github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Security Solution][Endpoint][Response Actions] execute endpoint response action API (#149589)

Browse source 
## Summary

Adds an API route for `execute` endpoint response action.

**RBAC control**
![Screenshot 2023-01-27 at 18 47
00](https://user-images.githubusercontent.com/1849116/215157828-2673a54b-0387-4ff1-b896-f2f4f6a769a6.png)


**successful req/res**
![Screenshot 2023-01-27 at 17 01
30](https://user-images.githubusercontent.com/1849116/215131907-9af70973-83dd-4197-b628-0d7526a6d6d1.png)


<details> 
<summary>**.logs-endpoint.actions-default doc source**</summary>

```json5
{
  "EndpointActions": {
    "data": {
      "comment": " get list of files",
      "parameters": {
        "command": "ls -al",
        "timeout": 2500
      },
      "command": "execute"
    },
    "action_id": "dae148b2-aaaf-4a7e-b5e3-0c530dafc974",
    "input_type": "endpoint",
    "expiration": "2023-02-10T15:54:45.768Z",
    "type": "INPUT_ACTION"
  },
  "agent": {
    "id": [
      "cef48f14-d4ae-4bd6-a281-d5aba6b9c88a"
    ]
  },
  "@timestamp": "2023-01-27T15:54:45.768Z",
  "event": {
    "agent_id_status": "auth_metadata_missing",
    "ingested": "2023-01-27T15:54:45Z"
  },
  "user": {
    "id": "elastic"
  }
}
```
</details>


<details> 
<summary>*.fleet-actions doc source*</summary>

```json5
{
  "action_id": "dae148b2-aaaf-4a7e-b5e3-0c530dafc974",
  "expiration": "2023-02-10T15:54:45.768Z",
  "type": "INPUT_ACTION",
  "input_type": "endpoint",
  "data": {
    "command": "execute",
    "comment": " get list of files",
    "parameters": {
      "command": "ls -al",
      "timeout": 2500
    }
  },
  "@timestamp": "2023-01-27T15:54:45.768Z",
  "agents": [
    "cef48f14-d4ae-4bd6-a281-d5aba6b9c88a"
  ],
  "timeout": 300,
  "user_id": "elastic"
}
```
</details>

### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
This commit is contained in:
Ashokaditya 2023-01-31 13:22:27 +01:00 committed by GitHub
parent 772d564aa7
commit 06179742f7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
32 changed files with 569 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

1
x-pack/test/api_integration/apis/security/privileges_basic.ts
View file

@ -121,6 +121,7 @@ export default function ({ getService }: FtrProviderContext) {
'trusted_applications_all',
'trusted_applications_read',
'file_operations_all',
'execute_operations_all',
],
uptime: ['all', 'read', 'minimal_all', 'minimal_read'],
securitySolutionCases: ['all', 'read', 'minimal_all', 'minimal_read', 'cases_delete'],