github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Automate output for 4 case APIs (#142173)

Browse source
This commit is contained in:
Lisa Cawley 2022-10-05 09:24:04 -07:00 committed by GitHub
parent 5e44010a9b
commit 2d8b29ed5a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
41 changed files with 3602 additions and 353 deletions
Download patch file Download diff file Expand all files Collapse all files

36
docs/api-generated/README.md Normal file
View file

@ -0,0 +1,36 @@
# OpenAPI (Experimental)
Open API specifications (OAS) exist in JSON or YAML format for some Kibana features,
though they are experimental and may be incomplete or change later.
A preview of the API specifications can be added to the Kibana Guide by using
the following process:
. Install [OpenAPI Generator](https://openapi-generator.tech/docs/installation),
or a similar tool that can generate HTML output from OAS.
. Optionally validate the specifications by using the commands listed in the appropriate readmes.
. Generate HTML output. For example:
```
openapi-generator-cli generate -g html -i ~/kibana/x-pack/plugins/cases/docs/openapi/entrypoint.yaml -o ~/kibana/docs/api-generated/cases -t ~/kibana/docs/api-generated/template
openapi-generator-cli generate -g html -i ~/kibana/x-pack/plugins/ml/common/openapi/ml_apis_v3.yaml -o ~/kibana/docs/api-generated/machine-learning -t ~/kibana/docs/api-generated/template
```
. Rename the output files. For example:
```
mv ~/kibana/docs/api-generated/cases/index.html case-apis-passthru.asciidoc
mv ~/kibana/docs/api-generated/machine-learning/index.html ml-apis-passthru.adoc
```
. If you're creating a new set of API output, you will need to have a page that incorporates the output by using passthrough blocks. For more information, refer to [Asciidoctor docs](https://docs.asciidoctor.org/asciidoc/latest/pass/pass-block/)
. Verify the output by building the Kibana documentation. At this time, the output is added as a technical preview in the appendix.
## Known issues
- Some OAS 3.0 features such as `anyOf`, `oneOf`, and `allOf` might not display properly in the preview. These are on the [Short-term roadmap](https://openapi-generator.tech/docs/roadmap/) at this time.

