); }); for (const command of ['keep', 'drop']) { describe(command, () => { - testSuggestions(`from a | ${command} `, getFieldNamesByType('any')); + testSuggestions(`from a | ${command} /`, getFieldNamesByType('any')); testSuggestions( - `from a | ${command} keywordField, `, + `from a | ${command} keywordField, /`, getFieldNamesByType('any').filter((name) => name !== 'keywordField') ); testSuggestions( - `from a | ${command} keywordField,`, + `from a | ${command} keywordField,/`, getFieldNamesByType('any').filter((name) => name !== 'keywordField'), ',' ); testSuggestions( - `from a_index | eval round(doubleField) + 1 | eval \`round(doubleField) + 1\` + 1 | eval \`\`\`round(doubleField) + 1\`\` + 1\` + 1 | eval \`\`\`\`\`\`\`round(doubleField) + 1\`\`\`\` + 1\`\` + 1\` + 1 | eval \`\`\`\`\`\`\`\`\`\`\`\`\`\`\`round(doubleField) + 1\`\`\`\`\`\`\`\` + 1\`\`\`\` + 1\`\` + 1\` + 1 | ${command} `, + `from a_index | eval round(doubleField) + 1 | eval \`round(doubleField) + 1\` + 1 | eval \`\`\`round(doubleField) + 1\`\` + 1\` + 1 | eval \`\`\`\`\`\`\`round(doubleField) + 1\`\`\`\` + 1\`\` + 1\` + 1 | eval \`\`\`\`\`\`\`\`\`\`\`\`\`\`\`round(doubleField) + 1\`\`\`\`\`\`\`\` + 1\`\`\`\` + 1\`\` + 1\` + 1 | ${command} /`, [ ...getFieldNamesByType('any'), '`round(doubleField) + 1`', @@ -413,52 +379,51 @@ describe('autocomplete', () => { // '| enrich other-policy on b ', // '| enrich other-policy with c ', ]) { - testSuggestions(`from a ${prevCommand}| enrich `, policyNames); + testSuggestions(`from a ${prevCommand}| enrich /`, policyNames); testSuggestions( - `from a ${prevCommand}| enrich _`, + `from a ${prevCommand}| enrich _/`, modes.map((mode) => `_${mode}:$0`), '_' ); for (const mode of modes) { - testSuggestions(`from a ${prevCommand}| enrich _${mode}:`, policyNames, ':'); - testSuggestions(`from a ${prevCommand}| enrich _${mode.toUpperCase()}:`, policyNames, ':'); - testSuggestions(`from a ${prevCommand}| enrich _${camelCase(mode)}:`, policyNames, ':'); + testSuggestions(`from a ${prevCommand}| enrich _${mode}:/`, policyNames, ':'); + testSuggestions(`from a ${prevCommand}| enrich _${mode.toUpperCase()}:/`, policyNames, ':'); + testSuggestions(`from a ${prevCommand}| enrich _${camelCase(mode)}:/`, policyNames, ':'); } - testSuggestions(`from a ${prevCommand}| enrich policy `, ['ON $0', 'WITH $0', '| ']); - testSuggestions(`from a ${prevCommand}| enrich policy on `, getFieldNamesByType('any')); - testSuggestions(`from a ${prevCommand}| enrich policy on b `, ['WITH $0', ',', '| ']); + testSuggestions(`from a ${prevCommand}| enrich policy /`, ['ON $0', 'WITH $0', '| ']); + testSuggestions(`from a ${prevCommand}| enrich policy on /`, getFieldNamesByType('any')); + testSuggestions(`from a ${prevCommand}| enrich policy on b /`, ['WITH $0', ',', '| ']); testSuggestions( - `from a ${prevCommand}| enrich policy on b with `, + `from a ${prevCommand}| enrich policy on b with /`, ['var0 = ', ...getPolicyFields('policy')], ' ' ); - testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 `, ['= $0', ',', '| ']); - testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 = `, [ + testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 /`, ['= $0', ',', '| ']); + testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 = /`, [ ...getPolicyFields('policy'), ]); - testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 = keywordField `, [ + testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 = keywordField /`, [ ',', '| ', ]); - testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 = keywordField, `, [ + testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 = keywordField, /`, [ 'var1 = ', ...getPolicyFields('policy'), ]); - testSuggestions(`from a ${prevCommand}| enrich policy on b with var0 = keywordField, var1 `, [ - '= $0', - ',', - '| ', - ]); testSuggestions( - `from a ${prevCommand}| enrich policy on b with var0 = keywordField, var1 = `, + `from a ${prevCommand}| enrich policy on b with var0 = keywordField, var1 /`, + ['= $0', ',', '| '] + ); + testSuggestions( + `from a ${prevCommand}| enrich policy on b with var0 = keywordField, var1 = /`, [...getPolicyFields('policy')] ); testSuggestions( - `from a ${prevCommand}| enrich policy with `, + `from a ${prevCommand}| enrich policy with /`, ['var0 = ', ...getPolicyFields('policy')], ' ' ); - testSuggestions(`from a ${prevCommand}| enrich policy with keywordField `, [ + testSuggestions(`from a ${prevCommand}| enrich policy with keywordField /`, [ '= $0', ',', '| ', @@ -467,53 +432,52 @@ describe('autocomplete', () => { }); describe('eval', () => { - testSuggestions('from a | eval ', [ + testSuggestions('from a | eval /', [ 'var0 = ', ...getFieldNamesByType('any'), ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), ]); - testSuggestions('from a | eval doubleField ', [ + testSuggestions('from a | eval doubleField /', [ ...getFunctionSignaturesByReturnType('eval', 'any', { builtin: true, skipAssign: true }, [ 'double', ]), ',', '| ', ]); - testSuggestions('from index | EVAL keywordField not ', ['LIKE $0', 'RLIKE $0', 'IN $0']); - testSuggestions('from index | EVAL keywordField NOT ', ['LIKE $0', 'RLIKE $0', 'IN $0']); - testSuggestions('from index | EVAL doubleField in ', ['( $0 )']); + testSuggestions('from index | EVAL keywordField not /', ['LIKE $0', 'RLIKE $0', 'IN $0']); + testSuggestions('from index | EVAL keywordField NOT /', ['LIKE $0', 'RLIKE $0', 'IN $0']); + testSuggestions('from index | EVAL doubleField in /', ['( $0 )']); testSuggestions( - 'from index | EVAL doubleField in ( )', + 'from index | EVAL doubleField in (/)', [ ...getFieldNamesByType('double').filter((name) => name !== 'doubleField'), ...getFunctionSignaturesByReturnType('eval', 'double', { scalar: true }), ], '(' ); - testSuggestions('from index | EVAL doubleField not in ', ['( $0 )']); - testSuggestions('from index | EVAL not ', [ + testSuggestions('from index | EVAL doubleField not in /', ['( $0 )']); + testSuggestions('from index | EVAL not /', [ ...getFieldNamesByType('boolean'), ...getFunctionSignaturesByReturnType('eval', 'boolean', { scalar: true }), ]); - testSuggestions('from a | eval a=', [ - ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), - ]); - testSuggestions('from a | eval a=abs(doubleField), b= ', [ - ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), - ]); - testSuggestions('from a | eval a=doubleField, ', [ + testSuggestions( + 'from a | eval a=/', + [...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true })], + '=' + ); + testSuggestions( + 'from a | eval a=abs(doubleField), b= /', + [...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true })], + '=' + ); + testSuggestions('from a | eval a=doubleField, /', [ 'var0 = ', ...getFieldNamesByType('any'), 'a', ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), ]); - // Skip this test until the insensitive case equality gets restored back - testSuggestions.skip('from a | eval a=keywordField =~ ', [ - ...getFieldNamesByType(ESQL_STRING_TYPES), - ...getFunctionSignaturesByReturnType('eval', ESQL_STRING_TYPES, { scalar: true }), - ]); testSuggestions( - 'from a | eval a=round()', + 'from a | eval a=round(/)', [ ...getFieldNamesByType(roundParameterTypes), ...getFunctionSignaturesByReturnType( @@ -527,29 +491,29 @@ describe('autocomplete', () => { '(' ); testSuggestions( - 'from a | eval a=raund()', // note the typo in round + 'from a | eval a=raund(/)', // note the typo in round [], '(' ); testSuggestions( - 'from a | eval a=raund(', // note the typo in round + 'from a | eval a=raund(/', // note the typo in round [] ); testSuggestions( - 'from a | eval raund(', // note the typo in round + 'from a | eval raund(/', // note the typo in round [] ); testSuggestions( - 'from a | eval raund(5, ', // note the typo in round + 'from a | eval raund(5, /', // note the typo in round [], ' ' ); testSuggestions( - 'from a | eval var0 = raund(5, ', // note the typo in round + 'from a | eval var0 = raund(5, /', // note the typo in round [], ' ' ); - testSuggestions('from a | eval a=round(doubleField) ', [ + testSuggestions('from a | eval a=round(doubleField) /', [ ',', '| ', ...getFunctionSignaturesByReturnType('eval', 'any', { builtin: true, skipAssign: true }, [ @@ -557,7 +521,7 @@ describe('autocomplete', () => { ]), ]); testSuggestions( - 'from a | eval a=round(doubleField, ', + 'from a | eval a=round(doubleField, /', [ ...getFieldNamesByType('integer'), ...getFunctionSignaturesByReturnType('eval', 'integer', { scalar: true }, undefined, [ @@ -567,7 +531,7 @@ describe('autocomplete', () => { ' ' ); testSuggestions( - 'from a | eval round(doubleField, ', + 'from a | eval round(doubleField, /', [ ...getFieldNamesByType('integer'), ...getFunctionSignaturesByReturnType('eval', 'integer', { scalar: true }, undefined, [ @@ -576,50 +540,49 @@ describe('autocomplete', () => { ], ' ' ); - testSuggestions('from a | eval a=round(doubleField),', [ + testSuggestions('from a | eval a=round(doubleField),/', [ 'var0 = ', ...getFieldNamesByType('any'), 'a', ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), ]); - testSuggestions('from a | eval a=round(doubleField) + ', [ + testSuggestions('from a | eval a=round(doubleField) + /', [ ...getFieldNamesByType(ESQL_COMMON_NUMERIC_TYPES), ...getFunctionSignaturesByReturnType('eval', ESQL_COMMON_NUMERIC_TYPES, { scalar: true, }), ]); - testSuggestions('from a | eval a=round(doubleField)+ ', [ + testSuggestions('from a | eval a=round(doubleField)+ /', [ ...getFieldNamesByType(ESQL_COMMON_NUMERIC_TYPES), ...getFunctionSignaturesByReturnType('eval', ESQL_COMMON_NUMERIC_TYPES, { scalar: true, }), ]); - testSuggestions('from a | eval a=doubleField+ ', [ + testSuggestions('from a | eval a=doubleField+ /', [ ...getFieldNamesByType(ESQL_COMMON_NUMERIC_TYPES), ...getFunctionSignaturesByReturnType('eval', ESQL_COMMON_NUMERIC_TYPES, { scalar: true, }), ]); - testSuggestions('from a | eval a=`any#Char$Field`+ ', [ + testSuggestions('from a | eval a=`any#Char$Field`+ /', [ ...getFieldNamesByType(ESQL_COMMON_NUMERIC_TYPES), ...getFunctionSignaturesByReturnType('eval', ESQL_COMMON_NUMERIC_TYPES, { scalar: true, }), ]); testSuggestions( - 'from a | stats avg(doubleField) by keywordField | eval ', + 'from a | stats avg(doubleField) by keywordField | eval /', [ 'var0 = ', '`avg(doubleField)`', ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), ], ' ', - undefined, // make aware EVAL of the previous STATS command [[], undefined, undefined] ); testSuggestions( - 'from a | eval abs(doubleField) + 1 | eval ', + 'from a | eval abs(doubleField) + 1 | eval /', [ 'var0 = ', ...getFieldNamesByType('any'), @@ -629,19 +592,18 @@ describe('autocomplete', () => { ' ' ); testSuggestions( - 'from a | stats avg(doubleField) by keywordField | eval ', + 'from a | stats avg(doubleField) by keywordField | eval /', [ 'var0 = ', '`avg(doubleField)`', ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), ], ' ', - undefined, // make aware EVAL of the previous STATS command with the buggy field name from expression [[{ name: 'avg_doubleField_', type: 'double' }], undefined, undefined] ); testSuggestions( - 'from a | stats avg(doubleField), avg(kubernetes.something.something) by keywordField | eval ', + 'from a | stats avg(doubleField), avg(kubernetes.something.something) by keywordField | eval /', [ 'var0 = ', '`avg(doubleField)`', @@ -649,7 +611,6 @@ describe('autocomplete', () => { ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), ], ' ', - undefined, // make aware EVAL of the previous STATS command with the buggy field name from expression [ [ @@ -662,7 +623,7 @@ describe('autocomplete', () => { ); testSuggestions( - 'from a | eval a=round(doubleField), b=round()', + 'from a | eval a=round(doubleField), b=round(/)', [ ...getFieldNamesByType(roundParameterTypes), ...getFunctionSignaturesByReturnType( @@ -676,7 +637,7 @@ describe('autocomplete', () => { '(' ); // test that comma is correctly added to the suggestions if minParams is not reached yet - testSuggestions('from a | eval a=concat( ', [ + testSuggestions('from a | eval a=concat( /', [ ...getFieldNamesByType(['text', 'keyword']).map((v) => `${v}, `), ...getFunctionSignaturesByReturnType( 'eval', @@ -687,7 +648,7 @@ describe('autocomplete', () => { ).map((v) => ({ ...v, text: `${v.text},` })), ]); testSuggestions( - 'from a | eval a=concat(textField, ', + 'from a | eval a=concat(textField, /', [ ...getFieldNamesByType(['text', 'keyword']), ...getFunctionSignaturesByReturnType( @@ -702,7 +663,7 @@ describe('autocomplete', () => { ); // test that the arg type is correct after minParams testSuggestions( - 'from a | eval a=cidr_match(ipField, textField, ', + 'from a | eval a=cidr_match(ipField, textField, /', [ ...getFieldNamesByType('text'), ...getFunctionSignaturesByReturnType('eval', 'text', { scalar: true }, undefined, [ @@ -712,14 +673,14 @@ describe('autocomplete', () => { ' ' ); // test that comma is correctly added to the suggestions if minParams is not reached yet - testSuggestions('from a | eval a=cidr_match( ', [ + testSuggestions('from a | eval a=cidr_match(/', [ ...getFieldNamesByType('ip').map((v) => `${v}, `), ...getFunctionSignaturesByReturnType('eval', 'ip', { scalar: true }, undefined, [ 'cidr_match', ]).map((v) => ({ ...v, text: `${v.text},` })), ]); testSuggestions( - 'from a | eval a=cidr_match(ipField, ', + 'from a | eval a=cidr_match(ipField, /', [ ...getFieldNamesByType(['text', 'keyword']), ...getFunctionSignaturesByReturnType( @@ -739,7 +700,7 @@ describe('autocomplete', () => { for (const nesting of [1, 2, 3, 4]) { testSuggestions( - `from a | eval a=${Array(nesting).fill('round(').join('')}`, + `from a | eval a=${Array(nesting).fill('round(/').join('')}`, [ ...getFieldNamesByType(roundParameterTypes), ...getFunctionSignaturesByReturnType( @@ -757,33 +718,19 @@ describe('autocomplete', () => { const absParameterTypes = ['double', 'integer', 'long', 'unsigned_long'] as const; // Smoke testing for suggestions in previous position than the end of the statement - testSuggestions( - 'from a | eval var0 = abs(doubleField) | eval abs(var0)', - [ - ',', - '| ', - ...getFunctionSignaturesByReturnType('eval', 'any', { builtin: true, skipAssign: true }, [ - 'double', - ]), - ], - undefined, - 38 /* " " after abs(b) */ - ); - testSuggestions( - 'from a | eval var0 = abs(b) | eval abs(var0)', - [ - ...getFieldNamesByType(absParameterTypes), - ...getFunctionSignaturesByReturnType( - 'eval', - absParameterTypes, - { scalar: true }, - undefined, - ['abs'] - ), - ], - undefined, - 26 /* b column in abs */ - ); + testSuggestions('from a | eval var0 = abs(doubleField) / | eval abs(var0)', [ + ',', + '| ', + ...getFunctionSignaturesByReturnType('eval', 'any', { builtin: true, skipAssign: true }, [ + 'double', + ]), + ]); + testSuggestions('from a | eval var0 = abs(b/) | eval abs(var0)', [ + ...getFieldNamesByType(absParameterTypes), + ...getFunctionSignaturesByReturnType('eval', absParameterTypes, { scalar: true }, undefined, [ + 'abs', + ]), + ]); // Test suggestions for each possible param, within each signature variation, for each function for (const fn of evalFunctionDefinitions) { @@ -823,7 +770,7 @@ describe('autocomplete', () => { }; testSuggestions( - `from a | eval ${fn.name}(${Array(i).fill('field').join(', ')}${i ? ',' : ''} )`, + `from a | eval ${fn.name}(${Array(i).fill('field').join(', ')}${i ? ',' : ''} /)`, suggestedConstants?.length ? suggestedConstants.map((option) => `"${option}"${requiresMoreArgs ? ', ' : ''}`) : [ @@ -847,7 +794,7 @@ describe('autocomplete', () => { testSuggestions( `from a | eval var0 = ${fn.name}(${Array(i).fill('field').join(', ')}${ i ? ',' : '' - } )`, + } /)`, suggestedConstants?.length ? suggestedConstants.map((option) => `"${option}"${requiresMoreArgs ? ', ' : ''}`) : [ @@ -883,7 +830,7 @@ describe('autocomplete', () => { const requiresMoreArgs = true; testSuggestions( - `from a | eval ${fn.name}(`, + `from a | eval ${fn.name}(/`, suggestedConstants?.length ? [...suggestedConstants.map((option) => `"${option}"${requiresMoreArgs ? ', ' : ''}`)] : [] @@ -891,13 +838,13 @@ describe('autocomplete', () => { } } - testSuggestions('from a | eval var0 = bucket(@timestamp, ', getUnitDuration(1), ' '); + testSuggestions('from a | eval var0 = bucket(@timestamp, /', getUnitDuration(1), ' '); describe('date math', () => { const dateSuggestions = timeUnitsToSuggest.map(({ name }) => name); // If a literal number is detected then suggest also date period keywords testSuggestions( - 'from a | eval a = 1 ', + 'from a | eval a = 1 /', [ ...dateSuggestions, ',', @@ -908,16 +855,16 @@ describe('autocomplete', () => { ], ' ' ); - testSuggestions('from a | eval a = 1 year ', [ + testSuggestions('from a | eval a = 1 year /', [ ',', '| ', ...getFunctionSignaturesByReturnType('eval', 'any', { builtin: true, skipAssign: true }, [ 'time_interval', ]), ]); - testSuggestions('from a | eval a = 1 day + 2 ', [',', '| ']); + testSuggestions('from a | eval a = 1 day + 2 /', [',', '| ']); testSuggestions( - 'from a | eval 1 day + 2 ', + 'from a | eval 1 day + 2 /', [ ...dateSuggestions, ...getFunctionSignaturesByReturnType('eval', 'any', { builtin: true, skipAssign: true }, [ @@ -927,12 +874,12 @@ describe('autocomplete', () => { ' ' ); testSuggestions( - 'from a | eval var0=date_trunc()', + 'from a | eval var0=date_trunc(/)', getLiteralsByType('time_literal').map((t) => `${t}, `), '(' ); testSuggestions( - 'from a | eval var0=date_trunc(2 )', + 'from a | eval var0=date_trunc(2 /)', [...dateSuggestions.map((t) => `${t}, `), ','], ' ' ); @@ -940,26 +887,26 @@ describe('autocomplete', () => { }); describe('values suggestions', () => { - testSuggestions('FROM "a"', ['a ', 'b '], undefined, 7, [ + testSuggestions('FROM "a/"', ['a ', 'b '], undefined, [ , [ { name: 'a', hidden: false }, { name: 'b', hidden: false }, ], ]); - testSuggestions('FROM " "', [], ' '); + testSuggestions('FROM " /"', [], ' '); // TODO — re-enable these tests when we can support this case - testSuggestions.skip('FROM " a"', [], undefined, 9); - testSuggestions.skip('FROM "foo b"', [], undefined, 11); - testSuggestions('FROM a | WHERE tags == " "', [], ' '); - testSuggestions('FROM a | WHERE tags == """ """', [], ' '); - testSuggestions('FROM a | WHERE tags == "a"', [], undefined, 25); - testSuggestions('FROM a | EVAL tags == " "', [], ' '); - testSuggestions('FROM a | EVAL tags == "a"', [], undefined, 24); - testSuggestions('FROM a | STATS tags == " "', [], ' '); - testSuggestions('FROM a | STATS tags == "a"', [], undefined, 25); - testSuggestions('FROM a | GROK "a" "%{WORD:firstWord}"', [], undefined, 16); - testSuggestions('FROM a | DISSECT "a" "%{WORD:firstWord}"', [], undefined, 19); + testSuggestions.skip('FROM " a/"', []); + testSuggestions.skip('FROM "foo b/"', []); + testSuggestions('FROM a | WHERE tags == " /"', [], ' '); + testSuggestions('FROM a | WHERE tags == """ /"""', [], ' '); + testSuggestions('FROM a | WHERE tags == "a/"', []); + testSuggestions('FROM a | EVAL tags == " /"', [], ' '); + testSuggestions('FROM a | EVAL tags == "a"/', []); + testSuggestions('FROM a | STATS tags == " /"', [], ' '); + testSuggestions('FROM a | STATS tags == "a/"', []); + testSuggestions('FROM a | GROK "a/" "%{WORD:firstWord}"', []); + testSuggestions('FROM a | DISSECT "a/" "%{WORD:firstWord}"', []); }); describe('callbacks', () => { @@ -1009,39 +956,30 @@ describe('autocomplete', () => { describe('Invoke trigger kind (all commands)', () => { // source command testSuggestions( - 'f', - sourceCommands.map((cmd) => `${cmd.toUpperCase()} $0`), - undefined, - 1 + 'f/', + sourceCommands.map((cmd) => `${cmd.toUpperCase()} $0`) ); // pipe command testSuggestions( - 'FROM k | E', + 'FROM k | E/', commandDefinitions .filter(({ name }) => !sourceCommands.includes(name)) - .map(({ name }) => name.toUpperCase() + ' $0'), - undefined, - 10 + .map(({ name }) => name.toUpperCase() + ' $0') ); describe('function arguments', () => { // function argument - testSuggestions( - 'FROM kibana_sample_data_logs | EVAL TRIM(e)', - [ - ...getFieldNamesByType(['text', 'keyword']), - ...getFunctionSignaturesByReturnType( - 'eval', - ['text', 'keyword'], - { scalar: true }, - undefined, - ['trim'] - ), - ], - undefined, - 42 - ); + testSuggestions('FROM kibana_sample_data_logs | EVAL TRIM(e/)', [ + ...getFieldNamesByType(['text', 'keyword']), + ...getFunctionSignaturesByReturnType( + 'eval', + ['text', 'keyword'], + { scalar: true }, + undefined, + ['trim'] + ), + ]); // subsequent function argument const expectedDateDiff2ndArgSuggestions = [ @@ -1053,19 +991,14 @@ describe('autocomplete', () => { text: `${s.text},`, })), ]; - testSuggestions( - 'FROM a | EVAL DATE_DIFF("day", )', - expectedDateDiff2ndArgSuggestions, - undefined, - 31 - ); + testSuggestions('FROM a | EVAL DATE_DIFF("day", /)', expectedDateDiff2ndArgSuggestions); // trigger character case for comparison - testSuggestions('FROM a | EVAL DATE_DIFF("day", )', expectedDateDiff2ndArgSuggestions, ' '); + testSuggestions('FROM a | EVAL DATE_DIFF("day", /)', expectedDateDiff2ndArgSuggestions, ' '); }); // FROM source - testSuggestions('FROM k', ['index1 ', 'index2 '], undefined, 6, [ + testSuggestions('FROM k/', ['index1 ', 'index2 '], undefined, [ , [ { name: 'index1', hidden: false }, @@ -1074,178 +1007,128 @@ describe('autocomplete', () => { ]); // FROM source METADATA - testSuggestions('FROM index1 M', [',', 'METADATA $0', '| '], undefined, 13); + testSuggestions('FROM index1 M/', [',', 'METADATA $0', '| ']); // FROM source METADATA field - testSuggestions('FROM index1 METADATA _', METADATA_FIELDS, undefined, 22); + testSuggestions('FROM index1 METADATA _/', METADATA_FIELDS); // EVAL argument - testSuggestions( - 'FROM index1 | EVAL b', - [ - 'var0 = ', - ...getFieldNamesByType('any'), - ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), - ], - undefined, - 20 - ); + testSuggestions('FROM index1 | EVAL b/', [ + 'var0 = ', + ...getFieldNamesByType('any'), + ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), + ]); - testSuggestions( - 'FROM index1 | EVAL var0 = f', - [...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true })], - undefined, - 27 - ); + testSuggestions('FROM index1 | EVAL var0 = f/', [ + ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), + ]); // DISSECT field // enable once https://github.com/elastic/kibana/issues/190070 is fixed - testSuggestions.skip( - 'FROM index1 | DISSECT b', - getFieldNamesByType(ESQL_STRING_TYPES), - undefined, - 23 - ); + testSuggestions.skip('FROM index1 | DISSECT b/', getFieldNamesByType(ESQL_STRING_TYPES)); // DROP (first field) - testSuggestions('FROM index1 | DROP f', getFieldNamesByType('any'), undefined, 20); + testSuggestions('FROM index1 | DROP f/', getFieldNamesByType('any')); // DROP (subsequent field) - testSuggestions('FROM index1 | DROP field1, f', getFieldNamesByType('any'), undefined, 28); + testSuggestions('FROM index1 | DROP field1, f/', getFieldNamesByType('any')); // ENRICH policy testSuggestions( - 'FROM index1 | ENRICH p', - policies.map(({ name }) => getSafeInsertText(name)), - undefined, - 22 + 'FROM index1 | ENRICH p/', + policies.map(({ name }) => getSafeInsertText(name)) ); // ENRICH policy ON - testSuggestions('FROM index1 | ENRICH policy O', ['ON $0', 'WITH $0', '| '], undefined, 29); + testSuggestions('FROM index1 | ENRICH policy O/', ['ON $0', 'WITH $0', '| ']); // ENRICH policy ON field - testSuggestions('FROM index1 | ENRICH policy ON f', getFieldNamesByType('any'), undefined, 32); + testSuggestions('FROM index1 | ENRICH policy ON f/', getFieldNamesByType('any')); // ENRICH policy WITH policyfield - testSuggestions( - 'FROM index1 | ENRICH policy WITH v', - ['var0 = ', ...getPolicyFields('policy')], - undefined, - 34 - ); + testSuggestions('FROM index1 | ENRICH policy WITH v/', [ + 'var0 = ', + ...getPolicyFields('policy'), + ]); - testSuggestions( - 'FROM index1 | ENRICH policy WITH \tv', - ['var0 = ', ...getPolicyFields('policy')], - undefined, - 34 - ); + testSuggestions('FROM index1 | ENRICH policy WITH \tv/', [ + 'var0 = ', + ...getPolicyFields('policy'), + ]); // GROK field // enable once https://github.com/elastic/kibana/issues/190070 - testSuggestions.skip( - 'FROM index1 | GROK f', - getFieldNamesByType(ESQL_STRING_TYPES), - undefined, - 20 - ); + testSuggestions.skip('FROM index1 | GROK f/', getFieldNamesByType(ESQL_STRING_TYPES)); // KEEP (first field) - testSuggestions('FROM index1 | KEEP f', getFieldNamesByType('any'), undefined, 20); + testSuggestions('FROM index1 | KEEP f/', getFieldNamesByType('any')); // KEEP (subsequent fields) testSuggestions( - 'FROM index1 | KEEP booleanField, f', - getFieldNamesByType('any').filter((name) => name !== 'booleanField'), - undefined, - 34 + 'FROM index1 | KEEP booleanField, f/', + getFieldNamesByType('any').filter((name) => name !== 'booleanField') ); // LIMIT argument - // Here we actually test that the invoke trigger kind does not work - // because it isn't very useful to see literal suggestions when typing a number - testSuggestions('FROM a | LIMIT 1', ['| '], undefined, 16); + // Here we actually test that the invoke trigger kind does NOT work + // the assumption is that it isn't very useful to see literal suggestions when already typing a number + // I'm not sure if this is true or not, but it's the current behavior + testSuggestions('FROM a | LIMIT 1/', ['| ']); // MV_EXPAND field - testSuggestions('FROM index1 | MV_EXPAND f', getFieldNamesByType('any'), undefined, 25); + testSuggestions('FROM index1 | MV_EXPAND f/', getFieldNamesByType('any')); // RENAME field - testSuggestions('FROM index1 | RENAME f', getFieldNamesByType('any'), undefined, 22); + testSuggestions('FROM index1 | RENAME f/', getFieldNamesByType('any')); // RENAME field AS - testSuggestions('FROM index1 | RENAME field A', ['AS $0'], undefined, 28); + testSuggestions('FROM index1 | RENAME field A/', ['AS $0']); // RENAME field AS var0 - testSuggestions('FROM index1 | RENAME field AS v', ['var0'], undefined, 31); + testSuggestions('FROM index1 | RENAME field AS v/', ['var0']); // SORT field - testSuggestions( - 'FROM index1 | SORT f', - [ - ...getFunctionSignaturesByReturnType('sort', 'any', { scalar: true }), - ...getFieldNamesByType('any').map((field) => `${field} `), - ], - undefined, - 20 - ); + testSuggestions('FROM index1 | SORT f/', [ + ...getFunctionSignaturesByReturnType('sort', 'any', { scalar: true }), + ...getFieldNamesByType('any').map((field) => `${field} `), + ]); // SORT field order - testSuggestions( - 'FROM index1 | SORT keywordField a', - ['ASC ', 'DESC ', ',', '| '], - undefined, - 33 - ); + testSuggestions('FROM index1 | SORT keywordField a/', ['ASC ', 'DESC ', ',', '| ']); // SORT field order nulls - testSuggestions( - 'FROM index1 | SORT keywordField ASC n', - ['NULLS FIRST ', 'NULLS LAST ', ',', '| '], - undefined, - 37 - ); + testSuggestions('FROM index1 | SORT keywordField ASC n/', [ + 'NULLS FIRST ', + 'NULLS LAST ', + ',', + '| ', + ]); // STATS argument - testSuggestions( - 'FROM index1 | STATS f', - [ - 'var0 = ', - ...getFunctionSignaturesByReturnType('stats', 'any', { scalar: true, agg: true }), - ], - undefined, - 21 - ); + testSuggestions('FROM index1 | STATS f/', [ + 'var0 = ', + ...getFunctionSignaturesByReturnType('stats', 'any', { scalar: true, agg: true }), + ]); // STATS argument BY - testSuggestions('FROM index1 | STATS AVG(booleanField) B', ['BY $0', ',', '| '], undefined, 39); + testSuggestions('FROM index1 | STATS AVG(booleanField) B/', ['BY $0', ',', '| ']); // STATS argument BY expression - testSuggestions( - 'FROM index1 | STATS field BY f', - [ - 'var0 = ', - ...getFunctionSignaturesByReturnType('stats', 'any', { grouping: true, scalar: true }), - ...getFieldNamesByType('any').map((field) => `${field} `), - ], - undefined, - 30 - ); + testSuggestions('FROM index1 | STATS field BY f/', [ + 'var0 = ', + ...getFunctionSignaturesByReturnType('stats', 'any', { grouping: true, scalar: true }), + ...getFieldNamesByType('any').map((field) => `${field} `), + ]); // WHERE argument - testSuggestions( - 'FROM index1 | WHERE f', - [ - ...getFieldNamesByType('any').map((field) => `${field} `), - ...getFunctionSignaturesByReturnType('where', 'any', { scalar: true }), - ], - undefined, - 22 - ); + testSuggestions('FROM index1 | WHERE f/', [ + ...getFieldNamesByType('any').map((field) => `${field} `), + ...getFunctionSignaturesByReturnType('where', 'any', { scalar: true }), + ]); // WHERE argument comparison testSuggestions( - 'FROM index1 | WHERE keywordField i', + 'FROM index1 | WHERE keywordField i/', getFunctionSignaturesByReturnType( 'where', 'boolean', @@ -1254,9 +1137,7 @@ describe('autocomplete', () => { }, undefined, ['and', 'or', 'not'] - ), - undefined, - 34 + ) ); }); @@ -1278,21 +1159,17 @@ describe('autocomplete', () => { // Source command testSuggestions( - 'F', - ['FROM $0', 'ROW $0', 'SHOW $0'].map(attachTriggerCommand).map(attachAsSnippet), - undefined, - 1 + 'F/', + ['FROM $0', 'ROW $0', 'SHOW $0'].map(attachTriggerCommand).map(attachAsSnippet) ); // Pipe command testSuggestions( - 'FROM a | E', + 'FROM a | E/', commandDefinitions .filter(({ name }) => !sourceCommands.includes(name)) .map(({ name }) => attachTriggerCommand(name.toUpperCase() + ' $0')) - .map(attachAsSnippet), // TODO consider making this check more fundamental - undefined, - 10 + .map(attachAsSnippet) // TODO consider making this check more fundamental ); describe('function arguments', () => { @@ -1301,10 +1178,8 @@ describe('autocomplete', () => { evalFunctionDefinitions.find(({ name }) => name === 'date_diff')?.signatures[0].params?.[0] .literalSuggestions ?? []; testSuggestions( - 'FROM a | EVAL DATE_DIFF()', - dateDiffFirstParamSuggestions.map((s) => `"${s}", `).map(attachTriggerCommand), - undefined, - 24 + 'FROM a | EVAL DATE_DIFF(/)', + dateDiffFirstParamSuggestions.map((s) => `"${s}", `).map(attachTriggerCommand) ); // field parameter @@ -1325,61 +1200,48 @@ describe('autocomplete', () => { })), ]; - testSuggestions( - 'FROM a | EVAL REPLACE()', - expectedStringSuggestionsWhenMoreArgsAreNeeded, - undefined, - 22 - ); + testSuggestions('FROM a | EVAL REPLACE(/)', expectedStringSuggestionsWhenMoreArgsAreNeeded); // subsequent parameter testSuggestions( - 'FROM a | EVAL REPLACE(keywordField, )', - expectedStringSuggestionsWhenMoreArgsAreNeeded, - undefined, - 36 + 'FROM a | EVAL REPLACE(keywordField, /)', + expectedStringSuggestionsWhenMoreArgsAreNeeded ); // final parameter — should not advance! - testSuggestions( - 'FROM a | EVAL REPLACE(keywordField, keywordField, )', - [ - ...getFieldNamesByType(ESQL_STRING_TYPES).map((field) => ({ - text: field, - command: undefined, - })), - ...getFunctionSignaturesByReturnType( - 'eval', - ESQL_STRING_TYPES, - { scalar: true }, - undefined, - ['replace'] - ), - ], - undefined, - 50 - ); + testSuggestions('FROM a | EVAL REPLACE(keywordField, keywordField, /)', [ + ...getFieldNamesByType(ESQL_STRING_TYPES).map((field) => ({ + text: field, + command: undefined, + })), + ...getFunctionSignaturesByReturnType( + 'eval', + ESQL_STRING_TYPES, + { scalar: true }, + undefined, + ['replace'] + ), + ]); // Trigger character because this is how it will actually be... the user will press // space-bar... this may change if we fix the tokenization of timespan literals // such that "2 days" is a single monaco token testSuggestions( - 'FROM a | EVAL DATE_TRUNC(2 )', + 'FROM a | EVAL DATE_TRUNC(2 /)', [...timeUnitsToSuggest.map((s) => `${s.name}, `).map(attachTriggerCommand), ','], ' ' ); }); // PIPE (|) - testSuggestions( - 'FROM a ', - [attachTriggerCommand('| '), ',', attachAsSnippet(attachTriggerCommand('METADATA $0'))], - undefined, - 7 - ); + testSuggestions('FROM a /', [ + attachTriggerCommand('| '), + ',', + attachAsSnippet(attachTriggerCommand('METADATA $0')), + ]); // Assignment - testSuggestions(`FROM a | ENRICH policy on b with `, [ + testSuggestions(`FROM a | ENRICH policy on b with /`, [ attachTriggerCommand('var0 = '), ...getPolicyFields('policy'), ]); @@ -1389,13 +1251,12 @@ describe('autocomplete', () => { // Using an Invoke trigger kind here because that's what Monaco uses when the show suggestions // action is triggered (e.g. accepting the "FROM" suggestion) testSuggestions( - 'FROM ', + 'FROM /', [ { text: 'index1 ', command: TRIGGER_SUGGESTION_COMMAND }, { text: 'index2 ', command: TRIGGER_SUGGESTION_COMMAND }, ], undefined, - 5, [ , [ @@ -1406,63 +1267,53 @@ describe('autocomplete', () => { ); // FROM source METADATA - testSuggestions( - 'FROM index1 M', - [',', attachAsSnippet(attachTriggerCommand('METADATA $0')), '| '], - undefined, - 13 - ); + testSuggestions('FROM index1 M/', [ + ',', + attachAsSnippet(attachTriggerCommand('METADATA $0')), + '| ', + ]); // LIMIT number - testSuggestions('FROM a | LIMIT ', ['10 ', '100 ', '1000 '].map(attachTriggerCommand)); + testSuggestions('FROM a | LIMIT /', ['10 ', '100 ', '1000 '].map(attachTriggerCommand)); // SORT field testSuggestions( - 'FROM a | SORT ', + 'FROM a | SORT /', [ ...getFieldNamesByType('any').map((field) => `${field} `), ...getFunctionSignaturesByReturnType('sort', 'any', { scalar: true }), - ].map(attachTriggerCommand), - undefined, - 14 + ].map(attachTriggerCommand) ); // SORT field order - testSuggestions( - 'FROM a | SORT field ', - [',', ...