827
docs/api-generated/cases/case-apis-passthru.asciidoc Normal file
View file

@ -0,0 +1,827 @@
////
This content is generated from the open API specification.
Any modifications made to this file will be overwritten.
////
++++
<div class="openapi">
<h2>Access</h2>
<ol>
<li>APIKey KeyParamName:ApiKey KeyInQuery:false KeyInHeader:true</li>
<li>HTTP Basic Authentication</li>
</ol>
<h2><a name="__Methods">Methods</a></h2>
[ Jump to <a href="#__Models">Models</a> ]
<h3>Table of Contents </h3>
<div class="method-summary"></div>
<h4><a href="#Cases">Cases</a></h4>
<ul>
<li><a href="#addCaseComment"><code><span class="http-method">post</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li>
<li><a href="#deleteCaseComments"><code><span class="http-method">delete</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li>
<li><a href="#getAllCaseComments"><code><span class="http-method">get</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li>
<li><a href="#updateCaseComment"><code><span class="http-method">patch</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li>
</ul>
<h1><a name="Cases">Cases</a></h1>
<div class="method"><a name="addCaseComment"/>
<div class="method-path">
<a class="up" href="#__Methods">Up</a>
<pre class="post"><code class="huge"><span class="http-method">post</span> /s/{spaceId}/api/cases/{caseId}/comments</code></pre></div>
<div class="method-summary">Adds a comment or alert to a case. (<span class="nickname">addCaseComment</span>)</div>
<div class="method-notes">You must have <code>all</code> privileges for the <strong>Cases</strong> feature in the <strong>Management</strong>, <strong>Observability</strong>, or <strong>Security</strong> section of the Kibana feature privileges, depending on the owner of the case you're creating.</div>
<h3 class="field-label">Path parameters</h3>
<div class="field-items">
<div class="param">caseId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; The identifier for the case. To retrieve case IDs, use the find cases API. All non-ASCII characters must be URL encoded. default: null </div><div class="param">spaceId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Consumes</h3>
This API call consumes the following media types via the <span class="header">Content-Type</span> request header:
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Request body</h3>
<div class="field-items">
<div class="param">add_case_comment_request <a href="#add_case_comment_request">add_case_comment_request</a> (required)</div>
<div class="param-desc"><span class="param-type">Body Parameter</span> &mdash; </div>
</div> <!-- field-items -->
<h3 class="field-label">Request headers</h3>
<div class="field-items">
<div class="param">kbn-xsrf (required)</div>
<div class="param-desc"><span class="param-type">Header Parameter</span> &mdash; default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Return type</h3>
<div class="return-type">
<a href="#case_response_properties">case_response_properties</a>
</div>
<!--Todo: process Response Object and its headers, schema, examples -->
<h3 class="field-label">Example data</h3>
<div class="example-data-content-type">Content-Type: application/json</div>
<pre class="example"><code>{
"owner" : "cases",
"totalComment" : 0,
"settings" : {
"syncAlerts" : true
},
"totalAlerts" : 0,
"closed_at" : "2000-01-23T04:56:07.000+00:00",
"comments" : [ null, null ],
"created_at" : "2022-05-13T09:16:17.416Z",
"description" : "A case description.",
"title" : "Case title 1",
"created_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"version" : "WzUzMiwxXQ==",
"closed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"tags" : [ "tag-1" ],
"duration" : 120,
"connector" : {
"name" : "none",
"id" : "none",
"fields" : {
"destIp" : "destIp",
"severity" : "severity",
"parent" : "parent",
"impact" : "impact",
"malwareUrl" : "malwareUrl",
"priority" : "priority",
"issueTypes" : [ 0.8008281904610115, 0.8008281904610115 ],
"issueType" : "issueType",
"sourceIp" : "sourceIp",
"urgency" : "urgency",
"malwareHash" : "malwareHash",
"caseId" : "caseId",
"severityCode" : 6.027456183070403,
"category" : "category",
"subcategory" : "subcategory"
},
"type" : ".none"
},
"updated_at" : "2000-01-23T04:56:07.000+00:00",
"updated_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"id" : "66b9aa00-94fa-11ea-9f74-e7e108796192",
"external_service" : {
"external_title" : "external_title",
"pushed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"external_url" : "external_url",
"pushed_at" : "2000-01-23T04:56:07.000+00:00",
"connector_id" : "connector_id",
"external_id" : "external_id",
"connector_name" : "connector_name"
}
}</code></pre>
<h3 class="field-label">Produces</h3>
This API call produces the following media types according to the <span class="header">Accept</span> request header;
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Responses</h3>
<h4 class="field-label">200</h4>
Indicates a successful call.
<a href="#case_response_properties">case_response_properties</a>
</div> <!-- method -->
<hr/>
<div class="method"><a name="deleteCaseComments"/>
<div class="method-path">
<a class="up" href="#__Methods">Up</a>
<pre class="delete"><code class="huge"><span class="http-method">delete</span> /s/{spaceId}/api/cases/{caseId}/comments</code></pre></div>
<div class="method-summary">Deletes all comments and alerts from a case. (<span class="nickname">deleteCaseComments</span>)</div>
<div class="method-notes">You must have <code>all</code> privileges for the <strong>Cases</strong> feature in the <strong>Management</strong>, <strong>Observability</strong>, or <strong>Security</strong> section of the Kibana feature privileges, depending on the owner of the cases you're deleting.</div>
<h3 class="field-label">Path parameters</h3>
<div class="field-items">
<div class="param">caseId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; The identifier for the case. To retrieve case IDs, use the find cases API. All non-ASCII characters must be URL encoded. default: null </div><div class="param">spaceId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Request headers</h3>
<div class="field-items">
<div class="param">kbn-xsrf (required)</div>
<div class="param-desc"><span class="param-type">Header Parameter</span> &mdash; default: null </div>
</div> <!-- field-items -->
<!--Todo: process Response Object and its headers, schema, examples -->
<h3 class="field-label">Responses</h3>
<h4 class="field-label">204</h4>
Indicates a successful call.
<a href="#"></a>
</div> <!-- method -->
<hr/>
<div class="method"><a name="getAllCaseComments"/>
<div class="method-path">
<a class="up" href="#__Methods">Up</a>
<pre class="get"><code class="huge"><span class="http-method">get</span> /s/{spaceId}/api/cases/{caseId}/comments</code></pre></div>
<div class="method-summary">Retrieves all the comments from a case. (<span class="nickname">getAllCaseComments</span>)</div>
<div class="method-notes">You must have <code>read</code> privileges for the <strong>Cases</strong> feature in the <strong>Management</strong>, <strong>Observability</strong>, or <strong>Security</strong> section of the Kibana feature privileges, depending on the owner of the cases with the comments you're seeking.</div>
<h3 class="field-label">Path parameters</h3>
<div class="field-items">
<div class="param">caseId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; The identifier for the case. To retrieve case IDs, use the find cases API. All non-ASCII characters must be URL encoded. default: null </div><div class="param">spaceId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Return type</h3>
<div class="return-type">
<a href="#case_response_properties">case_response_properties</a>
</div>
<!--Todo: process Response Object and its headers, schema, examples -->
<h3 class="field-label">Example data</h3>
<div class="example-data-content-type">Content-Type: application/json</div>
<pre class="example"><code>{
"owner" : "cases",
"totalComment" : 0,
"settings" : {
"syncAlerts" : true
},
"totalAlerts" : 0,
"closed_at" : "2000-01-23T04:56:07.000+00:00",
"comments" : [ null, null ],
"created_at" : "2022-05-13T09:16:17.416Z",
"description" : "A case description.",
"title" : "Case title 1",
"created_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"version" : "WzUzMiwxXQ==",
"closed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"tags" : [ "tag-1" ],
"duration" : 120,
"connector" : {
"name" : "none",
"id" : "none",
"fields" : {
"destIp" : "destIp",
"severity" : "severity",
"parent" : "parent",
"impact" : "impact",
"malwareUrl" : "malwareUrl",
"priority" : "priority",
"issueTypes" : [ 0.8008281904610115, 0.8008281904610115 ],
"issueType" : "issueType",
"sourceIp" : "sourceIp",
"urgency" : "urgency",
"malwareHash" : "malwareHash",
"caseId" : "caseId",
"severityCode" : 6.027456183070403,
"category" : "category",
"subcategory" : "subcategory"
},
"type" : ".none"
},
"updated_at" : "2000-01-23T04:56:07.000+00:00",
"updated_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"id" : "66b9aa00-94fa-11ea-9f74-e7e108796192",
"external_service" : {
"external_title" : "external_title",
"pushed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"external_url" : "external_url",
"pushed_at" : "2000-01-23T04:56:07.000+00:00",
"connector_id" : "connector_id",
"external_id" : "external_id",
"connector_name" : "connector_name"
}
}</code></pre>
<h3 class="field-label">Produces</h3>
This API call produces the following media types according to the <span class="header">Accept</span> request header;
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Responses</h3>
<h4 class="field-label">200</h4>
Indicates a successful call.
<a href="#case_response_properties">case_response_properties</a>
</div> <!-- method -->
<hr/>
<div class="method"><a name="updateCaseComment"/>
<div class="method-path">
<a class="up" href="#__Methods">Up</a>
<pre class="patch"><code class="huge"><span class="http-method">patch</span> /s/{spaceId}/api/cases/{caseId}/comments</code></pre></div>
<div class="method-summary">Updates a comment or alert in a case. (<span class="nickname">updateCaseComment</span>)</div>
<div class="method-notes">You must have <code>all</code> privileges for the <strong>Cases</strong> feature in the <strong>Management</strong>, <strong>Observability</strong>, or <strong>Security</strong> section of the Kibana feature privileges, depending on the owner of the case you're updating. NOTE: You cannot change the comment type or the owner of a comment.</div>
<h3 class="field-label">Path parameters</h3>
<div class="field-items">
<div class="param">caseId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; The identifier for the case. To retrieve case IDs, use the find cases API. All non-ASCII characters must be URL encoded. default: null </div><div class="param">spaceId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Consumes</h3>
This API call consumes the following media types via the <span class="header">Content-Type</span> request header:
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Request body</h3>
<div class="field-items">
<div class="param">update_case_comment_request <a href="#update_case_comment_request">update_case_comment_request</a> (required)</div>
<div class="param-desc"><span class="param-type">Body Parameter</span> &mdash; </div>
</div> <!-- field-items -->
<h3 class="field-label">Request headers</h3>
<div class="field-items">
<div class="param">kbn-xsrf (required)</div>
<div class="param-desc"><span class="param-type">Header Parameter</span> &mdash; default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Return type</h3>
<div class="return-type">
<a href="#case_response_properties">case_response_properties</a>
</div>
<!--Todo: process Response Object and its headers, schema, examples -->
<h3 class="field-label">Example data</h3>
<div class="example-data-content-type">Content-Type: application/json</div>
<pre class="example"><code>{
"owner" : "cases",
"totalComment" : 0,
"settings" : {
"syncAlerts" : true
},
"totalAlerts" : 0,
"closed_at" : "2000-01-23T04:56:07.000+00:00",
"comments" : [ null, null ],
"created_at" : "2022-05-13T09:16:17.416Z",
"description" : "A case description.",
"title" : "Case title 1",
"created_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"version" : "WzUzMiwxXQ==",
"closed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"tags" : [ "tag-1" ],
"duration" : 120,
"connector" : {
"name" : "none",
"id" : "none",
"fields" : {
"destIp" : "destIp",
"severity" : "severity",
"parent" : "parent",
"impact" : "impact",
"malwareUrl" : "malwareUrl",
"priority" : "priority",
"issueTypes" : [ 0.8008281904610115, 0.8008281904610115 ],
"issueType" : "issueType",
"sourceIp" : "sourceIp",
"urgency" : "urgency",
"malwareHash" : "malwareHash",
"caseId" : "caseId",
"severityCode" : 6.027456183070403,
"category" : "category",
"subcategory" : "subcategory"
},
"type" : ".none"
},
"updated_at" : "2000-01-23T04:56:07.000+00:00",
"updated_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"id" : "66b9aa00-94fa-11ea-9f74-e7e108796192",
"external_service" : {
"external_title" : "external_title",
"pushed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"external_url" : "external_url",
"pushed_at" : "2000-01-23T04:56:07.000+00:00",