['ASC ', 'DESC ', '| '].map(attachTriggerCommand)], - undefined, - 20 - ); + testSuggestions('FROM a | SORT field /', [ + ',', + ...['ASC ', 'DESC ', '| '].map(attachTriggerCommand), + ]); // SORT field order nulls - testSuggestions( - 'FROM a | SORT field ASC ', - [',', ...['NULLS FIRST ', 'NULLS LAST ', '| '].map(attachTriggerCommand)], - undefined, - 24 - ); + testSuggestions('FROM a | SORT field ASC /', [ + ',', + ...['NULLS FIRST ', 'NULLS LAST ', '| '].map(attachTriggerCommand), + ]); // STATS argument testSuggestions( - 'FROM a | STATS ', + 'FROM a | STATS /', [ 'var0 = ', ...getFunctionSignaturesByReturnType('stats', 'any', { scalar: true, agg: true }).map( attachAsSnippet ), - ].map(attachTriggerCommand), - undefined, - 15 + ].map(attachTriggerCommand) ); // STATS argument BY - testSuggestions( - 'FROM a | STATS AVG(numberField) ', - [',', attachAsSnippet(attachTriggerCommand('BY $0')), attachTriggerCommand('| ')], - undefined, - 32 - ); + testSuggestions('FROM a | STATS AVG(numberField) /', [ + ',', + attachAsSnippet(attachTriggerCommand('BY $0')), + attachTriggerCommand('| '), + ]); // STATS argument BY field const allByCompatibleFunctions = getFunctionSignaturesByReturnType( @@ -1476,48 +1327,33 @@ describe('autocomplete', () => { undefined, 'by' ); - testSuggestions( - 'FROM a | STATS AVG(numberField) BY ', - [ - attachTriggerCommand('var0 = '), - ...getFieldNamesByType('any') - .map((field) => `${field} `) - .map(attachTriggerCommand), - ...allByCompatibleFunctions, - ], - undefined, - 35 - ); + testSuggestions('FROM a | STATS AVG(numberField) BY /', [ + attachTriggerCommand('var0 = '), + ...getFieldNamesByType('any') + .map((field) => `${field} `) + .map(attachTriggerCommand), + ...allByCompatibleFunctions, + ]); // STATS argument BY assignment (checking field suggestions) - testSuggestions( - 'FROM a | STATS AVG(numberField) BY var0 = ', - [ - ...getFieldNamesByType('any') - .map((field) => `${field} `) - .map(attachTriggerCommand), - ...allByCompatibleFunctions, - ], - undefined, - 41 - ); + testSuggestions('FROM a | STATS AVG(numberField) BY var0 = /', [ + ...getFieldNamesByType('any') + .map((field) => `${field} `) + .map(attachTriggerCommand), + ...allByCompatibleFunctions, + ]); // WHERE argument (field suggestions) - testSuggestions( - 'FROM a | WHERE ', - [ - ...getFieldNamesByType('any') - .map((field) => `${field} `) - .map(attachTriggerCommand), - ...getFunctionSignaturesByReturnType('where', 'any', { scalar: true }).map(attachAsSnippet), - ], - undefined, - 15 - ); + testSuggestions('FROM a | WHERE /', [ + ...getFieldNamesByType('any') + .map((field) => `${field} `) + .map(attachTriggerCommand), + ...getFunctionSignaturesByReturnType('where', 'any', { scalar: true }).map(attachAsSnippet), + ]); // WHERE argument comparison testSuggestions( - 'FROM a | WHERE keywordField ', + 'FROM a | WHERE keywordField /', getFunctionSignaturesByReturnType( 'where', 'boolean', @@ -1525,9 +1361,7 @@ describe('autocomplete', () => { builtin: true, }, ['keyword'] - ).map((s) => (s.text.toLowerCase().includes('null') ? s : attachTriggerCommand(s))), - undefined, - 28 + ).map((s) => (s.text.toLowerCase().includes('null') ? s : attachTriggerCommand(s))) ); }); }); diff --git a/packages/kbn-esql-validation-autocomplete/src/definitions/functions.ts b/packages/kbn-esql-validation-autocomplete/src/definitions/functions.ts index 14626048ced92..eec90bcd75c6a 100644 --- a/packages/kbn-esql-validation-autocomplete/src/definitions/functions.ts +++ b/packages/kbn-esql-validation-autocomplete/src/definitions/functions.ts @@ -2737,7 +2737,7 @@ const logDefinition: FunctionDefinition = { // do not really care here about the base and field // just need to check both values are not negative for (const arg of fnDef.args) { - if (isLiteralItem(arg) && typeof arg.value === 'number' && arg.value < 0) { + if (isLiteralItem(arg) && Number(arg.value) < 0) { messages.push({ type: 'warning' as const, code: 'logOfNegativeValue', @@ -2820,7 +2820,7 @@ const log10Definition: FunctionDefinition = { // do not really care here about the base and field // just need to check both values are not negative for (const arg of fnDef.args) { - if (isLiteralItem(arg) && typeof arg.value === 'number' && arg.value < 0) { + if (isLiteralItem(arg) && Number(arg.value) < 0) { messages.push({ type: 'warning' as const, code: 'logOfNegativeValue', @@ -3268,6 +3268,16 @@ const mvCountDefinition: FunctionDefinition = { ], returnType: 'integer', }, + { + params: [ + { + name: 'field', + type: 'date_nanos', + optional: false, + }, + ], + returnType: 'integer', + }, { params: [ { @@ -3571,6 +3581,16 @@ const mvFirstDefinition: FunctionDefinition = { ], returnType: 'cartesian_shape', }, + { + params: [ + { + name: 'field', + type: 'date_nanos', + optional: false, + }, + ], + returnType: 'date_nanos', + }, { params: [ { @@ -3728,6 +3748,16 @@ const mvLastDefinition: FunctionDefinition = { ], returnType: 'cartesian_shape', }, + { + params: [ + { + name: 'field', + type: 'date_nanos', + optional: false, + }, + ], + returnType: 'date_nanos', + }, { params: [ { @@ -3865,6 +3895,16 @@ const mvMaxDefinition: FunctionDefinition = { ], returnType: 'boolean', }, + { + params: [ + { + name: 'field', + type: 'date_nanos', + optional: false, + }, + ], + returnType: 'date_nanos', + }, { params: [ { @@ -4045,6 +4085,16 @@ const mvMinDefinition: FunctionDefinition = { ], returnType: 'boolean', }, + { + params: [ + { + name: 'field', + type: 'date_nanos', + optional: false, + }, + ], + returnType: 'date_nanos', + }, { params: [ { @@ -4174,7 +4224,7 @@ const mvPseriesWeightedSumDefinition: FunctionDefinition = { returnType: 'double', }, ], - supportedCommands: ['stats', 'metrics', 'eval', 'where', 'row', 'sort'], + supportedCommands: ['stats', 'inlinestats', 'metrics', 'eval', 'where', 'row', 'sort'], supportedOptions: ['by'], validate: undefined, examples: [ @@ -4619,7 +4669,6 @@ const mvSortDefinition: FunctionDefinition = { supportedCommands: ['stats', 'inlinestats', 'metrics', 'eval', 'where', 'row', 'sort'], supportedOptions: ['by'], validate: undefined, - examples: ['ROW a = [4, 2, -3, 2]\n| EVAL sa = mv_sort(a), sd = mv_sort(a, "DESC")'], }; diff --git a/packages/kbn-esql-validation-autocomplete/src/definitions/types.ts b/packages/kbn-esql-validation-autocomplete/src/definitions/types.ts index 2e8c32b5be003..d41a18ba99cfe 100644 --- a/packages/kbn-esql-validation-autocomplete/src/definitions/types.ts +++ b/packages/kbn-esql-validation-autocomplete/src/definitions/types.ts @@ -31,6 +31,7 @@ export const fieldTypes = [ 'counter_long', 'counter_double', 'unsupported', + 'date_nanos', ] as const; export type FieldType = (typeof fieldTypes)[number]; diff --git a/packages/kbn-esql-validation-autocomplete/src/validation/esql_validation_meta_tests.json b/packages/kbn-esql-validation-autocomplete/src/validation/esql_validation_meta_tests.json index 41cc3027bfe58..9eecf5156a892 100644 --- a/packages/kbn-esql-validation-autocomplete/src/validation/esql_validation_meta_tests.json +++ b/packages/kbn-esql-validation-autocomplete/src/validation/esql_validation_meta_tests.json @@ -76,6 +76,10 @@ "name": "counterDoubleField", "type": "counter_double" }, + { + "name": "dateNanosField", + "type": "date_nanos" + }, { "name": "any#Char$Field", "type": "double" @@ -2248,28 +2252,28 @@ { "query": "from index | project ", "error": [ - "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where'}" + "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where', MATCH}" ], "warning": [] }, { "query": "from index | project textField, doubleField, dateField", "error": [ - "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where'}" + "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where', MATCH}" ], "warning": [] }, { "query": "from index | PROJECT textField, doubleField, dateField", "error": [ - "SyntaxError: mismatched input 'PROJECT' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where'}" + "SyntaxError: mismatched input 'PROJECT' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where', MATCH}" ], "warning": [] }, { "query": "from index | project missingField, doubleField, dateField", "error": [ - "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where'}" + "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where', MATCH}" ], "warning": [] }, @@ -4389,6 +4393,46 @@ "error": [], "warning": [] }, + { + "query": "from a_index | where dateNanosField IS NULL", + "error": [], + "warning": [] + }, + { + "query": "from a_index | where dateNanosField IS null", + "error": [], + "warning": [] + }, + { + "query": "from a_index | where dateNanosField is null", + "error": [], + "warning": [] + }, + { + "query": "from a_index | where dateNanosField is NULL", + "error": [], + "warning": [] + }, + { + "query": "from a_index | where dateNanosField IS NOT NULL", + "error": [], + "warning": [] + }, + { + "query": "from a_index | where dateNanosField IS NOT null", + "error": [], + "warning": [] + }, + { + "query": "from a_index | where dateNanosField IS not NULL", + "error": [], + "warning": [] + }, + { + "query": "from a_index | where dateNanosField Is nOt NuLL", + "error": [], + "warning": [] + }, { "query": "from a_index | where textField == \"a\" or null", "error": [], @@ -5115,6 +5159,41 @@ "error": [], "warning": [] }, + { + "query": "from a_index | eval dateNanosField IS NULL", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval dateNanosField IS null", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval dateNanosField is null", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval dateNanosField is NULL", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval dateNanosField IS NOT NULL", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval dateNanosField IS NOT null", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval dateNanosField IS not NULL", + "error": [], + "warning": [] + }, { "query": "from a_index | eval - doubleField", "error": [], @@ -12502,6 +12581,16 @@ ], "warning": [] }, + { + "query": "row var = date_trunc(1 day, to_datetime(\"2021-01-01T00:00:00Z\"))", + "error": [], + "warning": [] + }, + { + "query": "row date_trunc(1 day, to_datetime(\"2021-01-01T00:00:00Z\"))", + "error": [], + "warning": [] + }, { "query": "row var = e()", "error": [], @@ -16244,6 +16333,21 @@ "error": [], "warning": [] }, + { + "query": "from a_index | where mv_count(dateNanosField) > 0", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval var = mv_count(dateNanosField)", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval mv_count(dateNanosField)", + "error": [], + "warning": [] + }, { "query": "row var = mv_dedupe(true)", "error": [], @@ -17207,6 +17311,16 @@ "error": [], "warning": [] }, + { + "query": "from a_index | eval var = mv_first(dateNanosField)", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval mv_first(dateNanosField)", + "error": [], + "warning": [] + }, { "query": "row var = mv_last(true)", "error": [], @@ -17696,6 +17810,16 @@ "error": [], "warning": [] }, + { + "query": "from a_index | eval var = mv_last(dateNanosField)", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval mv_last(dateNanosField)", + "error": [], + "warning": [] + }, { "query": "row var = mv_max(true)", "error": [], @@ -18016,6 +18140,16 @@ "error": [], "warning": [] }, + { + "query": "from a_index | eval var = mv_max(dateNanosField)", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval mv_max(dateNanosField)", + "error": [], + "warning": [] + }, { "query": "row var = mv_median(5.5)", "error": [], @@ -18486,6 +18620,16 @@ "error": [], "warning": [] }, + { + "query": "from a_index | eval var = mv_min(dateNanosField)", + "error": [], + "warning": [] + }, + { + "query": "from a_index | eval mv_min(dateNanosField)", + "error": [], + "warning": [] + }, { "query": "row var = mv_slice(true, 5, 5)", "error": [], diff --git a/packages/kbn-esql-validation-autocomplete/src/validation/validation.test.ts b/packages/kbn-esql-validation-autocomplete/src/validation/validation.test.ts index 5e61c2631d9e1..ab5a7ec61329e 100644 --- a/packages/kbn-esql-validation-autocomplete/src/validation/validation.test.ts +++ b/packages/kbn-esql-validation-autocomplete/src/validation/validation.test.ts @@ -530,16 +530,16 @@ describe('validation logic', () => { ]); testErrorsAndWarnings('from index | keep `any#Char$Field`', []); testErrorsAndWarnings('from index | project ', [ - "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where'}", + "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where', MATCH}", ]); testErrorsAndWarnings('from index | project textField, doubleField, dateField', [ - "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where'}", + "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where', MATCH}", ]); testErrorsAndWarnings('from index | PROJECT textField, doubleField, dateField', [ - "SyntaxError: mismatched input 'PROJECT' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where'}", + "SyntaxError: mismatched input 'PROJECT' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where', MATCH}", ]); testErrorsAndWarnings('from index | project missingField, doubleField, dateField', [ - "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where'}", + "SyntaxError: mismatched input 'project' expecting {'dissect', 'drop', 'enrich', 'eval', 'grok', 'inlinestats', 'keep', 'limit', 'lookup', 'mv_expand', 'rename', 'sort', 'stats', 'where', MATCH}", ]); testErrorsAndWarnings('from index | keep k*', []); testErrorsAndWarnings('from index | keep *Field', []); @@ -2952,6 +2952,11 @@ describe('validation logic', () => { 'Argument of [date_trunc] must be [time_literal], found value [textField] type [text]', 'Argument of [date_trunc] must be [date], found value [concat("20","22")] type [keyword]', ]); + testErrorsAndWarnings( + 'row var = date_trunc(1 day, to_datetime("2021-01-01T00:00:00Z"))', + [] + ); + testErrorsAndWarnings('row date_trunc(1 day, to_datetime("2021-01-01T00:00:00Z"))', []); }); describe('e', () => { @@ -4469,6 +4474,9 @@ describe('validation logic', () => { testErrorsAndWarnings('row mv_count(to_geopoint("POINT (30 10)"))', []); testErrorsAndWarnings('row var = mv_count(to_geopoint(to_geopoint("POINT (30 10)")))', []); testErrorsAndWarnings('row var = mv_count(to_geoshape(to_geopoint("POINT (30 10)")))', []); + testErrorsAndWarnings('from a_index | where mv_count(dateNanosField) > 0', []); + testErrorsAndWarnings('from a_index | eval var = mv_count(dateNanosField)', []); + testErrorsAndWarnings('from a_index | eval mv_count(dateNanosField)', []); }); describe('mv_dedupe', () => { @@ -4772,6 +4780,8 @@ describe('validation logic', () => { testErrorsAndWarnings('row mv_first(to_geopoint("POINT (30 10)"))', []); testErrorsAndWarnings('row var = mv_first(to_geopoint(to_geopoint("POINT (30 10)")))', []); testErrorsAndWarnings('row var = mv_first(to_geoshape(to_geopoint("POINT (30 10)")))', []); + testErrorsAndWarnings('from a_index | eval var = mv_first(dateNanosField)', []); + testErrorsAndWarnings('from a_index | eval mv_first(dateNanosField)', []); }); describe('mv_last', () => { @@ -4922,6 +4932,8 @@ describe('validation logic', () => { testErrorsAndWarnings('row mv_last(to_geopoint("POINT (30 10)"))', []); testErrorsAndWarnings('row var = mv_last(to_geopoint(to_geopoint("POINT (30 10)")))', []); testErrorsAndWarnings('row var = mv_last(to_geoshape(to_geopoint("POINT (30 10)")))', []); + testErrorsAndWarnings('from a_index | eval var = mv_last(dateNanosField)', []); + testErrorsAndWarnings('from a_index | eval mv_last(dateNanosField)', []); }); describe('mv_max', () => { @@ -5009,6 +5021,8 @@ describe('validation logic', () => { testErrorsAndWarnings('row nullVar = null | eval mv_max(nullVar)', []); testErrorsAndWarnings('from a_index | eval mv_max("2022")', []); testErrorsAndWarnings('from a_index | eval mv_max(concat("20", "22"))', []); + testErrorsAndWarnings('from a_index | eval var = mv_max(dateNanosField)', []); + testErrorsAndWarnings('from a_index | eval mv_max(dateNanosField)', []); }); describe('mv_median', () => { @@ -5146,6 +5160,8 @@ describe('validation logic', () => { testErrorsAndWarnings('row nullVar = null | eval mv_min(nullVar)', []); testErrorsAndWarnings('from a_index | eval mv_min("2022")', []); testErrorsAndWarnings('from a_index | eval mv_min(concat("20", "22"))', []); + testErrorsAndWarnings('from a_index | eval var = mv_min(dateNanosField)', []); + testErrorsAndWarnings('from a_index | eval mv_min(dateNanosField)', []); }); describe('mv_slice', () => { diff --git a/packages/kbn-expect/expect.js b/packages/kbn-expect/expect.js index 8a7d1802a7e0e..1a48d75a4615d 100644 --- a/packages/kbn-expect/expect.js +++ b/packages/kbn-expect/expect.js @@ -45,7 +45,7 @@ function Assertion (obj, flag, parent) { this.flags[flag] = true; for (var i in parent.flags) { - if (parent.flags.hasOwnProperty(i)) { + if (Object.hasOwn(parent.flags, i)) { this.flags[i] = true; } } @@ -70,7 +70,7 @@ function Assertion (obj, flag, parent) { }; for (var fn in Assertion.prototype) { - if (Assertion.prototype.hasOwnProperty(fn) && fn != name) { + if (Object.hasOwn(Assertion.prototype, fn) && fn != name) { if (typeof this[name] === 'function' && fn === 'length') { continue; } diff --git a/packages/kbn-flot-charts/lib/jquery_flot.js b/packages/kbn-flot-charts/lib/jquery_flot.js index 5252356279e51..3b13b317c616c 100644 --- a/packages/kbn-flot-charts/lib/jquery_flot.js +++ b/packages/kbn-flot-charts/lib/jquery_flot.js @@ -2750,7 +2750,7 @@ Licensed under the MIT license. var ascending = options.legend.sorted != "descending"; entries.sort(function(a, b) { return a.label == b.label ? 