"connector_id" : "connector_id",
"external_id" : "external_id",
"connector_name" : "connector_name"
}
}</code></pre>
<h3 class="field-label">Produces</h3>
This API call produces the following media types according to the <span class="header">Accept</span> request header;
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Responses</h3>
<h4 class="field-label">200</h4>
Indicates a successful call.
<a href="#case_response_properties">case_response_properties</a>
</div> <!-- method -->
<hr/>
<h2><a name="__Models">Models</a></h2>
[ Jump to <a href="#__Methods">Methods</a> ]
<h3>Table of Contents</h3>
<ol>
<li><a href="#Case_response_properties_for_comments_inner"><code>Case_response_properties_for_comments_inner</code> - </a></li>
<li><a href="#Case_response_properties_for_connectors"><code>Case_response_properties_for_connectors</code> - Case response properties for connectors</a></li>
<li><a href="#add_alert_comment_request_properties"><code>add_alert_comment_request_properties</code> - Add case comment request properties for alerts</a></li>
<li><a href="#add_case_comment_request"><code>add_case_comment_request</code> - Add case comment request</a></li>
<li><a href="#add_user_comment_request_properties"><code>add_user_comment_request_properties</code> - Add case comment request properties for user comments</a></li>
<li><a href="#alert_comment_response_properties"><code>alert_comment_response_properties</code> - Add case comment response properties for alerts</a></li>
<li><a href="#alert_comment_response_properties_created_by"><code>alert_comment_response_properties_created_by</code> - </a></li>
<li><a href="#alert_comment_response_properties_pushed_by"><code>alert_comment_response_properties_pushed_by</code> - </a></li>
<li><a href="#alert_comment_response_properties_rule"><code>alert_comment_response_properties_rule</code> - </a></li>
<li><a href="#alert_identifiers"><code>alert_identifiers</code> - Alert identifiers</a></li>
<li><a href="#alert_indices"><code>alert_indices</code> - Alert indices</a></li>
<li><a href="#case_response_closed_by_properties"><code>case_response_closed_by_properties</code> - Case response properties for closed_by</a></li>
<li><a href="#case_response_connector_field_properties"><code>case_response_connector_field_properties</code> - Case response properties for connector fields</a></li>
<li><a href="#case_response_created_by_properties"><code>case_response_created_by_properties</code> - Case response properties for created_by</a></li>
<li><a href="#case_response_properties"><code>case_response_properties</code> - Case response properties</a></li>
<li><a href="#case_response_pushed_by_properties"><code>case_response_pushed_by_properties</code> - Case response properties for pushed_by</a></li>
<li><a href="#case_response_updated_by_properties"><code>case_response_updated_by_properties</code> - Case response properties for updated_by</a></li>
<li><a href="#connector_types"><code>connector_types</code> - </a></li>
<li><a href="#external_service"><code>external_service</code> - </a></li>
<li><a href="#owners"><code>owners</code> - </a></li>
<li><a href="#rule"><code>rule</code> - Alerting rule</a></li>
<li><a href="#settings"><code>settings</code> - </a></li>
<li><a href="#severity_property"><code>severity_property</code> - </a></li>
<li><a href="#status"><code>status</code> - </a></li>
<li><a href="#update_alert_comment_request_properties"><code>update_alert_comment_request_properties</code> - Update case comment request properties for alerts</a></li>
<li><a href="#update_case_comment_request"><code>update_case_comment_request</code> - Update case comment request</a></li>
<li><a href="#update_user_comment_request_properties"><code>update_user_comment_request_properties</code> - Update case comment request properties for user comments</a></li>
<li><a href="#user_comment_response_properties"><code>user_comment_response_properties</code> - Case response properties for user comments</a></li>
</ol>
<div class="model">
<h3><a name="Case_response_properties_for_comments_inner"><code>Case_response_properties_for_comments_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">alertId (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">created_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">created_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#case_response_created_by_properties">case_response_created_by_properties</a></span> </div>
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">index (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">owner (optional)</div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">pushed_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">pushed_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#case_response_pushed_by_properties">case_response_pushed_by_properties</a></span> </div>
<div class="param">rule (optional)</div><div class="param-desc"><span class="param-type"><a href="#alert_comment_response_properties_rule">alert_comment_response_properties_rule</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">user</div>
<div class="param">updated_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">updated_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#case_response_updated_by_properties">case_response_updated_by_properties</a></span> </div>
<div class="param">version (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">comment (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="Case_response_properties_for_connectors"><code>Case_response_properties_for_connectors</code> - Case response properties for connectors</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">fields (optional)</div><div class="param-desc"><span class="param-type"><a href="#case_response_connector_field_properties">case_response_connector_field_properties</a></span> </div>
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To create a case without a connector, use <code>none</code>. </div>
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. To create a case without a connector, use <code>none</code>. </div>
<div class="param">type (optional)</div><div class="param-desc"><span class="param-type"><a href="#connector_types">connector_types</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="add_alert_comment_request_properties"><code>add_alert_comment_request_properties</code> - Add case comment request properties for alerts</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for case comment requests when type is alert.</div>
<div class="field-items">
<div class="param">alertId </div><div class="param-desc"><span class="param-type"><a href="#alert_identifiers">alert_identifiers</a></span> </div>
<div class="param">index </div><div class="param-desc"><span class="param-type"><a href="#alert_indices">alert_indices</a></span> </div>
<div class="param">owner </div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">rule </div><div class="param-desc"><span class="param-type"><a href="#rule">rule</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of comment. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">alert</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="add_case_comment_request"><code>add_case_comment_request</code> - Add case comment request</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The add comment to case API request body varies depending on whether you are adding an alert or a comment.</div>
<div class="field-items">
<div class="param">alertId </div><div class="param-desc"><span class="param-type"><a href="#alert_identifiers">alert_identifiers</a></span> </div>
<div class="param">index </div><div class="param-desc"><span class="param-type"><a href="#alert_indices">alert_indices</a></span> </div>
<div class="param">owner </div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">rule </div><div class="param-desc"><span class="param-type"><a href="#rule">rule</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of comment. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">user</div>
<div class="param">comment </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The new comment. It is required only when <code>type</code> is <code>user</code>. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="add_user_comment_request_properties"><code>add_user_comment_request_properties</code> - Add case comment request properties for user comments</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for case comment requests when type is user.</div>
<div class="field-items">
<div class="param">comment </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The new comment. It is required only when <code>type</code> is <code>user</code>. </div>
<div class="param">owner </div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of comment. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">user</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="alert_comment_response_properties"><code>alert_comment_response_properties</code> - Add case comment response properties for alerts</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">alertId (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">created_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">created_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#alert_comment_response_properties_created_by">alert_comment_response_properties_created_by</a></span> </div>
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">index (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">owner (optional)</div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">pushed_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">pushed_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#alert_comment_response_properties_pushed_by">alert_comment_response_properties_pushed_by</a></span> </div>
<div class="param">rule (optional)</div><div class="param-desc"><span class="param-type"><a href="#alert_comment_response_properties_rule">alert_comment_response_properties_rule</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">alert</div>
<div class="param">updated_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">updated_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#alert_comment_response_properties_created_by">alert_comment_response_properties_created_by</a></span> </div>
<div class="param">version (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="alert_comment_response_properties_created_by"><code>alert_comment_response_properties_created_by</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">email (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">full_name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">username (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">profile_uid (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="alert_comment_response_properties_pushed_by"><code>alert_comment_response_properties_pushed_by</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">email (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">full_name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">username (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">profile_uid (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="alert_comment_response_properties_rule"><code>alert_comment_response_properties_rule</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The rule identifier. </div>
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The rule name. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="alert_identifiers"><code>alert_identifiers</code> - Alert identifiers</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The alert identifier. It is required only when <code>type</code> is <code>alert</code>. If it is an array, <code>index</code> must also be an array with the same length or number of elements. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.</div>
<div class="field-items">
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="alert_indices"><code>alert_indices</code> - Alert indices</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The alert index. It is required only when <code>type</code> is <code>alert</code>. If it is an array, <code>alertId</code> must also be an array with the same length or number of elements. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.</div>
<div class="field-items">
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="case_response_closed_by_properties"><code>case_response_closed_by_properties</code> - Case response properties for closed_by</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">email </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">full_name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">username </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">profile_uid (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="case_response_connector_field_properties"><code>case_response_connector_field_properties</code> - Case response properties for connector fields</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.</div>
<div class="field-items">
<div class="param">caseId (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The case identifier for Swimlane connectors. </div>
<div class="param">category (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors. </div>