0 : ( - (a.label < b.label) != ascending ? 1 : -1 // Logical XOR + ((a.label < b.label) != ascending ? 1 : -1) // Logical XOR ); }); } diff --git a/packages/kbn-handlebars/src/spec/index.regressions.test.ts b/packages/kbn-handlebars/src/spec/index.regressions.test.ts index fc2065fe7585d..5ff37a3dd9849 100644 --- a/packages/kbn-handlebars/src/spec/index.regressions.test.ts +++ b/packages/kbn-handlebars/src/spec/index.regressions.test.ts @@ -231,7 +231,7 @@ describe('Regressions', () => { // It's valid to execute a block against an undefined context, but // helpers can not do so, so we expect to have an empty object here; for (const name in this) { - if (Object.prototype.hasOwnProperty.call(this, name)) { + if (Object.hasOwn(this, name)) { return 'found'; } } diff --git a/packages/kbn-handlebars/src/utils.ts b/packages/kbn-handlebars/src/utils.ts index b44f4a9791f02..d33bafcd0ef5e 100644 --- a/packages/kbn-handlebars/src/utils.ts +++ b/packages/kbn-handlebars/src/utils.ts @@ -63,6 +63,7 @@ export function allowUnsafeEval() { try { // Do not remove the `kbnUnsafeEvalTest` parameter. // It is used for filtering out expected CSP failures, and must be the first piece of content in this function. + // eslint-disable-next-line no-new-func new Function('kbnUnsafeEvalTest', 'return true;'); return true; } catch (e) { diff --git a/packages/kbn-handlebars/src/visitor.ts b/packages/kbn-handlebars/src/visitor.ts index 16dc151df8640..2195820bf46de 100644 --- a/packages/kbn-handlebars/src/visitor.ts +++ b/packages/kbn-handlebars/src/visitor.ts @@ -112,7 +112,7 @@ export class ElasticHandlebarsVisitor extends Handlebars.Visitor { if (result == null) { return result; } - if (Object.prototype.hasOwnProperty.call(parent, propertyName)) { + if (Object.hasOwn(parent, propertyName)) { return result; } diff --git a/packages/kbn-managed-vscode-config/src/update_vscode_config.ts b/packages/kbn-managed-vscode-config/src/update_vscode_config.ts index d327ab98ae82c..2e3a3a5d25563 100644 --- a/packages/kbn-managed-vscode-config/src/update_vscode_config.ts +++ b/packages/kbn-managed-vscode-config/src/update_vscode_config.ts @@ -141,7 +141,7 @@ const mergeManagedProperties = ( if ( isBasicObjectProp(prop) && isManaged(prop) && - !Object.prototype.hasOwnProperty.call(managedValue, prop.key.value) + !Object.hasOwn(managedValue, prop.key.value) ) { remove(properties, prop); } diff --git a/packages/kbn-management/settings/components/field_input/input/select_input.tsx b/packages/kbn-management/settings/components/field_input/input/select_input.tsx index 9421d4d3e83b1..a02dbf61bd16f 100644 --- a/packages/kbn-management/settings/components/field_input/input/select_input.tsx +++ b/packages/kbn-management/settings/components/field_input/input/select_input.tsx @@ -42,7 +42,7 @@ export const SelectInput = ({ const options = useMemo( () => optionsProp?.map((option) => ({ - text: optionLabels.hasOwnProperty(option) ? optionLabels[option] : option, + text: Object.hasOwn(optionLabels, option) ? optionLabels[option] : option, value: option, })), [optionsProp, optionLabels] diff --git a/packages/kbn-management/settings/components/form/use_save.ts b/packages/kbn-management/settings/components/form/use_save.ts index 53af23e476d74..5268e6fcb9a5c 100644 --- a/packages/kbn-management/settings/components/form/use_save.ts +++ b/packages/kbn-management/settings/components/form/use_save.ts @@ -39,7 +39,7 @@ export const useSave = (params: UseSaveParameters) => { await saveChanges(changes, params.scope); params.clearChanges(); const requiresReload = params.fields.some( - (setting) => changes.hasOwnProperty(setting.id) && setting.requiresPageReload + (setting) => Object.hasOwn(changes, setting.id) && setting.requiresPageReload ); if (requiresReload) { showReloadPagePrompt(); diff --git a/packages/kbn-mock-idp-plugin/public/role_switcher.tsx b/packages/kbn-mock-idp-plugin/public/role_switcher.tsx index 7ef4e435e4e65..63bf43f4aa52e 100644 --- a/packages/kbn-mock-idp-plugin/public/role_switcher.tsx +++ b/packages/kbn-mock-idp-plugin/public/role_switcher.tsx @@ -145,7 +145,7 @@ const createForm = (url: string, fields: Record) => { form.setAttribute('action', url); for (const key in fields) { - if (!fields.hasOwnProperty(key)) { + if (!Object.hasOwn(fields, key)) { continue; } const input = document.createElement('input'); diff --git a/packages/kbn-monaco/src/console/folding_range_provider/folding_range_provider.ts b/packages/kbn-monaco/src/console/folding_range_provider/folding_range_provider.ts new file mode 100644 index 0000000000000..c88a02baa8fbc --- /dev/null +++ b/packages/kbn-monaco/src/console/folding_range_provider/folding_range_provider.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { monaco } from '../../..'; +import { getFoldingRanges } from './folding_range_utils'; + +export const foldingRangeProvider: monaco.languages.FoldingRangeProvider = { + provideFoldingRanges: (model) => [ + ...getFoldingRanges(model.getLinesContent(), '{', '}'), + ...getFoldingRanges(model.getLinesContent(), '[', ']'), + ], +}; diff --git a/packages/kbn-monaco/src/console/folding_range_provider/folding_range_utils.test.ts b/packages/kbn-monaco/src/console/folding_range_provider/folding_range_utils.test.ts new file mode 100644 index 0000000000000..13a17ca866898 --- /dev/null +++ b/packages/kbn-monaco/src/console/folding_range_provider/folding_range_utils.test.ts @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { getFoldingRanges } from './folding_range_utils'; + +describe('getFoldingRanges', () => { + // Sample test input visualization: + // 1 PUT /test/_doc/1 + // 2 { + // 3 "some_key": { + // 4 "some_inner_key": """{ + // 5 "multi_line": "json string" + // 6 }""", + // 7 "some_other_key": 123 + // 8 }, + // 9 "outer_key_2": [ + // 10 1, + // 11 2, + // 12 3 + // 13 ] + // 14 } + + const SAMPLE_INPUT = [ + 'PUT /test/_doc/1', + '{ ', + ' "some_key": { ', + ' "some_inner_key": """{', + ' "multi_line": "json string"', + ' }""",', + ' "some_other_key": 123', + ' },', + ' "outer_key_2": [', + ' 1,', + ' 2,', + ' 3', + ' ]', + '}', + ]; + + it('returns correct ranges for parentheses', () => { + const expectedRanges = [ + { start: 3, end: 7 }, + { start: 2, end: 13 }, + ]; + expect(getFoldingRanges(SAMPLE_INPUT, '{', '}')).toEqual(expectedRanges); + }); + + it('returns correct ranges for square brackets', () => { + const expectedRanges = [{ start: 9, end: 12 }]; + expect(getFoldingRanges(SAMPLE_INPUT, '[', ']')).toEqual(expectedRanges); + }); +}); diff --git a/packages/kbn-monaco/src/console/folding_range_provider/folding_range_utils.ts b/packages/kbn-monaco/src/console/folding_range_provider/folding_range_utils.ts new file mode 100644 index 0000000000000..fb4f2d5cec00c --- /dev/null +++ b/packages/kbn-monaco/src/console/folding_range_provider/folding_range_utils.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { monaco } from '../../..'; + +const getOpeningLineRegex = (openingMarker: string) => { + // Opening parentheses can only be preceded by a colon or nothing + // This ensures that it's not between quotes + const regExStr = `^(.*:\\s*)?\\${openingMarker}$`; + return new RegExp(regExStr); +}; + +const getClosingLineRegex = (closingMarker: string) => { + // Closing marker can only be followed by a comma or nothing + // This ensures that it's not between quotes + const regExStr = `^\\${closingMarker}\\s*(,)?$`; + return new RegExp(regExStr); +}; + +export const getFoldingRanges = (lines: string[], openingMarker: string, closingMarker: string) => { + const ranges: monaco.languages.ProviderResult = []; + const stack: number[] = []; + const openingLineRegex = getOpeningLineRegex(openingMarker); + const closingLineRegex = getClosingLineRegex(closingMarker); + + for (let i = 0; i < lines.length; i++) { + const lineContent = lines[i].trim(); + if (openingLineRegex.test(lineContent)) { + stack.push(i + 1); // Line numbers start from 1 so we need to add 1 to the current index + } else if (closingLineRegex.test(lineContent)) { + const start = stack.pop(); + if (start) { + ranges.push({ + start, + end: i, + }); + } + } + } + + return ranges; +}; diff --git a/packages/kbn-monaco/src/console/folding_range_provider/index.ts b/packages/kbn-monaco/src/console/folding_range_provider/index.ts new file mode 100644 index 0000000000000..4e9429182c000 --- /dev/null +++ b/packages/kbn-monaco/src/console/folding_range_provider/index.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +export { foldingRangeProvider } from './folding_range_provider'; diff --git a/packages/kbn-monaco/src/console/index.ts b/packages/kbn-monaco/src/console/index.ts index 5b4127191802d..7f408a6fb8480 100644 --- a/packages/kbn-monaco/src/console/index.ts +++ b/packages/kbn-monaco/src/console/index.ts @@ -19,6 +19,7 @@ import { consoleOutputLexerRules, consoleOutputLanguageConfiguration, } from './lexer_rules'; +import { foldingRangeProvider } from './folding_range_provider'; export { CONSOLE_LANG_ID, CONSOLE_OUTPUT_LANG_ID, CONSOLE_THEME_ID } from './constants'; @@ -28,12 +29,14 @@ export const ConsoleLang: LangModuleType = { ID: CONSOLE_LANG_ID, lexerRules, languageConfiguration, + foldingRangeProvider, }; export const ConsoleOutputLang: LangModuleType = { ID: CONSOLE_OUTPUT_LANG_ID, lexerRules: consoleOutputLexerRules, languageConfiguration: consoleOutputLanguageConfiguration, + foldingRangeProvider, }; export type { ParsedRequest } from './types'; diff --git a/packages/kbn-monaco/src/console/lexer_rules/shared.ts b/packages/kbn-monaco/src/console/lexer_rules/shared.ts index 9a877d8d131b1..04ad2a573af2c 100644 --- a/packages/kbn-monaco/src/console/lexer_rules/shared.ts +++ b/packages/kbn-monaco/src/console/lexer_rules/shared.ts @@ -15,11 +15,13 @@ export const consoleSharedLanguageConfiguration: monaco.languages.LanguageConfig brackets: [ ['{', '}'], ['[', ']'], + ['"""', '"""\n'], ], autoClosingPairs: [ { open: '{', close: '}' }, { open: '[', close: ']' }, { open: '"', close: '"' }, + { open: '"""', close: '"""' }, ], }; diff --git a/packages/kbn-monaco/src/esql/lib/esql_theme.test.ts b/packages/kbn-monaco/src/esql/lib/esql_theme.test.ts index 90abbb14c7913..98320b3791fc2 100644 --- a/packages/kbn-monaco/src/esql/lib/esql_theme.test.ts +++ b/packages/kbn-monaco/src/esql/lib/esql_theme.test.ts @@ -116,6 +116,7 @@ describe('ESQL Theme', () => { 'closing_metrics_line_comment', 'closing_metrics_multiline_comment', 'closing_metrics_ws', + 'match_operator', ]; // First, check that every valid exception is actually valid diff --git a/packages/kbn-monaco/src/helpers.ts b/packages/kbn-monaco/src/helpers.ts index 81d30b680762a..7a7f0c888aebf 100644 --- a/packages/kbn-monaco/src/helpers.ts +++ b/packages/kbn-monaco/src/helpers.ts @@ -9,7 +9,7 @@ import { monaco } from './monaco_imports'; import type { LangModuleType, CustomLangModuleType } from './types'; export function registerLanguage(language: LangModuleType | CustomLangModuleType) { - const { ID, lexerRules, languageConfiguration } = language; + const { ID, lexerRules, languageConfiguration, foldingRangeProvider } = language; monaco.languages.register({ id: ID }); @@ -22,6 +22,10 @@ export function registerLanguage(language: LangModuleType | CustomLangModuleType monaco.languages.setLanguageConfiguration(ID, languageConfiguration); } + if (foldingRangeProvider) { + monaco.languages.registerFoldingRangeProvider(ID, foldingRangeProvider); + } + if ('onLanguage' in language) { await language.onLanguage(); } diff --git a/packages/kbn-monaco/src/types.ts b/packages/kbn-monaco/src/types.ts index 5a4d3c1793031..7fb852c1ae683 100644 --- a/packages/kbn-monaco/src/types.ts +++ b/packages/kbn-monaco/src/types.ts @@ -13,6 +13,7 @@ export interface LangModuleType { ID: string; lexerRules?: monaco.languages.IMonarchLanguage; languageConfiguration?: monaco.languages.LanguageConfiguration; + foldingRangeProvider?: monaco.languages.FoldingRangeProvider; getSuggestionProvider?: Function; } diff --git a/packages/kbn-openapi-bundler/src/bundler/merge_documents/enrich_with_version_mime_param.ts b/packages/kbn-openapi-bundler/src/bundler/merge_documents/enrich_with_version_mime_param.ts index d3d7c6e44885e..5216efae0012e 100644 --- a/packages/kbn-openapi-bundler/src/bundler/merge_documents/enrich_with_version_mime_param.ts +++ b/packages/kbn-openapi-bundler/src/bundler/merge_documents/enrich_with_version_mime_param.ts @@ -12,9 +12,12 @@ import { isRefNode } from '../process_document'; import { getOasDocumentVersion } from '../../utils/get_oas_document_version'; import { KNOWN_HTTP_METHODS } from './http_methods'; +const DEFAULT_API_VERSION = '2023-10-31'; +const VERSION_REGEX = /\d{4}-\d{2}-\d{2}/; + export function enrichWithVersionMimeParam(resolvedDocuments: ResolvedDocument[]): void { for (const resolvedDocument of resolvedDocuments) { - const version = getOasDocumentVersion(resolvedDocument); + const version = extractApiVersion(resolvedDocument); const paths = resolvedDocument.document.paths as OpenAPIV3.PathsObject; for (const path of Object.keys(paths ?? {})) { @@ -80,3 +83,13 @@ function enrichContentWithVersion( delete content[mimeType]; } } + +function extractApiVersion(resolvedDocument: ResolvedDocument): string { + const version = getOasDocumentVersion(resolvedDocument); + + if (!VERSION_REGEX.test(version)) { + return DEFAULT_API_VERSION; + } + + return version < DEFAULT_API_VERSION ? DEFAULT_API_VERSION : version; +} diff --git a/packages/kbn-openapi-generator/docs/USAGE_GUIDE.md b/packages/kbn-openapi-generator/docs/USAGE_GUIDE.md new file mode 100644 index 0000000000000..d50b3d1395864 --- /dev/null +++ b/packages/kbn-openapi-generator/docs/USAGE_GUIDE.md @@ -0,0 +1,435 @@ +## OpenAPI Generator (`kbn-openapi-generator`) Usage Guide + +OpenAPI code generator (`kbn-openapi-generator`) could be used to generate different artifacts like runtime types, documentation, server stub implementations, clients, and much more given OpenAPI specification. Usually the first priority is to generate Zod schemas and related TypeScript types and integrate them into routes implementation and related code. The current guide focuses mainly on that topic. + +Any OpenAPI spec files should conform to [OpenAPI Specification 3.0](https://swagger.io/specification/v3/). OpenAPI Generator supports a subset of the specification. + +_For general information and getting started guide check `README` in the root of this package._ + +### How to organize files with OpenAPI specs? + +We recommend to follow rules described below. These rules were derived from hands-on experience while using OpenAPI specs and code generation in Rule Management team. + +- Prefer placing OpenAPI specs in a package (see `kbn-securitysolution-lists-common` or `kbn-securitysolution-exceptions-common` for examples). Generated artifacts can be easily imported into the other packages or plugins. Having specs in a package simplify reusing (you don't need long relative paths `../../../../my.schema.yaml`) of common OpenAPI primitives like `NonEmptyString` or `UUID` defined in `kbn-openapi-common` package. +- Split API endpoint declarations into separate files. The rule of thumb here is having one HTTP Method declaration per file. For example you want to declare two endpoints `GET /api/my/data` and `POST /api/my/data` so you need to create two OpenAPI spec files for them. +- Make sure you define `operationId` for each path item. `operationId` is a unique string used to identify the operation (a single API operation on a path like `GET` and `POST`). The id MUST be unique among all operations described in Kibana. The `operationId` value is case-sensitive. Tools and libraries use the `operationId` to uniquely identify an operation. +- Make sure OpenAPI spec file name matches defined `operationId` so it can be easily found in IDE. +- Feel free to group OpenAPI specs inside domain folder in smaller groups according to the business logic. +- Prefer reducing tight coupling by using index files to reexport artifacts from `*.gen.ts` files (see `kbn-securitysolution-lists-common` or `kbn-securitysolution-exceptions-common` for examples). + +> **Info:** By default OpenAPI code generator expects OpenAPI spec files named `.schema.yaml`. If it's absolutely necessary to use another suffix make sure OpenAPI code generator picks file up by modifying generating script where `generate()` function is invoked. + +You have quite a lot of freedom on organizing your OpenAPI specs and code generator supports any valid OpenAPI. + +#### Example + +You can find an example package's folder structure + +- kbn-solutionname-domain-name-common + - api + - business feature A + - create_entity.schema.yaml + - delete_entity.schema.yaml + ... + - business feature B + - read_configuration.schema.yaml + - update_featureB_entity.schema.yaml + ... + - scripts - openapi_generate.js + ... + +### How to enable code generation? + +By default OpenAPI code generator generation produces artifacts for `components` defined in OpenAPI specs but disabled for `paths`. `x-codegen-enabled` custom property allows to enable/disable code generation for particular path item or components. `x-codegen-enabled: true` should be always added to path items you want to enable code generation for. + +> **Warning:** When code generation for path items is enabled OpenAPI code generator produces Zod schemas and TS types for request body, request parameters and successful response. **You AREN'T required to define schemas for request body, request parameters and successful response manually.