<div class="param">destIp (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A comma-separated list of destination IPs for ServiceNow SecOps connectors. </div>
<div class="param">impact (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The effect an incident had on business for ServiceNow ITSM connectors. </div>
<div class="param">issueType (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of issue for Jira connectors. </div>
<div class="param">issueTypes (optional)</div><div class="param-desc"><span class="param-type"><a href="#number">array[BigDecimal]</a></span> The type of incident for IBM Resilient connectors. </div>
<div class="param">malwareHash (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A comma-separated list of malware hashes for ServiceNow SecOps connectors. </div>
<div class="param">malwareUrl (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A comma-separated list of malware URLs for ServiceNow SecOps connectors. </div>
<div class="param">parent (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The key of the parent issue, when the issue type is sub-task for Jira connectors. </div>
<div class="param">priority (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The priority of the issue for Jira and ServiceNow SecOps connectors. </div>
<div class="param">severity (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The severity of the incident for ServiceNow ITSM connectors. </div>
<div class="param">severityCode (optional)</div><div class="param-desc"><span class="param-type"><a href="#number">BigDecimal</a></span> The severity code of the incident for IBM Resilient connectors. </div>
<div class="param">sourceIp (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A comma-separated list of source IPs for ServiceNow SecOps connectors. </div>
<div class="param">subcategory (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The subcategory of the incident for ServiceNow ITSM connectors. </div>
<div class="param">urgency (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="case_response_created_by_properties"><code>case_response_created_by_properties</code> - Case response properties for created_by</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">email </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">full_name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">username </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">profile_uid (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="case_response_properties"><code>case_response_properties</code> - Case response properties</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">closed_at </div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">closed_by </div><div class="param-desc"><span class="param-type"><a href="#case_response_closed_by_properties">case_response_closed_by_properties</a></span> </div>
<div class="param">comments </div><div class="param-desc"><span class="param-type"><a href="#Case_response_properties_for_comments_inner">array[Case_response_properties_for_comments_inner]</a></span> An array of comment objects for the case. </div>
<div class="param">connector </div><div class="param-desc"><span class="param-type"><a href="#Case_response_properties_for_connectors">Case_response_properties_for_connectors</a></span> </div>
<div class="param">created_at </div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">created_by </div><div class="param-desc"><span class="param-type"><a href="#case_response_created_by_properties">case_response_created_by_properties</a></span> </div>
<div class="param">description </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">duration </div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> The elapsed time from the creation of the case to its closure (in seconds). If the case has not been closed, the duration is set to null. If the case was closed after less than half a second, the duration is rounded down to zero. </div>
<div class="param">external_service </div><div class="param-desc"><span class="param-type"><a href="#external_service">external_service</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">owner </div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">settings </div><div class="param-desc"><span class="param-type"><a href="#settings">settings</a></span> </div>
<div class="param">severity </div><div class="param-desc"><span class="param-type"><a href="#severity_property">severity_property</a></span> </div>
<div class="param">status </div><div class="param-desc"><span class="param-type"><a href="#status">status</a></span> </div>
<div class="param">tags </div><div class="param-desc"><span class="param-type"><a href="#string">array[String]</a></span> </div>
<div class="param">title </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">totalAlerts </div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
<div class="param">totalComment </div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
<div class="param">updated_at </div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">updated_by </div><div class="param-desc"><span class="param-type"><a href="#case_response_updated_by_properties">case_response_updated_by_properties</a></span> </div>
<div class="param">version </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="case_response_pushed_by_properties"><code>case_response_pushed_by_properties</code> - Case response properties for pushed_by</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">email </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">full_name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">username </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">profile_uid (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="case_response_updated_by_properties"><code>case_response_updated_by_properties</code> - Case response properties for updated_by</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">email </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">full_name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">username </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">profile_uid (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_types"><code>connector_types</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The type of connector.</div>
<div class="field-items">
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="external_service"><code>external_service</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">connector_id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">connector_name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">external_id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">external_title (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">external_url (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">pushed_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">pushed_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#alert_comment_response_properties_pushed_by">alert_comment_response_properties_pushed_by</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="owners"><code>owners</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The application that owns the cases: Stack Management, Observability, or Elastic Security.</div>
<div class="field-items">
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="rule"><code>rule</code> - Alerting rule</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The rule that is associated with the alert. It is required only when <code>type</code> is <code>alert</code>. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.</div>
<div class="field-items">
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The rule identifier. </div>
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The rule name. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="settings"><code>settings</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object that contains the case settings.</div>
<div class="field-items">
<div class="param">syncAlerts (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Turns alert syncing on or off. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="severity_property"><code>severity_property</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The severity of the case.</div>
<div class="field-items">
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="status"><code>status</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The status of the case.</div>
<div class="field-items">
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="update_alert_comment_request_properties"><code>update_alert_comment_request_properties</code> - Update case comment request properties for alerts</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for case comment requests when type is alert.</div>
<div class="field-items">
<div class="param">alertId </div><div class="param-desc"><span class="param-type"><a href="#alert_identifiers">alert_identifiers</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the comment. To retrieve comment IDs, use the get comments API. </div>
<div class="param">index </div><div class="param-desc"><span class="param-type"><a href="#alert_indices">alert_indices</a></span> </div>
<div class="param">owner </div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">rule </div><div class="param-desc"><span class="param-type"><a href="#rule">rule</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of comment. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">alert</div>
<div class="param">version </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The current comment version. To retrieve version values, use the get comments API. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="update_case_comment_request"><code>update_case_comment_request</code> - Update case comment request</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The update case comment API request body varies depending on whether you are updating an alert or a comment.</div>
<div class="field-items">
<div class="param">alertId </div><div class="param-desc"><span class="param-type"><a href="#alert_identifiers">alert_identifiers</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the comment. To retrieve comment IDs, use the get comments API. </div>
<div class="param">index </div><div class="param-desc"><span class="param-type"><a href="#alert_indices">alert_indices</a></span> </div>
<div class="param">owner </div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">rule </div><div class="param-desc"><span class="param-type"><a href="#rule">rule</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of comment. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">user</div>
<div class="param">version </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The current comment version. To retrieve version values, use the get comments API. </div>
<div class="param">comment </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The new comment. It is required only when <code>type</code> is <code>user</code>. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="update_user_comment_request_properties"><code>update_user_comment_request_properties</code> - Update case comment request properties for user comments</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for case comment requests when type is user.</div>
<div class="field-items">
<div class="param">comment </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The new comment. It is required only when <code>type</code> is <code>user</code>. </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the comment. To retrieve comment IDs, use the get comments API. </div>
<div class="param">owner </div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of comment. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">user</div>
<div class="param">version </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The current comment version. To retrieve version values, use the get comments API. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="user_comment_response_properties"><code>user_comment_response_properties</code> - Case response properties for user comments</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">comment (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">created_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">created_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#case_response_created_by_properties">case_response_created_by_properties</a></span> </div>
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">owner (optional)</div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">pushed_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">pushed_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#case_response_pushed_by_properties">case_response_pushed_by_properties</a></span> </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">user</div>
<div class="param">updated_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">updated_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#case_response_updated_by_properties">case_response_updated_by_properties</a></span> </div>
<div class="param">version (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
</div>
++++

10
docs/api-generated/cases/case-apis.asciidoc Normal file
View file

@ -0,0 +1,10 @@
[[case-apis]]
== Case APIs
preview::[]
////
This file includes content that has been generated from https://github.com/elastic/kibana/tree/main/x-pack/plugins/cases/docs/openapi. Any modifications required must be done in that open API specification.
////
include::case-apis-passthru.asciidoc[]

6
docs/api/cases/cases-api-add-comment.asciidoc
View file

@ -6,6 +6,12 @@
Adds a comment or alert to a case.
[NOTE]
====
For the most up-to-date API details, refer to the
{kib-repo}/tree/{branch}/x-pack/plugins/cases/docs/openapi[open API specification]. For a preview, check out <<case-apis>>.
====
=== {api-request-title}
`POST <kibana host>:<port>/api/cases/<case_id>/comments`

6
docs/api/cases/cases-api-delete-comments.asciidoc
View file

@ -6,6 +6,12 @@
Deletes one or all comments and alerts from a case.
[NOTE]
====
For the most up-to-date API details, refer to the
{kib-repo}/tree/{branch}/x-pack/plugins/cases/docs/openapi[open API specification]. For a preview, check out <<case-apis>>.
====
=== {api-request-title}
`DELETE <kibana host>:<port>/api/cases/<case_id>/comments`

6
docs/api/cases/cases-api-get-comments.asciidoc
View file

@ -6,6 +6,12 @@
Gets a comment or all comments for a case.
[NOTE]
====
For the most up-to-date API details, refer to the
{kib-repo}/tree/{branch}/x-pack/plugins/cases/docs/openapi[open API specification]. For a preview, check out <<case-apis>>.
====
=== {api-request-title}
`GET <kibana host>:<port>/api/cases/<case ID>/comments/<comment ID>`

6
docs/api/cases/cases-api-update-comment.asciidoc
View file

@ -6,6 +6,12 @@
Updates a comment or alert in a case.
[NOTE]
====
For the most up-to-date API details, refer to the
{kib-repo}/tree/{branch}/x-pack/plugins/cases/docs/openapi[open API specification]. For a preview, check out <<case-apis>>.
====
=== {api-request-title}
`PATCH <kibana host>:<port>/api/cases/<case_id>/comments`

1
docs/apis.asciidoc
View file

@ -11,4 +11,5 @@ version of the specification is 3.0. For more information, go to https://openapi
--
include::api-generated/cases/case-apis.asciidoc[]
include::api-generated/machine-learning/ml-apis.asciidoc[]

13
x-pack/plugins/cases/docs/openapi/README.md
View file

@ -22,8 +22,13 @@ command in the `x-pack/plugins/cases/docs/openapi/` folder:
Then you can generate the `bundled` files by running the following commands:
```
npx @redocly/openapi-cli bundle --ext yaml --output bundled.yaml entrypoint.yaml
npx @redocly/openapi-cli bundle --ext json --output bundled.json entrypoint.yaml
```
```
npx @redocly/cli bundle entrypoint.yaml --output bundled.yaml --ext yaml
npx @redocly/cli bundle entrypoint.yaml --output bundled.json --ext json
```
You can run additional linting with the following command:
```
npx @redocly/cli lint bundled.json
```