** If you don't see such artifacts most probably path items code generation is disabled. + +#### Examples + +The following example demonstrates an API endpoint declaration with enabled code generation. Notice `x-codegen-enabled: true` added to the path item to enable code generation. When it's omitted code generator will only produce artifacts for `components.schemas.ReadDeleted` schema. `common.schema.yaml` doesn't have property `x-codegen-enabled` since code generation is enabled by default for schema components. + +**read_entity.schema.yaml** + +```yaml +openapi: 3.0.0 +info: + title: Read entity + version: '2023-10-31' +paths: + /api/my/data/{id}: + get: + x-labels: [serverless, ess] + x-codegen-enabled: true + operationId: ReadEntity + summary: Reads entity + description: This a more detailed description why you should read an entity + parameters: + - name: id + in: path + required: true + description: The entity's `id` value + schema: + $ref: '../common.schema.yaml#/components/schemas/EntityId' + - name: read_deleted + in: query + required: false + description: Whether request should return deleted entity + schema: + $ref: '#/components/schemas/ReadDeleted' + responses: + 200: + description: Indicates a successful call + content: + application/json: + schema: + $ref: '../common.schema.yaml#/components/schemas/Entity' + +components: + schemas: + ReadDeleted: + type: boolean +``` + +**common.schema.yaml** + +```yaml +openapi: 3.0.0 +info: + title: Common schemas + version: 'not applicable' + +components: + schemas: + EntityId: + type: string + + Entity: + type: object + properties: + id: + $ref: '#/components/schemas/EntityId' + value: + type: string + required: [id, value] +``` + +In a case when you want to disable code generation for components add `x-codegen-enabled: false` under `components` object as in the example below + +```yaml +openapi: 3.0.0 +info: + title: Common schemas + version: 'not applicable' + +components: + x-codegen-enabled: false + schemas: + EntityId: + type: string + + Entity: + type: object + properties: + id: + $ref: '#/components/schemas/EntityId' + value: + type: string + required: [id, value] +``` + +### How to integrate generated artifacts into route's implementation? + +Having OpenAPI specs and code generation by itself doesn't guarantee OpenAPI describes API endpoints precisely. To make sure OpenAPI description and implementation match you should use generated artifacts in route's implementation for input and optionally output data validation and type checking. Let's consider the following OpenAPI spec describing `/api/my/path/{id}` API endpoint + +```yaml +openapi: 3.0.0 +info: + title: Create entity endpoint + version: '2023-10-31' + +paths: + /api/my/data/{id}: + post: + x-labels: [serverless, ess] + x-codegen-enabled: true + operationId: CreateEntity + summary: Creates entity + description: This a more detailed description why you should create an entity + parameters: + - name: id + in: path + required: false + description: This is an example optional request path parameter + schema: + $ref: '#/components/schemas/EntityId' + - name: keep_hidden + in: query + required: false + description: This is an example request query parameter + schema: + $ref: '#/components/schemas/ReadDeleted' + requestBody: + description: This is an example request query parameter + required: true + content: + application/json: + schema: + type: object + properties: + fieldA: + type: string + fieldB: + type: boolean + required: [fieldA, fieldB] + responses: + 200: + description: Indicates a successful call + content: + application/json: + schema: + $ref: '#/components/schemas/Entity' + +components: + schemas: + EntityId: + type: string + + ReadDeleted: + type: boolean + + Entity: + type: object + properties: + id: + type: string + value: + type: string + required: [id, value] +``` + +Running OpenAPI Generator on that file will produce the following `.gen.ts` file + +```ts +import { z } from 'zod'; + +export type EntityId = z.infer; +export const EntityId = z.string(); + +export type ReadDeleted = z.infer; +export const ReadDeleted = z.boolean(); + +export type Entity = z.infer; +export const Entity = z.object({ + id: z.string(), + value: z.string(), +}); + +export type CreateEntityRequestQuery = z.infer; +export const CreateEntityRequestQuery = z.object({ + /** + * This is an example request query parameter + */ + keep_hidden: ReadDeleted.optional(), +}); +export type CreateEntityRequestQueryInput = z.input; + +export type CreateEntityRequestParams = z.infer; +export const CreateEntityRequestParams = z.object({ + /** + * This is an example optional request path parameter + */ + id: EntityId.optional(), +}); +export type CreateEntityRequestParamsInput = z.input; + +export type CreateEntityRequestBody = z.infer; +export const CreateEntityRequestBody = z.object({ + fieldA: z.string(), + fieldB: z.boolean(), +}); +export type CreateEntityRequestBodyInput = z.input; + +export type CreateEntityResponse = z.infer; +export const CreateEntityResponse = Entity; +``` + +Generated artifacts above could be integrated into route's implementation in the following way + +```ts +import { + CreateEntityRequestParams, + CreateEntityRequestQuery, + CreateEntityRequestBody, + CreateEntityResponse, +} from './my/api_domain'; + +export const createEntityRoute = (router: Router): void => { + router.versioned + .post({ + access: 'public', + path: '/api/my/data/{id}', + options: { + tags: ['access:securitySolution'], + }, + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: { + params: buildRouteValidationWithZod(CreateEntityRequestParams), + query: buildRouteValidationWithZod(CreateEntityRequestQuery), + body: buildRouteValidationWithZod(CreateEntityRequestBody), + }, + }, + }, + async (context, request, response): Promise> => { + try { + // implementation goes here + const options = { + id: request.params.id, + keepHidden: request.query.keep_hidden, + }; + const result = await createEntity(request.body, options); + + // Optional output validation. + // Could just return `result` but it makes sense to validate the `result` when we can't + // control it's construction or the return type is too way complex. + return response.ok({ + body: CreateEntityResponse.parse(result), + }); + + // Another option is to construct response explicitly + // return response.ok({ + // body: { + // id: result.id, + // value: result.value, + // } + // }); + } catch (err) { + const error = transformError(err as Error); + + return siemResponse.error({ + body: error.message, + statusCode: error.statusCode, + }); + } + } + ); +}; +``` + +### Can I use references in OpenAPI specs? + +OpenAPI Generator supports only `schema` references currently. Using references for `responses`, `parameters`, `requestBodies` and `pathItems` will lead either to errors during code generation or invalid `.gen.ts` files. + +If you strongly believe any of the unsupported references should be supported by OpenAPI Generator feel free to create an enhancement ticket in GitHub and assign it to Rule Management team. + +### Can I use circular/self-circular (recursive/self-recursive) schemas? + +Yes you can define local circular and/or self-circular schemas. Support for that functionality was added in [#186221](https://github.com/elastic/kibana/pull/186221). + +It works with exceptions + +- Only local references are supported (starting with `#/components/`) +- Discriminated unions aren't supported (a discriminated union should be assembled from object types which makes it more challenging to support them) + +If you strongly believe any of the unsupported features should be supported by OpenAPI Generator feel free to create an enhancement ticket in GitHub and assign it to Rule Management team. + +### Is there a way to specify `default` value for a referenced schema? + +Sometimes you might have an array schema defined in a spec with shared schemas like + +**common.schema.yaml** + +```yaml +openapi: 3.0.0 +info: + title: Common schemas + version: 'not applicable' +paths: {} + +components: + schemas: + ParametersArray: + type: array + items: + $ref: '#/components/schemas/Parameter' + + Parameter: + type: object + properties: + fieldA: + type: string + fieldB: + type: string +``` + +and you want to reference `ParametersArray` in for example a request body + +**spec.schema.yaml** + +```yaml +openapi: 3.0.0 +info: + title: Update parameters + version: '2023-10-31' +paths: + /api/my/data: + post: + x-labels: [serverless, ess] + x-codegen-enabled: true + operationId: UpdateParameters + summary: Updates parameters + description: This a more detailed description why you should update the parameters + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + someField: + type: string + parameters: + $ref: './common.schema.yaml#/components/schemas/ParametersArray' + required: [someField] + responses: ... +``` + +But you also want to have default value for example an empty array. In this case you can't provide any additional properties (including `default`) to the reference since OpenAPI 3.0 doesn't allow any properties next to `$ref`. + +The solution is to decompose the `ParametersArray` like below + +**spec.schema.yaml** + +```yaml +openapi: 3.0.0 +info: + title: Update parameters + version: '2023-10-31' +paths: + /api/my/data: + post: + x-labels: [serverless, ess] + x-codegen-enabled: true + operationId: UpdateParameters + summary: Updates parameters + description: This a more detailed description why you should update the parameters + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + someField: + type: string + parameters: + type: array + items: + $ref: './common.schema.yaml#/components/schemas/Parameter' + default: [] + required: [someField] + responses: ... +``` diff --git a/packages/kbn-optimizer/limits.yml b/packages/kbn-optimizer/limits.yml index 84055d662a65b..0356fb4fd6541 100644 --- a/packages/kbn-optimizer/limits.yml +++ b/packages/kbn-optimizer/limits.yml @@ -144,7 +144,7 @@ pageLoadAssetSize: searchprofiler: 67080 security: 81771 securitySolution: 98429 - securitySolutionEss: 16573 + securitySolutionEss: 31781 securitySolutionServerless: 62488 serverless: 16573 serverlessObservability: 68747 diff --git a/packages/kbn-optimizer/src/worker/webpack.config.ts b/packages/kbn-optimizer/src/worker/webpack.config.ts index ecf2ea603767d..646b3c42da1ac 100644 --- a/packages/kbn-optimizer/src/worker/webpack.config.ts +++ b/packages/kbn-optimizer/src/worker/webpack.config.ts @@ -212,6 +212,18 @@ export function getWebpackConfig( includePaths: [Path.resolve(worker.repoRoot, 'node_modules')], sourceMap: true, quietDeps: true, + logger: { + warn: (message: string, warning: any) => { + // Muted - see https://github.com/elastic/kibana/issues/190345 for tracking remediation + if (warning?.deprecationType?.id === 'mixed-decls') return; + + if (warning.deprecation) + return process.stderr.write( + `DEPRECATION WARNING: ${message}\n${warning.stack}` + ); + process.stderr.write('WARNING: ' + message); + }, + }, }, }, }, diff --git a/packages/kbn-safer-lodash-set/README.md b/packages/kbn-safer-lodash-set/README.md index 823b1acff3b01..110a06421e45e 100644 --- a/packages/kbn-safer-lodash-set/README.md +++ b/packages/kbn-safer-lodash-set/README.md @@ -78,7 +78,7 @@ set(child, 'foo', 3); // object and the `parent` object has not been modified: console.log(child.foo); // 3 console.log(parent.foo); // 1 -console.log(Object.prototype.hasOwnProperty.call(child, 'foo')); // true +console.log(Object.hasOwn(child, 'foo')); // true ``` ### The `path` must not access function prototypes diff --git a/packages/kbn-safer-lodash-set/test/fp_patch_test.js b/packages/kbn-safer-lodash-set/test/fp_patch_test.js index a7a900bd7601f..abc2ce348f5a7 100644 --- a/packages/kbn-safer-lodash-set/test/fp_patch_test.js +++ b/packages/kbn-safer-lodash-set/test/fp_patch_test.js @@ -190,7 +190,7 @@ setFunctions.forEach(([testPermutations, set, testName]) => { t.notStrictEqual(arr, result); t.ok(Array.isArray(result)); Object.keys(expected).forEach((key) => { - t.ok(Object.prototype.hasOwnProperty.call(result, key)); + t.ok(Object.hasOwn(result, key)); t.deepEqual(result[key], expected[key]); }); }); diff --git a/packages/kbn-safer-lodash-set/test/patch_test.js b/packages/kbn-safer-lodash-set/test/patch_test.js index f83cbe1e40b85..cbd2f879dd609 100644 --- a/packages/kbn-safer-lodash-set/test/patch_test.js +++ b/packages/kbn-safer-lodash-set/test/patch_test.js @@ -115,7 +115,7 @@ setAndSetWithFunctions.forEach(([set, testName]) => { const arr = []; set(arr, path, 'foo'); Object.keys(expected).forEach((key) => { - t.ok(Object.prototype.hasOwnProperty.call(arr, key)); + t.ok(Object.hasOwn(arr, key)); t.deepEqual(arr[key], expected[key]); }); t.end(); diff --git a/packages/kbn-server-http-tools/src/default_validation_error_handler.ts b/packages/kbn-server-http-tools/src/default_validation_error_handler.ts index d2f4e993f3e4b..9ee8bac238c44 100644 --- a/packages/kbn-server-http-tools/src/default_validation_error_handler.ts +++ b/packages/kbn-server-http-tools/src/default_validation_error_handler.ts @@ -43,7 +43,7 @@ export function defaultValidationErrorHandler( // // The Hapi code we're 'overwriting' can be found here: // https://github.com/hapijs/hapi/blob/master/lib/validation.js#L102 - if (err && err.name === 'ValidationError' && err.hasOwnProperty('output')) { + if (err && err.name === 'ValidationError' && Object.hasOwn(err, 'output')) { const validationError: HapiValidationError = err as HapiValidationError; const validationKeys: string[] = []; diff --git a/packages/kbn-std/src/ensure_deep_object.ts b/packages/kbn-std/src/ensure_deep_object.ts index 42550bd09436f..b815c16ac5c6e 100644 --- a/packages/kbn-std/src/ensure_deep_object.ts +++ b/packages/kbn-std/src/ensure_deep_object.ts @@ -49,7 +49,7 @@ function walk(obj: any, keys: string[], value: any, path: string[]) { return; } - if (!obj.hasOwnProperty(key)) { + if (!Object.hasOwn(obj, key)) { obj[key] = {}; } diff --git a/packages/kbn-std/src/ensure_no_unsafe_properties.ts b/packages/kbn-std/src/ensure_no_unsafe_properties.ts index b053a40d62530..cff9946d761fa 100644 --- a/packages/kbn-std/src/ensure_no_unsafe_properties.ts +++ b/packages/kbn-std/src/ensure_no_unsafe_properties.ts @@ -11,12 +11,6 @@ interface StackItem { previousKey: string | null; } -// we have to do Object.prototype.hasOwnProperty because when you create an object using -// Object.create(null), and I assume other methods, you get an object without a prototype, -// so you can't use current.hasOwnProperty -const hasOwnProperty = (obj: any, property: string) => - Object.prototype.hasOwnProperty.call(obj, property); - const isObject = (obj: any) => typeof obj === 'object' && obj !== null; // we're using a stack instead of recursion so we aren't limited by the call stack @@ -40,11 +34,11 @@ export function ensureNoUnsafeProperties(obj: any) { continue; } - if (hasOwnProperty(value, '__proto__')) { + if (Object.hasOwn(value, '__proto__')) { throw new Error(`'__proto__' is an invalid key`); } - if (hasOwnProperty(value, 'prototype') && previousKey === 'constructor') { + if (Object.hasOwn(value, 'prototype') && previousKey === 'constructor') { throw new Error(`'constructor.prototype' is an invalid key`); } diff --git a/packages/kbn-test/src/functional_test_runner/lib/providers/async_instance.ts b/packages/kbn-test/src/functional_test_runner/lib/providers/async_instance.ts index 1f0fb31ccd41d..c870a1538ec29 100644 --- a/packages/kbn-test/src/functional_test_runner/lib/providers/async_instance.ts +++ b/packages/kbn-test/src/functional_test_runner/lib/providers/async_instance.ts @@ -73,7 +73,7 @@ export const createAsyncInstance = ( }, get(_, prop, receiver) { - if (loadingTarget.hasOwnProperty(prop)) { + if (Object.hasOwn(loadingTarget, prop)) { return Reflect.get(loadingTarget as any, prop, receiver); } @@ -84,7 +84,7 @@ export const createAsyncInstance = ( }, getOwnPropertyDescriptor(_, prop) { - if (loadingTarget.hasOwnProperty(prop)) { + if (Object.hasOwn(loadingTarget, prop)) { return Reflect.getOwnPropertyDescriptor(loadingTarget, prop); } @@ -100,7 +100,7 @@ export const createAsyncInstance = ( }, has(_, prop) { - if (!loadingTarget.hasOwnProperty(prop)) { + if (!Object.hasOwn(loadingTarget, prop)) { return Reflect.has(loadingTarget, prop); } diff --git a/packages/kbn-test/src/functional_test_runner/lib/providers/verbose_instance.ts b/packages/kbn-test/src/functional_test_runner/lib/providers/verbose_instance.ts index ca4109961b51c..d4ed0b7099468 100644 --- a/packages/kbn-test/src/functional_test_runner/lib/providers/verbose_instance.ts +++ b/packages/kbn-test/src/functional_test_runner/lib/providers/verbose_instance.ts @@ -59,7 +59,7 @@ export function createVerboseInstance( }; } - if (result.hasOwnProperty('thrown')) { + if (Object.hasOwn(result, 'thrown')) { log.indent(-2); throw result.thrown; } diff --git a/packages/kbn-test/src/jest/setup/polyfills.jsdom.js b/packages/kbn-test/src/jest/setup/polyfills.jsdom.js index 0867862b2d4ca..80fc5185dc115 100644 --- a/packages/kbn-test/src/jest/setup/polyfills.jsdom.js +++ b/packages/kbn-test/src/jest/setup/polyfills.jsdom.js @@ -11,12 +11,12 @@ Object.defineProperty(window, 'MutationObserver', { value: MutationObserver }); require('whatwg-fetch'); -if (!global.URL.hasOwnProperty('createObjectURL')) { +if (!Object.hasOwn(global.URL, 'createObjectURL')) { Object.defineProperty(global.URL, 'createObjectURL', { value: () => '' }); } // https://github.com/jsdom/jsdom/issues/2524 -if (!global.hasOwnProperty('TextEncoder')) { +if (!Object.hasOwn(global, 'TextEncoder')) { const customTextEncoding = require('@kayahr/text-encoding'); global.TextEncoder = customTextEncoding.TextEncoder; global.TextDecoder = customTextEncoding.TextDecoder; @@ -29,11 +29,11 @@ if (!global.hasOwnProperty('TextEncoder')) { // https://github.com/jsdom/jsdom/issues/2555 global.Blob = require('blob-polyfill').Blob; -if (!global.hasOwnProperty('ResizeObserver')) { +if (!Object.hasOwn(global, 'ResizeObserver')) { global.ResizeObserver = require('resize-observer-polyfill'); } -if (!global.hasOwnProperty('Worker')) { +if (!Object.hasOwn(global, 'Worker')) { class Worker { constructor(stringUrl) { this.url = stringUrl; @@ -49,7 +49,7 @@ if (!global.hasOwnProperty('Worker')) { // Mocking matchMedia to resolve TypeError: window.matchMedia is not a function // For more info, see https://jestjs.io/docs/manual-mocks#mocking-methods-which-are-not-implemented-in-jsdom - if (!global.hasOwnProperty('matchMedia')) { + if (!Object.hasOwn(global, 'matchMedia')) { Object.defineProperty(global, 'matchMedia', { writable: true, // eslint-disable-next-line no-undef diff --git a/packages/kbn-test/src/kbn_client/kbn_client_ui_settings.ts b/packages/kbn-test/src/kbn_client/kbn_client_ui_settings.ts index 599184b30a461..a5a1102a0d44e 100644 --- a/packages/kbn-test/src/kbn_client/kbn_client_ui_settings.ts +++ b/packages/kbn-test/src/kbn_client/kbn_client_ui_settings.ts @@ -69,7 +69,7 @@ export class KbnClientUiSettings { }; for (const [name, { isOverridden }] of Object.entries(await this.getAll())) { - if (!isOverridden && !changes.hasOwnProperty(name)) { + if (!isOverridden && !Object.hasOwn(changes, name)) { changes[name] = null; } } diff --git a/packages/kbn-tooling-log/src/tooling_log_text_writer.ts b/packages/kbn-tooling-log/src/tooling_log_text_writer.ts index 4fe33241cf77e..063edd75a14cb 100644 --- a/packages/kbn-tooling-log/src/tooling_log_text_writer.ts +++ b/packages/kbn-tooling-log/src/tooling_log_text_writer.ts @@ -25,7 +25,7 @@ const MSG_PREFIXES = { error: `${red('ERROR')} `, }; -const has = (obj: T, key: any): key is keyof T => obj.hasOwnProperty(key); +const has = (obj: T, key: any): key is keyof T => Object.hasOwn(obj, key); export interface ToolingLogTextWriterConfig { /** diff --git a/packages/kbn-try-in-console/components/try_in_console_button.test.tsx b/packages/kbn-try-in-console/components/try_in_console_button.test.tsx index fb4cce16d6134..ffb07c46989f6 100644 --- a/packages/kbn-try-in-console/components/try_in_console_button.test.tsx +++ b/packages/kbn-try-in-console/components/try_in_console_button.test.tsx @@ -73,7 +73,7 @@ describe('TryInConsoleButton', () => { const wrapper = render(); expect(wrapper.getByTestId('tryInConsoleButton')).toBeTruthy(); - expect(wrapper.getByRole('button')).toHaveTextContent('Try in Console'); + expect(wrapper.getByRole('button')).toHaveTextContent('Run in Console'); expect(mockLocatorUseUrl).toHaveBeenCalledWith( { loadFrom: 'data:text/plain,OIUQKgBA9A+gzgFwIYLkA', @@ -87,7 +87,7 @@ describe('TryInConsoleButton', () => { const wrapper = render(); expect(wrapper.getByTestId('tryInConsoleLink')).toBeTruthy(); - expect(wrapper.getByRole('button')).toHaveTextContent('Try in Console'); + expect(wrapper.getByRole('button')).toHaveTextContent('Run in Console'); }); it('renders null if dev tools are unavailable', async () => { const props: Partial = { @@ -153,7 +153,7 @@ describe('TryInConsoleButton', () => { const props: Partial = { request: 'GET /_stats' }; render(); - fireEvent.click(screen.getByText('Try in Console')); + fireEvent.click(screen.getByText('Run in Console')); expect(windowOpenSpy).toHaveBeenCalledTimes(1); expect(windowOpenSpy).toHaveBeenCalledWith('/app/test/dev_tools', '_blank', 'noreferrer'); @@ -161,7 +161,7 @@ describe('TryInConsoleButton', () => { it('can open in new tab without data', async () => { render(); - fireEvent.click(screen.getByText('Try in Console')); + fireEvent.click(screen.getByText('Run in Console')); expect(mockLocatorUseUrl).toHaveBeenCalledWith({}, undefined, [undefined]); expect(windowOpenSpy).toHaveBeenCalledTimes(1); @@ -175,7 +175,7 @@ describe('TryInConsoleButton', () => { /> ); - fireEvent.click(screen.getByText('Try in Console')); + fireEvent.click(screen.getByText('Run in Console')); expect(windowOpenSpy).toHaveBeenCalledTimes(0); expect(mockConsole.openEmbeddedConsole).toHaveBeenCalledTimes(1); @@ -185,7 +185,7 @@ describe('TryInConsoleButton', () => { mockConsole.isEmbeddedConsoleAvailable.mockReturnValue(false); render(); - fireEvent.click(screen.getByText('Try in Console')); + fireEvent.click(screen.getByText('Run in Console')); expect(windowOpenSpy).toHaveBeenCalledTimes(1); expect(mockConsole.openEmbeddedConsole).toHaveBeenCalledTimes(0); diff --git a/packages/kbn-try-in-console/components/try_in_console_button.tsx b/packages/kbn-try-in-console/components/try_in_console_button.tsx index 077c87ca66ed0..aae6ec338dfaa 100644 --- a/packages/kbn-try-in-console/components/try_in_console_button.tsx +++ b/packages/kbn-try-in-console/components/try_in_console_button.tsx @@ -16,7 +16,9 @@ import type { ConsolePluginStart } from '@kbn/console-plugin/public'; import { i18n } from '@kbn/i18n'; import { compressToEncodedURIComponent } from 'lz-string'; -const TRY_IN_CONSOLE = i18n.translate('tryInConsole.button', { defaultMessage: 'Try in Console' }); +const RUN_IN_CONSOLE = i18n.translate('tryInConsole.button.text', { + defaultMessage: 'Run in Console', +}); export interface TryInConsoleButtonProps { request?: string; @@ -32,7 +34,7 @@ export const TryInConsoleButton = ({ application, consolePlugin, sharePlugin, - content = TRY_IN_CONSOLE, + content = RUN_IN_CONSOLE, showIcon = true, type = 'emptyButton', }: TryInConsoleButtonProps) => { @@ -70,11 +72,11 @@ export const TryInConsoleButton = ({ consolePlugin?.isEmbeddedConsoleAvailable?.() ) { return i18n.translate('tryInConsole.embeddedConsoleButton.ariaLabel', { - defaultMessage: 'Try in Console - opens in embedded console', + defaultMessage: 'Run in Console - opens in embedded console', }); } return i18n.translate('tryInConsole.inNewTab.button.ariaLabel', { - defaultMessage: 'Try in Console - opens in a new tab', + defaultMessage: 'Run in Console - opens in a new tab', }); }; @@ -83,7 +85,7 @@ export const TryInConsoleButton = ({ 'aria-label': getAriaLabel(), onClick, }; - const iconType = showIcon ? 'popout' : undefined; + const iconType = showIcon ? 'play' : undefined; switch (type) { case 'link': diff --git a/packages/kbn-unified-data-table/__mocks__/table_context.ts b/packages/kbn-unified-data-table/__mocks__/table_context.ts index 9cf28f89eb810..b1364e4ce8933 100644 --- a/packages/kbn-unified-data-table/__mocks__/table_context.ts +++ b/packages/kbn-unified-data-table/__mocks__/table_context.ts @@ -14,7 +14,7 @@ import { servicesMock } from './services'; import { DataTableContext } from '../src/table_context'; import { convertValueToString } from '../src/utils/convert_value_to_string'; import { buildDataTableRecord } from '@kbn/discover-utils'; -import type { EsHitRecord } from '@kbn/discover-utils/types'; +import type { DataTableRecord, EsHitRecord } from '@kbn/discover-utils/types'; import type { UseSelectedDocsState } from '../src/hooks/use_selected_docs'; const buildTableContext = (dataView: DataView, rows: EsHitRecord[]): DataTableContext => { @@ -53,10 +53,13 @@ export function buildSelectedDocsState(selectedDocIds: string[]): UseSelectedDoc return { isDocSelected: (docId: string) => selectedDocsSet.has(docId), - getCountOfSelectedDocs: (docIds: string[]) => + getCountOfFilteredSelectedDocs: (docIds: string[]) => docIds.reduce((acc, docId) => (selectedDocsSet.has(docId) ? acc + 1 : acc), 0), + getSelectedDocsOrderedByRows: (rows: DataTableRecord[]) => + rows.filter((row) => selectedDocsSet.has(row.id)), hasSelectedDocs: selectedDocsSet.size > 0, - selectedDocIds, + selectedDocsCount: selectedDocsSet.size, + docIdsInSelectionOrder: selectedDocIds, toggleDocSelection: jest.fn(), selectAllDocs: jest.fn(), selectMoreDocs: jest.fn(), diff --git a/packages/kbn-unified-data-table/src/components/data_table.test.tsx b/packages/kbn-unified-data-table/src/components/data_table.test.tsx index 6366aa4445630..f5749eaee4bf0 100644 --- a/packages/kbn-unified-data-table/src/components/data_table.test.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table.test.tsx @@ -9,7 +9,6 @@ import React from 'react'; import { ReactWrapper } from 'enzyme'; import { EuiButton, - EuiCopy, EuiDataGrid, EuiDataGridCellValueElementProps, EuiDataGridCustomBodyProps, @@ -130,6 +129,23 @@ async function toggleDocSelection( } describe('UnifiedDataTable', () => { + const originalClipboard = global.window.navigator.clipboard; + + beforeAll(() => { + Object.defineProperty(navigator, 'clipboard', { + value: { + writeText: jest.fn(), + }, + writable: true, + }); + }); + + afterAll(() => { + Object.defineProperty(navigator, 'clipboard', { + value: originalClipboard, + }); + }); + afterEach(async () => { jest.clearAllMocks(); }); @@ -213,11 +229,36 @@ describe('UnifiedDataTable', () => { expect(getDisplayedDocNr(component)).toBe(5); }); - test('copying selected documents to clipboard', async () => { + test('copying selected documents to clipboard as JSON', async () => { await toggleDocSelection(component, esHitsMock[0]); findTestSubject(component, 'unifiedDataTableSelectionBtn').simulate('click'); - expect(component.find(EuiCopy).prop('textToCopy')).toMatchInlineSnapshot( - `"[{\\"_index\\":\\"i\\",\\"_id\\":\\"1\\",\\"_score\\":1,\\"_type\\":\\"_doc\\",\\"_source\\":{\\"date\\":\\"2020-20-01T12:12:12.123\\",\\"message\\":\\"test1\\",\\"bytes\\":20}}]"` + findTestSubject(component, 'dscGridCopySelectedDocumentsJSON').simulate('click'); + expect(navigator.clipboard.writeText).toHaveBeenCalledWith( + '[{"_index":"i","_id":"1","_score":1,"_type":"_doc","_source":{"date":"2020-20-01T12:12:12.123","message":"test1","bytes":20}}]' + ); + }); + + test('copying selected documents to clipboard as text', async () => { + await toggleDocSelection(component, esHitsMock[2]); + await toggleDocSelection(component, esHitsMock[1]); + findTestSubject(component, 'unifiedDataTableSelectionBtn').simulate('click'); + findTestSubject(component, 'unifiedDataTableCopyRowsAsText').simulate('click'); + expect(navigator.clipboard.writeText).toHaveBeenCalledWith( + '"\'@timestamp"\t"_index"\t"_score"\tbytes\tdate\textension\tmessage\tname\n-\ti\t1\t-\t"2020-20-01T12:12:12.124"\tjpg\t-\ttest2\n-\ti\t1\t50\t"2020-20-01T12:12:12.124"\tgif\t-\ttest3' + ); + }); + + test('copying selected columns to clipboard as text', async () => { + component = await getComponent({ + ...getProps(), + columns: ['date', 'extension', 'name'], + }); + await toggleDocSelection(component, esHitsMock[2]); + await toggleDocSelection(component, esHitsMock[1]); + findTestSubject(component, 'unifiedDataTableSelectionBtn').simulate('click'); + findTestSubject(component, 'unifiedDataTableCopyRowsAsText').simulate('click'); + expect(navigator.clipboard.writeText).toHaveBeenCalledWith( + '"\'@timestamp"\tdate\textension\tname\n-\t"2020-20-01T12:12:12.124"\tjpg\ttest2\n-\t"2020-20-01T12:12:12.124"\tgif\ttest3' ); }); }); diff --git a/packages/kbn-unified-data-table/src/components/data_table.tsx b/packages/kbn-unified-data-table/src/components/data_table.tsx index 243b86b540865..5068115fed76d 100644 --- a/packages/kbn-unified-data-table/src/components/data_table.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table.tsx @@ -480,7 +480,13 @@ export const UnifiedDataTable = ({ const docMap = useMemo(() => new Map(rows?.map((row) => [row.id, row]) ?? []), [rows]); const getDocById = useCallback((id: string) => docMap.get(id), [docMap]); const selectedDocsState = useSelectedDocs(docMap); - const { isDocSelected, hasSelectedDocs, selectedDocIds, replaceSelectedDocs } = selectedDocsState; + const { + isDocSelected, + hasSelectedDocs, + selectedDocsCount, + replaceSelectedDocs, + docIdsInSelectionOrder, + } = selectedDocsState; useEffect(() => { if (!hasSelectedDocs && isFilterActive) { @@ -889,13 +895,13 @@ export const UnifiedDataTable = ({ ]); const additionalControls = useMemo(() => { - if (!externalAdditionalControls && !selectedDocIds.length) { + if (!externalAdditionalControls && !selectedDocsCount) { return null; } return ( <> - {Boolean(selectedDocIds.length) && ( + {Boolean(selectedDocsCount) && ( )} {externalAdditionalControls} ); }, [ - selectedDocIds, + selectedDocsCount, selectedDocsState, externalAdditionalControls, isPlainRecord, @@ -924,6 +932,8 @@ export const UnifiedDataTable = ({ fieldFormats, unifiedDataTableContextValue.pageIndex, unifiedDataTableContextValue.pageSize, + toastNotifications, + visibleColumns, ]); const renderCustomToolbarFn: EuiDataGridProps['renderCustomToolbar'] | undefined = useMemo( @@ -1080,7 +1090,7 @@ export const UnifiedDataTable = ({ isPlainRecord={isPlainRecord} selectedFieldNames={visibleColumns} additionalFieldGroups={additionalFieldGroups} - selectedDocIds={selectedDocIds} + selectedDocIds={docIdsInSelectionOrder} schemaDetectors={schemaDetectors} forceShowAllFields={defaultColumns} showFullScreenButton={showFullScreenButton} diff --git a/packages/kbn-unified-data-table/src/components/data_table_columns.tsx b/packages/kbn-unified-data-table/src/components/data_table_columns.tsx index 4528e323c2047..f345c1093d9d1 100644 --- a/packages/kbn-unified-data-table/src/components/data_table_columns.