1277
x-pack/plugins/cases/docs/openapi/bundled-min.json Normal file
View file

File diff suppressed because it is too large Load diff

923
x-pack/plugins/cases/docs/openapi/bundled-min.yaml Normal file
View file

@ -0,0 +1,923 @@
openapi: 3.0.1
info:
title: Cases
description: OpenAPI schema for Cases endpoints
version: '0.2'
contact:
name: Cases Team
license:
name: Elastic License 2.0
url: https://www.elastic.co/licensing/elastic-license
tags:
- name: cases
description: Case APIs enable you to open and track issues.
servers:
- url: http://localhost:5601
description: local
paths:
/s/{spaceId}/api/cases/{caseId}/comments:
post:
summary: Adds a comment or alert to a case.
operationId: addCaseComment
description: |
You must have `all` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the case you're creating.
tags:
- cases
parameters:
- $ref: '#/components/parameters/kbn_xsrf'
- $ref: '#/components/parameters/case_id'
- $ref: '#/components/parameters/space_id'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/add_case_comment_request'
examples:
createCaseCommentRequest:
$ref: '#/components/examples/add_comment_request'
responses:
'200':
description: Indicates a successful call.
content:
application/json:
schema:
$ref: '#/components/schemas/case_response_properties'
examples:
createCaseCommentResponse:
$ref: '#/components/examples/add_comment_response'
servers:
- url: https://localhost:5601
delete:
summary: Deletes all comments and alerts from a case.
operationId: deleteCaseComments
description: |
You must have `all` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the cases you're deleting.
tags:
- cases
parameters:
- $ref: '#/components/parameters/kbn_xsrf'
- $ref: '#/components/parameters/case_id'
- $ref: '#/components/parameters/space_id'
responses:
'204':
description: Indicates a successful call.
servers:
- url: https://localhost:5601
patch:
summary: Updates a comment or alert in a case.
operationId: updateCaseComment
description: |
You must have `all` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the case you're updating. NOTE: You cannot change the comment type or the owner of a comment.
tags:
- cases
parameters:
- $ref: '#/components/parameters/kbn_xsrf'
- $ref: '#/components/parameters/case_id'
- $ref: '#/components/parameters/space_id'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/update_case_comment_request'
examples:
updateCaseCommentRequest:
$ref: '#/components/examples/update_comment_request'
responses:
'200':
description: Indicates a successful call.
content:
application/json:
schema:
$ref: '#/components/schemas/case_response_properties'
examples:
updateCaseCommentResponse:
$ref: '#/components/examples/update_comment_response'
servers:
- url: https://localhost:5601
get:
summary: Retrieves all the comments from a case.
operationId: getAllCaseComments
description: |
You must have `read` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the cases with the comments you're seeking.
deprecated: true
tags:
- cases
parameters:
- $ref: '#/components/parameters/case_id'
- $ref: '#/components/parameters/space_id'
responses:
'200':
description: Indicates a successful call.
content:
application/json:
schema:
$ref: '#/components/schemas/case_response_properties'
servers:
- url: https://localhost:5601
servers:
- url: https://localhost:5601
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
apiKeyAuth:
type: apiKey
in: header
name: ApiKey
parameters:
case_id:
in: path
name: caseId
description: The identifier for the case. To retrieve case IDs, use the find cases API. All non-ASCII characters must be URL encoded.
required: true
schema:
type: string
example: 9c235210-6834-11ea-a78c-6ffb38a34414
space_id:
in: path
name: spaceId
description: An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used.
required: true
schema:
type: string
example: default
kbn_xsrf:
schema:
type: string
in: header
name: kbn-xsrf
required: true
schemas:
case_response_closed_by_properties:
title: Case response properties for closed_by
type: object
nullable: true
properties:
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
required:
- email
- full_name
- username
owners:
type: string
description: |
The application that owns the cases: Stack Management, Observability, or Elastic Security.
enum:
- cases
- observability
- securitySolution
example: cases
alert_comment_response_properties:
title: Add case comment response properties for alerts
type: object
required:
- type
properties:
alertId:
type: string
example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42
created_at:
type: string
format: date-time
example: '2022-03-24T02:31:03.210Z'
created_by:
type: object
properties:
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
id:
type: string
example: 73362370-ab1a-11ec-985f-97e55adae8b9
index:
type: string
example: .internal.alerts-security.alerts-default-000001
owner:
$ref: '#/components/schemas/owners'
pushed_at:
type: string
format: date-time
example: null
nullable: true
pushed_by:
type: object
properties:
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
nullable: true
rule:
type: object
properties:
id:
description: The rule identifier.
type: string
example: 94d80550-aaf4-11ec-985f-97e55adae8b9
name:
description: The rule name.
type: string
example: security_rule
type:
type: string
example: alert
enum:
- alert
updated_at:
type: string
format: date-time
example: null
updated_by:
type: object
properties:
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
version:
type: string
example: WzMwNDgsMV0=
case_response_created_by_properties:
title: Case response properties for created_by
type: object
properties:
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
required:
- email
- full_name
- username
case_response_pushed_by_properties:
title: Case response properties for pushed_by
type: object
nullable: true
properties:
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
required:
- email
- full_name
- username
case_response_updated_by_properties:
title: Case response properties for updated_by
type: object
nullable: true
properties:
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
required:
- email
- full_name
- username
user_comment_response_properties:
title: Case response properties for user comments
type: object
required:
- type
properties:
comment:
type: string
example: A new comment.
created_at:
type: string
format: date-time
example: '2022-05-13T09:16:17.416Z'
created_by:
$ref: '#/components/schemas/case_response_created_by_properties'
id:
type: string
example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
owner:
$ref: '#/components/schemas/owners'
pushed_at:
type: string
format: date-time
nullable: true
example: null
pushed_by:
$ref: '#/components/schemas/case_response_pushed_by_properties'
type:
type: string
example: user
enum:
- user
updated_at:
type: string
format: date-time
nullable: true
example: null
updated_by:
$ref: '#/components/schemas/case_response_updated_by_properties'
version:
type: string
example: WzIwNDMxLDFd
case_response_connector_field_properties:
title: Case response properties for connector fields
type: object
description: An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.
nullable: true
properties:
caseId:
description: The case identifier for Swimlane connectors.
type: string
category:
description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
type: string
destIp:
description: A comma-separated list of destination IPs for ServiceNow SecOps connectors.
type: string
impact:
description: The effect an incident had on business for ServiceNow ITSM connectors.
type: string
issueType:
description: The type of issue for Jira connectors.
type: string
issueTypes:
description: The type of incident for IBM Resilient connectors.
type: array
items:
type: number
malwareHash:
description: A comma-separated list of malware hashes for ServiceNow SecOps connectors.
type: string
malwareUrl:
description: A comma-separated list of malware URLs for ServiceNow SecOps connectors.
type: string
parent:
description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
type: string
priority:
description: The priority of the issue for Jira and ServiceNow SecOps connectors.
type: string
severity:
description: The severity of the incident for ServiceNow ITSM connectors.
type: string
severityCode:
description: The severity code of the incident for IBM Resilient connectors.
type: number
sourceIp:
description: A comma-separated list of source IPs for ServiceNow SecOps connectors.
type: string
subcategory:
description: The subcategory of the incident for ServiceNow ITSM connectors.
type: string
urgency:
description: The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors.
type: string
connector_types:
type: string
description: The type of connector.
enum:
- .cases-webhook
- .jira
- .none
- .resilient
- .servicenow
- .servicenow-sir
- .swimlane
example: .none
external_service:
type: object
nullable: true
properties:
connector_id:
type: string
connector_name:
type: string
external_id:
type: string
external_title:
type: string
external_url:
type: string
pushed_at:
type: string
format: date-time
pushed_by:
type: object
properties:
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
nullable: true
settings:
type: object
description: An object that contains the case settings.
properties:
syncAlerts:
description: Turns alert syncing on or off.
type: boolean
example: true
severity_property:
type: string
description: The severity of the case.
enum:
- critical
- high
- low
- medium