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table_columns.tsx @@ -31,7 +31,7 @@ import { buildCopyColumnNameButton, buildCopyColumnValuesButton } from './build_ import { buildEditFieldButton } from './build_edit_field_button'; import { DataTableColumnHeader, DataTableTimeColumnHeader } from './data_table_column_header'; -const getColumnDisplayName = ( +export const getColumnDisplayName = ( columnName: string, dataViewFieldDisplayName: string | undefined, columnDisplay: string | undefined diff --git a/packages/kbn-unified-data-table/src/components/data_table_copy_rows_as_json.tsx b/packages/kbn-unified-data-table/src/components/data_table_copy_rows_as_json.tsx new file mode 100644 index 0000000000000..5e81a8e0a42ed --- /dev/null +++ b/packages/kbn-unified-data-table/src/components/data_table_copy_rows_as_json.tsx @@ -0,0 +1,58 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import React, { useContext, useState } from 'react'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { EuiContextMenuItem } from '@elastic/eui'; +import type { ToastsStart } from '@kbn/core/public'; +import { copyRowsAsJsonToClipboard } from '../utils/copy_value_to_clipboard'; +import { UnifiedDataTableContext } from '../table_context'; + +interface DataTableCopyRowsAsJsonProps { + toastNotifications: ToastsStart; + onCompleted: () => void; +} + +export const DataTableCopyRowsAsJson: React.FC = ({ + toastNotifications, + onCompleted, +}) => { + const [isProcessing, setIsProcessing] = useState(false); + const { rows, selectedDocsState, isPlainRecord } = useContext(UnifiedDataTableContext); + const { getSelectedDocsOrderedByRows } = selectedDocsState; + + return ( + { + setIsProcessing(true); + await copyRowsAsJsonToClipboard({ + // preserving the original order of rows rather than the order of selecting rows + selectedRows: getSelectedDocsOrderedByRows(rows), + toastNotifications, + }); + setIsProcessing(false); + onCompleted(); + }} + > + {isPlainRecord ? ( + + ) : ( + + )} + + ); +}; diff --git a/packages/kbn-unified-data-table/src/components/data_table_copy_rows_as_text.tsx b/packages/kbn-unified-data-table/src/components/data_table_copy_rows_as_text.tsx new file mode 100644 index 0000000000000..b0089193de82f --- /dev/null +++ b/packages/kbn-unified-data-table/src/components/data_table_copy_rows_as_text.tsx @@ -0,0 +1,76 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import React, { useContext, useState } from 'react'; +import { uniq } from 'lodash'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { EuiContextMenuItem } from '@elastic/eui'; +import type { ToastsStart } from '@kbn/core/public'; +import { calcFieldCounts } from '@kbn/discover-utils'; +import { copyRowsAsTextToClipboard } from '../utils/copy_value_to_clipboard'; +import { UnifiedDataTableContext } from '../table_context'; + +interface DataTableCopyRowsAsTextProps { + toastNotifications: ToastsStart; + columns: string[]; + onCompleted: () => void; +} + +export const DataTableCopyRowsAsText: React.FC = ({ + toastNotifications, + columns, + onCompleted, +}) => { + const [isProcessing, setIsProcessing] = useState(false); + const { valueToStringConverter, dataView, rows, selectedDocsState } = + useContext(UnifiedDataTableContext); + const { isDocSelected } = selectedDocsState; + + return ( + { + setIsProcessing(true); + + const outputColumns = columns.reduce((acc, column) => { + if (column === '_source') { + // split Document column into individual columns + const fieldCounts = calcFieldCounts(rows); + acc.push(...Object.keys(fieldCounts).sort()); + return acc; + } + acc.push(column); + return acc; + }, [] as string[]); + + await copyRowsAsTextToClipboard({ + columns: uniq(outputColumns), + // preserving the original order of rows rather than the order of selecting rows + selectedRowIndices: rows.reduce((acc, row, index) => { + if (isDocSelected(row.id)) { + acc.push(index); + } + return acc; + }, [] as number[]), + valueToStringConverter, + toastNotifications, + dataView, + }); + setIsProcessing(false); + onCompleted(); + }} + > + + + ); +}; diff --git a/packages/kbn-unified-data-table/src/components/data_table_document_selection.test.tsx b/packages/kbn-unified-data-table/src/components/data_table_document_selection.test.tsx index a1c39158f2b8d..fa2ec2f6fcbe2 100644 --- a/packages/kbn-unified-data-table/src/components/data_table_document_selection.test.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table_document_selection.test.tsx @@ -203,8 +203,18 @@ describe('document selection', () => { fieldFormats: servicesMock.fieldFormats, pageIndex: 0, pageSize: 2, + toastNotifications: servicesMock.toastNotifications, + columns: ['test'], }; - const component = mountWithIntl(); + const contextMock = { + ...dataTableContextMock, + selectedDocsState: props.selectedDocsState, + }; + const component = mountWithIntl( + + + + ); const button = findTestSubject(component, 'unifiedDataTableSelectionBtn'); expect(button.length).toBe(1); expect(button.text()).toBe('Selected2'); @@ -238,8 +248,18 @@ describe('document selection', () => { fieldFormats: servicesMock.fieldFormats, pageIndex: 0, pageSize: 2, + toastNotifications: servicesMock.toastNotifications, + columns: ['test'], + }; + const contextMock = { + ...dataTableContextMock, + selectedDocsState: props.selectedDocsState, }; - const component = mountWithIntl(); + const component = mountWithIntl( + + + + ); expect(findTestSubject(component, 'unifiedDataTableSelectionBtn').text()).toBe('Selected1'); expect(findTestSubject(component, 'dscGridSelectAllDocs').exists()).toBe(false); @@ -257,8 +277,18 @@ describe('document selection', () => { fieldFormats: servicesMock.fieldFormats, pageIndex: 0, pageSize: 2, + toastNotifications: servicesMock.toastNotifications, + columns: ['test'], }; - const component = mountWithIntl(); + const contextMock = { + ...dataTableContextMock, + selectedDocsState: props.selectedDocsState, + }; + const component = mountWithIntl( + + + + ); expect(findTestSubject(component, 'unifiedDataTableSelectionBtn').text()).toBe('Selected2'); const button = findTestSubject(component, 'dscGridSelectAllDocs'); @@ -283,8 +313,18 @@ describe('document selection', () => { fieldFormats: servicesMock.fieldFormats, pageIndex: 1, pageSize: 2, + toastNotifications: servicesMock.toastNotifications, + columns: ['test'], }; - const component = mountWithIntl(); + const contextMock = { + ...dataTableContextMock, + selectedDocsState: props.selectedDocsState, + }; + const component = mountWithIntl( + + + + ); expect(findTestSubject(component, 'unifiedDataTableSelectionBtn').text()).toBe('Selected2'); expect(findTestSubject(component, 'dscGridSelectAllDocs').exists()).toBe(true); @@ -302,8 +342,18 @@ describe('document selection', () => { fieldFormats: servicesMock.fieldFormats, pageIndex: 1, pageSize: 2, + toastNotifications: servicesMock.toastNotifications, + columns: ['test'], }; - const component = mountWithIntl(); + const contextMock = { + ...dataTableContextMock, + selectedDocsState: props.selectedDocsState, + }; + const component = mountWithIntl( + + + + ); expect(findTestSubject(component, 'unifiedDataTableSelectionBtn').text()).toBe( `Selected${dataTableContextMock.rows.length}` ); @@ -324,6 +374,8 @@ describe('document selection', () => { fieldFormats: servicesMock.fieldFormats, pageIndex: 0, pageSize: 2, + toastNotifications: servicesMock.toastNotifications, + columns: ['test'], }; const renderCompareBtn = ({ @@ -332,11 +384,18 @@ describe('document selection', () => { }: Partial[0]> = {}) => { render( - + + + ); return { diff --git a/packages/kbn-unified-data-table/src/components/data_table_document_selection.tsx b/packages/kbn-unified-data-table/src/components/data_table_document_selection.tsx index 2a34c4866cb86..7ca3c0f1f681c 100644 --- a/packages/kbn-unified-data-table/src/components/data_table_document_selection.tsx +++ b/packages/kbn-unified-data-table/src/components/data_table_document_selection.tsx @@ -12,7 +12,6 @@ import { EuiCheckbox, EuiContextMenuItem, EuiContextMenuPanel, - EuiCopy, EuiDataGridCellValueElementProps, EuiDataGridToolbarControl, EuiPopover, @@ -25,9 +24,12 @@ import { import { FormattedMessage } from '@kbn/i18n-react'; import { i18n } from '@kbn/i18n'; import { css } from '@emotion/react'; +import type { ToastsStart } from '@kbn/core-notifications-browser'; import type { DataTableRecord } from '@kbn/discover-utils/types'; import type { UseSelectedDocsState } from '../hooks/use_selected_docs'; import { UnifiedDataTableContext } from '../table_context'; +import { DataTableCopyRowsAsText } from './data_table_copy_rows_as_text'; +import { DataTableCopyRowsAsJson } from './data_table_copy_rows_as_json'; import { useControlColumn } from '../hooks/use_control_column'; export const SelectButton = (props: EuiDataGridCellValueElementProps) => { @@ -69,15 +71,17 @@ export const SelectButton = (props: EuiDataGridCellValueElementProps) => { export const SelectAllButton = () => { const { selectedDocsState, pageIndex, pageSize, rows } = useContext(UnifiedDataTableContext); - const { getCountOfSelectedDocs, deselectSomeDocs, selectMoreDocs } = selectedDocsState; + const { getCountOfFilteredSelectedDocs, deselectSomeDocs, selectMoreDocs } = selectedDocsState; const docIdsFromCurrentPage = useMemo(() => { return getDocIdsForCurrentPage(rows, pageIndex, pageSize); }, [rows, pageIndex, pageSize]); const countOfSelectedDocs = useMemo(() => { - return docIdsFromCurrentPage?.length ? getCountOfSelectedDocs(docIdsFromCurrentPage) : 0; - }, [docIdsFromCurrentPage, getCountOfSelectedDocs]); + return docIdsFromCurrentPage?.length + ? getCountOfFilteredSelectedDocs(docIdsFromCurrentPage) + : 0; + }, [docIdsFromCurrentPage, getCountOfFilteredSelectedDocs]); const isIndeterminateForCurrentPage = useMemo(() => { if (docIdsFromCurrentPage?.length) { @@ -147,6 +151,8 @@ export function DataTableDocumentToolbarBtn({ fieldFormats, pageIndex, pageSize, + toastNotifications, + columns, }: { isPlainRecord: boolean; isFilterActive: boolean; @@ -158,56 +164,50 @@ export function DataTableDocumentToolbarBtn({ fieldFormats: FieldFormatsStart; pageIndex: number | undefined; pageSize: number | undefined; + toastNotifications: ToastsStart; + columns: string[]; }) { const [isSelectionPopoverOpen, setIsSelectionPopoverOpen] = useState(false); - const { selectAllDocs, clearAllSelectedDocs, isDocSelected, selectedDocIds } = selectedDocsState; + const { selectAllDocs, clearAllSelectedDocs, selectedDocsCount, docIdsInSelectionOrder } = + selectedDocsState; + + const closePopover = useCallback(() => { + setIsSelectionPopoverOpen(false); + }, [setIsSelectionPopoverOpen]); const shouldSuggestToSelectAll = useMemo(() => { - const canSelectMore = selectedDocIds.length < rows.length && rows.length > 1; + const canSelectMore = selectedDocsCount < rows.length && rows.length > 1; if (typeof pageSize !== 'number' || isFilterActive || !canSelectMore) { return false; } - return selectedDocIds.length >= pageSize; - }, [rows, pageSize, selectedDocIds.length, isFilterActive]); + return selectedDocsCount >= pageSize; + }, [rows, pageSize, selectedDocsCount, isFilterActive]); const getMenuItems = useCallback(() => { return [ // Compare selected documents - ...(enableComparisonMode && selectedDocIds.length > 1 + ...(enableComparisonMode && selectedDocsCount > 1 ? [ , ] : []), - // Copy results to clipboard (JSON) - isDocSelected(row.id)).map((row) => row.raw)) - : '' - } - > - {(copy) => ( - - {isPlainRecord ? ( - - ) : ( - - )} - - )} - , + // Copy results to clipboard as text + , + // Copy results to clipboard as JSON + , isFilterActive ? ( // Show all documents { - setIsSelectionPopoverOpen(false); + closePopover(); setIsFilterActive(false); }} > @@ -238,7 +238,7 @@ export function DataTableDocumentToolbarBtn({ key="showSelectedDocuments" icon="eye" onClick={() => { - setIsSelectionPopoverOpen(false); + closePopover(); setIsFilterActive(true); }} > @@ -261,7 +261,7 @@ export function DataTableDocumentToolbarBtn({ key="clearSelection" icon="cross" onClick={() => { - setIsSelectionPopoverOpen(false); + closePopover(); clearAllSelectedDocs(); setIsFilterActive(false); }} @@ -272,13 +272,15 @@ export function DataTableDocumentToolbarBtn({ }, [ isFilterActive, isPlainRecord, - rows, setIsFilterActive, - isDocSelected, clearAllSelectedDocs, - selectedDocIds, + selectedDocsCount, + docIdsInSelectionOrder, enableComparisonMode, setIsCompareActive, + toastNotifications, + columns, + closePopover, ]); const toggleSelectionToolbar = useCallback( @@ -296,12 +298,12 @@ export function DataTableDocumentToolbarBtn({ iconSide="left" iconType="arrowDown" onClick={toggleSelectionToolbar} - data-selected-documents={selectedDocIds.length} + data-selected-documents={selectedDocsCount} data-test-subj="unifiedDataTableSelectionBtn" isSelected={isFilterActive} badgeContent={fieldFormats .getDefaultInstance(KBN_FIELD_TYPES.NUMBER, [ES_FIELD_TYPES.INTEGER]) - .convert(selectedDocIds.length)} + .convert(selectedDocsCount)} css={css` .euiButtonEmpty__content { flex-direction: row-reverse; diff --git a/packages/kbn-unified-data-table/src/hooks/use_selected_docs.test.ts b/packages/kbn-unified-data-table/src/hooks/use_selected_docs.test.ts index 9dac8b38f42a7..1d6170fea014e 100644 --- a/packages/kbn-unified-data-table/src/hooks/use_selected_docs.test.ts +++ b/packages/kbn-unified-data-table/src/hooks/use_selected_docs.test.ts @@ -20,12 +20,10 @@ describe('useSelectedDocs', () => { test('should have a correct default state', () => { const { result } = renderHook(() => useSelectedDocs(docsMap)); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [], - hasSelectedDocs: false, - }) - ); + expect(result.current.hasSelectedDocs).toBe(false); + expect(result.current.selectedDocsCount).toBe(0); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([]); + expect(result.current.docIdsInSelectionOrder).toEqual([]); }); test('should toggleDocSelection correctly', () => { @@ -35,12 +33,10 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[0].id); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[0].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(1); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[0]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[0].id]); expect(result.current.isDocSelected(docs[0].id)).toBe(true); expect(result.current.isDocSelected(docs[1].id)).toBe(false); @@ -49,12 +45,10 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[1].id); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[0].id, docs[1].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(2); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[0], docs[1]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[0].id, docs[1].id]); expect(result.current.isDocSelected(docs[0].id)).toBe(true); expect(result.current.isDocSelected(docs[1].id)).toBe(true); @@ -63,12 +57,10 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[0].id); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[1].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(1); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[1]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[1].id]); expect(result.current.isDocSelected(docs[0].id)).toBe(false); expect(result.current.isDocSelected(docs[1].id)).toBe(true); @@ -77,12 +69,10 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[1].id); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [], - hasSelectedDocs: false, - }) - ); + expect(result.current.hasSelectedDocs).toBe(false); + expect(result.current.selectedDocsCount).toBe(0); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([]); + expect(result.current.docIdsInSelectionOrder).toEqual([]); expect(result.current.isDocSelected(docs[0].id)).toBe(false); expect(result.current.isDocSelected(docs[1].id)).toBe(false); @@ -96,23 +86,19 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[1].id); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[0].id, docs[1].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(2); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[0], docs[1]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[0].id, docs[1].id]); act(() => { - result.current.replaceSelectedDocs([docs[1].id, docs[2].id]); + result.current.replaceSelectedDocs([docs[2].id, docs[1].id]); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[1].id, docs[2].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(2); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[1], docs[2]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[2].id, docs[1].id]); expect(result.current.isDocSelected(docs[0].id)).toBe(false); expect(result.current.isDocSelected(docs[1].id)).toBe(true); @@ -126,12 +112,10 @@ describe('useSelectedDocs', () => { result.current.selectAllDocs(); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: docs.map((doc) => doc.id), - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(docs.length); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual(docs); + expect(result.current.docIdsInSelectionOrder).toEqual(docs.map((doc) => doc.id)); expect(result.current.isDocSelected(docs[0].id)).toBe(true); expect(result.current.isDocSelected(docs[docs.length - 1].id)).toBe(true); @@ -145,23 +129,19 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[1].id); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[0].id, docs[1].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(2); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[0], docs[1]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[0].id, docs[1].id]); act(() => { result.current.selectMoreDocs([docs[1].id, docs[2].id]); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[0].id, docs[1].id, docs[2].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(3); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[0], docs[1], docs[2]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[0].id, docs[1].id, docs[2].id]); expect(result.current.isDocSelected(docs[0].id)).toBe(true); expect(result.current.isDocSelected(docs[1].id)).toBe(true); @@ -177,23 +157,19 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[2].id); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[0].id, docs[1].id, docs[2].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(3); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[0], docs[1], docs[2]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[0].id, docs[1].id, docs[2].id]); act(() => { result.current.deselectSomeDocs([docs[0].id, docs[2].id]); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[1].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(1); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[1]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[1].id]); expect(result.current.isDocSelected(docs[0].id)).toBe(false); expect(result.current.isDocSelected(docs[1].id)).toBe(true); @@ -208,29 +184,25 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[1].id); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [docs[0].id, docs[1].id], - hasSelectedDocs: true, - }) - ); + expect(result.current.hasSelectedDocs).toBe(true); + expect(result.current.selectedDocsCount).toBe(2); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([docs[0], docs[1]]); + expect(result.current.docIdsInSelectionOrder).toEqual([docs[0].id, docs[1].id]); act(() => { result.current.clearAllSelectedDocs(); }); - expect(result.current).toEqual( - expect.objectContaining({ - selectedDocIds: [], - hasSelectedDocs: false, - }) - ); + expect(result.current.hasSelectedDocs).toBe(false); + expect(result.current.selectedDocsCount).toBe(0); + expect(result.current.getSelectedDocsOrderedByRows(docs)).toEqual([]); + expect(result.current.docIdsInSelectionOrder).toEqual([]); expect(result.current.isDocSelected(docs[0].id)).toBe(false); expect(result.current.isDocSelected(docs[1].id)).toBe(false); }); - test('should getCountOfSelectedDocs correctly', () => { + test('should getCountOfFilteredSelectedDocs correctly', () => { const { result } = renderHook(() => useSelectedDocs(docsMap)); act(() => { @@ -238,16 +210,16 @@ describe('useSelectedDocs', () => { result.current.toggleDocSelection(docs[1].id); }); - expect(result.current.getCountOfSelectedDocs([docs[0].id, docs[1].id])).toBe(2); - expect(result.current.getCountOfSelectedDocs([docs[2].id, docs[3].id])).toBe(0); + expect(result.current.getCountOfFilteredSelectedDocs([docs[0].id, docs[1].id])).toBe(2); + expect(result.current.getCountOfFilteredSelectedDocs([docs[2].id, docs[3].id])).toBe(0); act(() => { result.current.toggleDocSelection(docs[0].id); }); - expect(result.current.getCountOfSelectedDocs([docs[0].id, docs[1].id])).toBe(1); - expect(result.current.getCountOfSelectedDocs([docs[1].id])).toBe(1); - expect(result.current.getCountOfSelectedDocs([docs[0].id])).toBe(0); - expect(result.current.getCountOfSelectedDocs([docs[2].id, docs[3].id])).toBe(0); + expect(result.current.getCountOfFilteredSelectedDocs([docs[0].id, docs[1].id])).toBe(1); + expect(result.current.getCountOfFilteredSelectedDocs([docs[1].id])).toBe(1); + expect(result.current.getCountOfFilteredSelectedDocs([docs[0].id])).toBe(0); + expect(result.current.getCountOfFilteredSelectedDocs([docs[2].id, docs[3].id])).toBe(0); }); }); diff --git a/packages/kbn-unified-data-table/src/hooks/use_selected_docs.ts b/packages/kbn-unified-data-table/src/hooks/use_selected_docs.ts index c61238bd3f778..c70e74f1abdaa 100644 --- a/packages/kbn-unified-data-table/src/hooks/use_selected_docs.ts +++ b/packages/kbn-unified-data-table/src/hooks/use_selected_docs.ts @@ -11,15 +11,17 @@ import type { DataTableRecord } from '@kbn/discover-utils'; export interface UseSelectedDocsState { isDocSelected: (docId: string) => boolean; - getCountOfSelectedDocs: (docIds: string[]) => number; + getCountOfFilteredSelectedDocs: (docIds: string[]) => number; hasSelectedDocs: boolean; - selectedDocIds: string[]; + selectedDocsCount: number; + docIdsInSelectionOrder: string[]; toggleDocSelection: (docId: string) => void; selectAllDocs: () => void; selectMoreDocs: (docIds: string[]) => void; deselectSomeDocs: (docIds: string[]) => void; replaceSelectedDocs: (docIds: string[]) => void; clearAllSelectedDocs: () => void; + getSelectedDocsOrderedByRows: (rows: DataTableRecord[]) => DataTableRecord[]; } export const useSelectedDocs = (docMap: Map): UseSelectedDocsState => { @@ -70,43 +72,53 @@ export const useSelectedDocs = (docMap: Map): UseSelect [selectedDocsSet, docMap] ); - const usedSelectedDocsCount = selectedDocIds.length; + const getSelectedDocsOrderedByRows = useCallback( + (rows: DataTableRecord[]) => { + return rows.filter((row) => isDocSelected(row.id)); + }, + [isDocSelected] + ); - const getCountOfSelectedDocs = useCallback( + const selectedDocsCount = selectedDocIds.length; + + const getCountOfFilteredSelectedDocs = useCallback( (docIds) => { - if (!usedSelectedDocsCount) { + if (!selectedDocsCount) { return 0; } return docIds.filter(isDocSelected).length; }, - [usedSelectedDocsCount, isDocSelected] + [selectedDocsCount, isDocSelected] ); return useMemo( () => ({ isDocSelected, - hasSelectedDocs: usedSelectedDocsCount > 0, - getCountOfSelectedDocs, - selectedDocIds, + hasSelectedDocs: selectedDocsCount > 0, + selectedDocsCount, + docIdsInSelectionOrder: selectedDocIds, + getCountOfFilteredSelectedDocs, toggleDocSelection, selectAllDocs, selectMoreDocs, deselectSomeDocs, replaceSelectedDocs, clearAllSelectedDocs, + getSelectedDocsOrderedByRows, }), [ isDocSelected, - getCountOfSelectedDocs, + getCountOfFilteredSelectedDocs, toggleDocSelection, selectAllDocs, selectMoreDocs, deselectSomeDocs, replaceSelectedDocs, clearAllSelectedDocs, - usedSelectedDocsCount, selectedDocIds, + selectedDocsCount, + getSelectedDocsOrderedByRows, ] ); }; diff --git a/packages/kbn-unified-data-table/src/utils/copy_value_to_clipboard.test.tsx b/packages/kbn-unified-data-table/src/utils/copy_value_to_clipboard.test.tsx index f49a7ef95ed6d..fdb68618fab49 100644 --- a/packages/kbn-unified-data-table/src/utils/copy_value_to_clipboard.test.tsx +++ b/packages/kbn-unified-data-table/src/utils/copy_value_to_clipboard.test.tsx @@ -12,6 +12,8 @@ import { copyValueToClipboard, copyColumnNameToClipboard, copyColumnValuesToClipboard, + copyRowsAsTextToClipboard, + copyRowsAsJsonToClipboard, } from './copy_value_to_clipboard'; import { convertValueToString } from './convert_value_to_string'; import type { ValueToStringConverter } from '../types'; @@ -151,4 +153,59 @@ describe('copyValueToClipboard', () => { text: 'Values may contain formulas that are escaped.', }); }); + + it('should copy rows to clipboard as text', async () => { + execCommandMock.mockImplementationOnce(() => true); + + const result = await copyRowsAsTextToClipboard({ + toastNotifications: servicesMock.toastNotifications, + columns: ['bool_enabled', 'keyword_key'], + dataView: dataTableContextComplexMock.dataView, + selectedRowIndices: [0], + valueToStringConverter, + }); + + const output = '"bool_enabled"\t"keyword_key"\nfalse\tabcd1'; + expect(result).toBe(output); + expect(global.window.navigator.clipboard.writeText).toHaveBeenCalledWith(output); + expect(servicesMock.toastNotifications.addInfo).toHaveBeenCalledWith({ + title: 'Copied to clipboard', + }); + }); + + it('should copy rows to clipboard as text with a warning', async () => { + execCommandMock.mockImplementationOnce(() => true); + + const result = await copyRowsAsTextToClipboard({ + toastNotifications: servicesMock.toastNotifications, + columns: ['bool_enabled', 'scripted_string'], + dataView: dataTableContextComplexMock.dataView, + selectedRowIndices: [0, 1], + valueToStringConverter, + }); + + const output = '"bool_enabled"\t"scripted_string"\nfalse\t"hi there"\ntrue\t"\'=1+2"";=1+2"'; + expect(result).toBe(output); + expect(servicesMock.toastNotifications.addWarning).toHaveBeenCalledWith({ + title: 'Copied to clipboard', + text: 'Values may contain formulas that are escaped.', + }); + }); + + it('should copy rows to clipboard as JSON', async () => { + execCommandMock.mockImplementationOnce(() => true); + + const result = await copyRowsAsJsonToClipboard({ + toastNotifications: servicesMock.toastNotifications, + selectedRows: [dataTableContextComplexMock.rows[0]], + }); + + const output = + '[{"_index":"sample","_id":"1","_version":2,"_score":null,"fields":{"date":["2022-05-22T12:10:30.000Z"],"array_objects.description.keyword":["programming list","cool stuff list"],"rank_features":[{"2star":100,"1star":10}],"array_tags":["elasticsearch","wow"],"array_objects.name.keyword":["prog_list","cool_list"],"flattened_labels":[{"release":["v1.2.5","v1.3.0"],"priority":"urgent"}],"geo_point":[{"coordinates":[-71.34,41.12],"type":"Point"}],"binary_blob":["U29tZSBiaW5hcnkgYmxvYg=="],"text_message":["Hi there! I am a sample string."],"object_user.first":["John"],"keyword_key":["abcd1"],"array_objects.name":["prog_list","cool_list"],"vector":[0.5,10,6],"nested_user":[{"last":["Smith"],"last.keyword":["Smith"],"first":["John"],"first.keyword":["John"]},{"last":["White"],"last.keyword":["White"],"first":["Alice"],"first.keyword":["Alice"]}],"number_amount":[50],"array_tags.keyword":["elasticsearch","wow"],"bool_enabled":[false],"version":["1.2.3"],"histogram":[{"counts":[3,7,23,12,6],"values":[0.1,0.2,0.3,0.4,0.5]}],"array_objects.description":["programming list","cool stuff list"],"range_time_frame":[{"gte":"2015-10-31 12:00:00","lte":"2015-11-01 00:00:00"}],"number_price":[10.99],"object_user.last":["Smith"],"geometry":[{"coordinates":[[[1000,-1001],[1001,-1001],[1001,-1000],[1000,-1000],[1000,-1001]]],"type":"Polygon"}],"date_nanos":["2022-01-01T12:10:30.123456789Z"],"ip_addr":["192.168.1.1"],"runtime_number":[5.5],"scripted_string":["hi there"]},"sort":[1653221430000]}]'; + expect(result).toBe(output); + expect(global.window.navigator.clipboard.writeText).toHaveBeenCalledWith(output); + expect(servicesMock.toastNotifications.addInfo).toHaveBeenCalledWith({ + title: 'Copied to clipboard', + }); + }); }); diff --git a/packages/kbn-unified-data-table/src/utils/copy_value_to_clipboard.ts b/packages/kbn-unified-data-table/src/utils/copy_value_to_clipboard.ts index 2fc0606624a0b..6097454d2b01a 100644 --- a/packages/kbn-unified-data-table/src/utils/copy_value_to_clipboard.ts +++ b/packages/kbn-unified-data-table/src/utils/copy_value_to_clipboard.ts @@ -8,9 +8,12 @@ import { copyToClipboard } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { ToastsStart } from '@kbn/core/public'; +import type { ToastsStart } from '@kbn/core/public'; +import type { DataTableRecord } from '@kbn/discover-utils'; +import type { DataView } from '@kbn/data-views-plugin/common'; import type { ValueToStringConverter } from '../types'; import { convertNameToString } from './convert_value_to_string'; +import { getColumnDisplayName } from '../components/data_table_columns'; const WARNING_FOR_FORMULAS = i18n.translate( 'unifiedDataTable.copyEscapedValueWithFormulasToClipboardWarningText', @@ -151,3 +154,118 @@ export const copyColumnNameToClipboard = ({ return columnDisplayName; }; + +export const copyRowsAsTextToClipboard = async ({ + columns, + dataView, + selectedRowIndices, + toastNotifications, + valueToStringConverter, +}: { + columns: string[]; + dataView: DataView; + selectedRowIndices: number[]; + toastNotifications: ToastsStart; + valueToStringConverter: ValueToStringConverter; +}): Promise => { + const columnSeparator = '\t'; + const rowSeparator = '\n'; + let withFormula = false; + let textToCopy = ''; + + textToCopy += + columns + .map((columnId) => { + const columnDisplayName = getColumnDisplayName( + columnId, + dataView.getFieldByName(columnId)?.displayName, + undefined + ); + const nameFormattedResult = convertNameToString(columnDisplayName); + withFormula = withFormula || nameFormattedResult.withFormula; + return nameFormattedResult.formattedString; + }) + .join(columnSeparator) + rowSeparator; + + selectedRowIndices.forEach((rowIndex, index) => { + textToCopy += + columns + .map((columnId) => { + const result = valueToStringConverter(rowIndex, columnId, { compatibleWithCSV: true }); + withFormula = withFormula || result.withFormula; + return result.formattedString || '-'; + }) + .join(columnSeparator) + (index !== selectedRowIndices.length - 1 ? rowSeparator : ''); + }); + + let copied; + try { + // try to copy without browser styles + await window.navigator?.clipboard?.writeText(textToCopy); + copied = true; + } catch (error) { + copied = copyToClipboard(textToCopy); + } + + if (!copied) { + toastNotifications.addWarning({ + title: COPY_FAILED_ERROR_MESSAGE, + }); + + return null; + } + + const toastTitle = i18n.translate('unifiedDataTable.copyRowsAsTextToClipboard.toastTitle', { + defaultMessage: 'Copied to clipboard', + }); + + if (withFormula) { + toastNotifications.addWarning({ + title: toastTitle, + text: WARNING_FOR_FORMULAS, + }); + } else { + toastNotifications.addInfo({ + title: toastTitle, + }); + } + + return textToCopy; +}; + +export const copyRowsAsJsonToClipboard = async ({ + selectedRows, + toastNotifications, +}: { + selectedRows: DataTableRecord[]; + toastNotifications: ToastsStart; +}): Promise => { + const textToCopy = selectedRows ? JSON.stringify(selectedRows.map((row) => row.raw)) : ''; + + let copied; + try { + // try to copy without browser styles + await window.navigator?.clipboard?.writeText(textToCopy); + copied = true; + } catch (error) { + copied = copyToClipboard(textToCopy); + } + + if (!copied) { + toastNotifications.addWarning({ + title: COPY_FAILED_ERROR_MESSAGE, + }); + + return null; + } + + const toastTitle = i18n.translate('unifiedDataTable.copyRowsAsJsonToClipboard.toastTitle', { + defaultMessage: 'Copied to clipboard', + }); + + toastNotifications.addInfo({ + title: toastTitle, + }); + + return textToCopy; +}; diff --git a/packages/kbn-unified-data-table/tsconfig.json b/packages/kbn-unified-data-table/tsconfig.json index d0a844b3d49e7..0f55e72d44e0a 100644 --- a/packages/kbn-unified-data-table/tsconfig.json +++ b/packages/kbn-unified-data-table/tsconfig.json @@ -37,5 +37,6 @@ "@kbn/react-field", "@kbn/shared-ux-utility", "@kbn/unified-field-list", + "@kbn/core-notifications-browser", ] } diff --git a/packages/kbn-unified-field-list/src/services/field_examples_calculator/field_examples_calculator.ts b/packages/kbn-unified-field-list/src/services/field_examples_calculator/field_examples_calculator.ts index ac03aff1387db..878bc24097151 100644 --- a/packages/kbn-unified-field-list/src/services/field_examples_calculator/field_examples_calculator.ts +++ b/packages/kbn-unified-field-list/src/services/field_examples_calculator/field_examples_calculator.ts @@ -97,7 +97,7 @@ export function groupValues( return; } - if (groups.hasOwnProperty(value)) { + if (Object.hasOwn(groups, value)) { groups[value].count++; } else { groups[value] = { diff --git a/packages/kbn-unsaved-changes-badge/src/components/unsaved_changes_badge/__snapshots__/unsaved_changes_badge.test.tsx.snap b/packages/kbn-unsaved-changes-badge/src/components/unsaved_changes_badge/__snapshots__/unsaved_changes_badge.test.tsx.snap index 141a8c7b437b8..9991c8a2165d0 100644 --- a/packages/kbn-unsaved-changes-badge/src/components/unsaved_changes_badge/__snapshots__/unsaved_changes_badge.test.tsx.snap +++ b/packages/kbn-unsaved-changes-badge/src/components/unsaved_changes_badge/__snapshots__/unsaved_changes_badge.test.tsx.snap @@ -8,8 +8,9 @@ exports[` should show all menu items 1`] = ` >