default: low
status:
type: string
description: The status of the case.
enum:
- closed
- in-progress
- open
case_response_properties:
title: Case response properties
type: object
required:
- closed_at
- closed_by
- comments
- connector
- created_at
- created_by
- description
- duration
- external_service
- id
- owner
- settings
- severity
- status
- tags
- title
- totalAlerts
- totalComment
- updated_at
- updated_by
- version
properties:
closed_at:
type: string
format: date-time
nullable: true
closed_by:
$ref: '#/components/schemas/case_response_closed_by_properties'
comments:
title: Case response properties for comments
description: An array of comment objects for the case.
type: array
items:
discriminator:
propertyName: type
oneOf:
- $ref: '#/components/schemas/alert_comment_response_properties'
- $ref: '#/components/schemas/user_comment_response_properties'
connector:
title: Case response properties for connectors
type: object
properties:
fields:
$ref: '#/components/schemas/case_response_connector_field_properties'
id:
description: The identifier for the connector. To create a case without a connector, use `none`.
type: string
example: none
name:
description: The name of the connector. To create a case without a connector, use `none`.
type: string
example: none
type:
$ref: '#/components/schemas/connector_types'
created_at:
type: string
format: date-time
example: '2022-05-13T09:16:17.416Z'
created_by:
$ref: '#/components/schemas/case_response_created_by_properties'
description:
type: string
example: A case description.
duration:
type: integer
description: |
The elapsed time from the creation of the case to its closure (in seconds). If the case has not been closed, the duration is set to null. If the case was closed after less than half a second, the duration is rounded down to zero.
nullable: true
example: 120
external_service:
$ref: '#/components/schemas/external_service'
id:
type: string
example: 66b9aa00-94fa-11ea-9f74-e7e108796192
owner:
$ref: '#/components/schemas/owners'
settings:
$ref: '#/components/schemas/settings'
severity:
$ref: '#/components/schemas/severity_property'
status:
$ref: '#/components/schemas/status'
tags:
type: array
items:
type: string
example:
- tag-1
title:
type: string
example: Case title 1
totalAlerts:
type: integer
example: 0
totalComment:
type: integer
example: 0
updated_at:
type: string
format: date-time
nullable: true
updated_by:
$ref: '#/components/schemas/case_response_updated_by_properties'
version:
type: string
example: WzUzMiwxXQ==
alert_identifiers:
title: Alert identifiers
description: |
The alert identifier. It is required only when `type` is `alert`. If it is an array, `index` must also be an array with the same length or number of elements. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
oneOf:
- type: string
- type: array
items:
type: string
x-technical-preview: true
example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42
alert_indices:
title: Alert indices
description: |
The alert index. It is required only when `type` is `alert`. If it is an array, `alertId` must also be an array with the same length or number of elements. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
oneOf:
- type: string
- type: array
items:
type: string
x-technical-preview: true
rule:
title: Alerting rule
description: |
The rule that is associated with the alert. It is required only when `type` is `alert`. This functionality is in technical preview and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
type: object
x-technical-preview: true
properties:
id:
description: The rule identifier.
type: string
example: 94d80550-aaf4-11ec-985f-97e55adae8b9
name:
description: The rule name.
type: string
example: security_rule
add_alert_comment_request_properties:
title: Add case comment request properties for alerts
required:
- alertId
- index
- owner
- rule
- type
description: Defines properties for case comment requests when type is alert.
type: object
properties:
alertId:
$ref: '#/components/schemas/alert_identifiers'
index:
$ref: '#/components/schemas/alert_indices'
owner:
$ref: '#/components/schemas/owners'
rule:
$ref: '#/components/schemas/rule'
type:
description: The type of comment.
type: string
example: alert
enum:
- alert
add_user_comment_request_properties:
title: Add case comment request properties for user comments
description: Defines properties for case comment requests when type is user.
type: object
properties:
comment:
description: The new comment. It is required only when `type` is `user`.
type: string
example: A new comment.
owner:
$ref: '#/components/schemas/owners'
type:
type: string
description: The type of comment.
example: user
enum:
- user
required:
- comment
- owner
- type
add_case_comment_request:
title: Add case comment request
description: The add comment to case API request body varies depending on whether you are adding an alert or a comment.
discriminator:
propertyName: type
oneOf:
- $ref: '#/components/schemas/add_alert_comment_request_properties'
- $ref: '#/components/schemas/add_user_comment_request_properties'
update_alert_comment_request_properties:
title: Update case comment request properties for alerts
description: Defines properties for case comment requests when type is alert.
required:
- alertId
- id
- index
- owner
- rule
- type
- version
type: object
properties:
alertId:
$ref: '#/components/schemas/alert_identifiers'
id:
type: string
description: |
The identifier for the comment. To retrieve comment IDs, use the get comments API.
example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
index:
$ref: '#/components/schemas/alert_indices'
owner:
$ref: '#/components/schemas/owners'
rule:
$ref: '#/components/schemas/rule'
type:
description: The type of comment.
type: string
enum:
- alert
example: alert
version:
description: |
The current comment version. To retrieve version values, use the get comments API.
type: string
example: Wzk1LDFd
update_user_comment_request_properties:
title: Update case comment request properties for user comments
description: Defines properties for case comment requests when type is user.
type: object
properties:
comment:
description: The new comment. It is required only when `type` is `user`.
type: string
example: A new comment.
id:
type: string
description: |
The identifier for the comment. To retrieve comment IDs, use the get comments API.
example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
owner:
$ref: '#/components/schemas/owners'
type:
type: string
description: The type of comment.
enum:
- user
example: user
version:
description: |
The current comment version. To retrieve version values, use the get comments API.
type: string
example: Wzk1LDFd
required:
- comment
- id
- owner
- type
- version
update_case_comment_request:
title: Update case comment request
description: The update case comment API request body varies depending on whether you are updating an alert or a comment.
discriminator:
propertyName: type
oneOf:
- $ref: '#/components/schemas/update_alert_comment_request_properties'
- $ref: '#/components/schemas/update_user_comment_request_properties'
examples:
add_comment_request:
summary: Adds a comment to a case.
value:
type: user
comment: A new comment.
owner: cases
add_comment_response:
summary: The add comment to case API returns a JSON object that contains details about the case and its comments.
value:
comments:
- id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
version: WzIwNDMxLDFd
type: user
owner: cases
comment: A new comment.
created_at: '2022-06-02T00:49:47.716Z'
created_by:
username: elastic
email: null
full_name: null
totalAlerts: 0
id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6
version: WzIzMzgsMV0=
totalComment: 1
title: Case title 1
tags:
- tag 1
description: A case description.
settings:
syncAlerts: false
owner: cases
duration: null
severity: low
closed_at: null
closed_by: null
created_at: '2022-03-24T00:37:03.906Z'
created_by:
username: elastic
full_name: null
email: null
status: open
updated_at: '2022-06-03T00:49:47.716Z'
updated_by:
username: elastic
email: null
full_name: null
connector:
id: none
name: none
type: .none
fields: null
external_service: null
update_comment_request:
summary: Updates a comment of a case.
value:
id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
version: Wzk1LDFd
type: user
comment: An updated comment.
owner: cases
update_comment_response:
summary: The add comment to case API returns a JSON object that contains details about the case and its comments.
value:
comments:
- id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
version: WzIwNjM3LDFd
comment: An updated comment.
type: user
owner: cases
created_at: '2022-03-24T00:37:10.832Z'
created_by:
username: elastic
full_name: null
email: null
pushed_at: null
pushed_by: null
updated_at: '2022-03-24T01:27:06.210Z'
updated_by:
username: elastic
full_name: null
email: null
totalAlerts: 0
id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6
version: WzIwNjM2LDFd
totalComment: 1
title: Case title 1
tags:
- tag 1
description: A case description.
settings:
syncAlerts: false
owner: cases
duration: null
severity: low
closed_at: null
closed_by: null
created_at: '2022-03-24T00:37:03.906Z'
created_by:
username: elastic
full_name: null
email: null
status: open
updated_at: '2022-03-24T01:27:06.210Z'
updated_by:
username: elastic
full_name: null
email: null
connector:
id: none
name: none
type: .none
fields: null
external_service: null
security:
- basicAuth: []
- apiKeyAuth: []

100
x-pack/plugins/cases/docs/openapi/components/examples/add_comment_response.yaml
View file

@ -1,58 +1,46 @@
summary: The add comment to case API returns a JSON object that contains details about the case and its comments.
value:
{
"comments":[
{
"id": "8af6ac20-74f6-11ea-b83a-553aecdb28b6",
"version": "WzIwNDMxLDFd",
"type":"user",
"owner":"cases",
"comment":"A new comment.",
"created_at":"2022-06-02T00:49:47.716Z",
"created_by": {
"username": "elastic",
"email": null,
"full_name": null
},
"pushed_at":null,
"pushed_by":null,
"updated_at":null,
"updated_by":null
}
],
"totalAlerts":0,
"id":"293f1bc0-74f6-11ea-b83a-553aecdb28b6",
"version":"WzIzMzgsMV0=",
"totalComment":1,
"title": "Case title 1",
"tags": ["tag 1"],
"description": "A case description.",
"settings": {
"syncAlerts":false
},
"owner": "cases",
"duration": null,
"severity": "low",
"closed_at": null,
"closed_by": null,
"created_at": "2022-03-24T00:37:03.906Z",
"created_by": {
"email": null,
"full_name": null,
"username": "elastic"
},
"status": "open",
"updated_at": "2022-06-03T00:49:47.716Z",
"updated_by": {
"username": "elastic",
"email": null,
"full_name": null
},
"connector": {
"id": "none",
"name": "none",
"type": ".none",
"fields": null
},
"external_service": null
}
comments:
- id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
version: WzIwNDMxLDFd
type: user
owner: cases
comment: A new comment.
created_at: '2022-06-02T00:49:47.716Z'
created_by:
username: elastic
email: null
full_name: null
totalAlerts: 0
id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6
version: WzIzMzgsMV0=
totalComment: 1
title: Case title 1
tags:
- tag 1
description: A case description.
settings:
syncAlerts: false
owner: cases
duration: null
severity: low
closed_at: null
closed_by: null
created_at: '2022-03-24T00:37:03.906Z'
created_by:
username: elastic
full_name: null
email: null
status: open
updated_at: '2022-06-03T00:49:47.716Z'
updated_by:
username: elastic
email: null
full_name: null
connector:
id: none
name: none
type: .none
fields: null
external_service: null

3
x-pack/plugins/cases/docs/openapi/components/examples/update_comment_request.yaml
View file

@ -4,5 +4,6 @@ value:
"id": "8af6ac20-74f6-11ea-b83a-553aecdb28b6",
"version": "Wzk1LDFd",
"type": "user",
"comment": "An updated comment."
"comment": "An updated comment.",
"owner": "cases"
}

107
x-pack/plugins/cases/docs/openapi/components/examples/update_comment_response.yaml
View file

@ -1,59 +1,52 @@
summary: The add comment to case API returns a JSON object that contains details about the case and its comments.
value:
{
"comments":[{
"id": "8af6ac20-74f6-11ea-b83a-553aecdb28b6",
"version": "WzIwNjM3LDFd",
"comment": "An updated comment.",
"type": "user",
"owner": "cases",
"created_at": "2022-03-24T00:37:10.832Z",
"created_by": {
"username": "elastic",
"full_name": null,
"email": null
},
"pushed_at": null,
"pushed_by": null,
"updated_at": "2022-03-24T01:27:06.210Z",
"updated_by": {
"username": "elastic",
"full_name": null,
"email": null
}
}
],
"totalAlerts": 0,
"id": "293f1bc0-74f6-11ea-b83a-553aecdb28b6",
"version": "WzIwNjM2LDFd",
"totalComment": 1,
"title": "Case title 1",
"tags": ["tag 1"],
"description": "A case description.",
"settings": {"syncAlerts":false},
"owner": "cases",
"duration": null,
"severity": "low",
"closed_at": null,
"closed_by": null,
"created_at": "2022-03-24T00:37:03.906Z",
"created_by": {
"username": "elastic",
"full_name": null,
"email": null
},
"status": "open",
"updated_at": "2022-03-24T01:27:06.210Z",
"updated_by": {
"username": "elastic",
"full_name": null,
"email": null
},
"connector": {
"id": "none",
"name": "none",
"type": ".none",
"fields": null
},
"external_service": null
}
comments:
- id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
version: WzIwNjM3LDFd
comment: An updated comment.
type: user
owner: cases
created_at: '2022-03-24T00:37:10.832Z'
created_by:
username: elastic
full_name: null
email: null
pushed_at: null
pushed_by: null
updated_at: '2022-03-24T01:27:06.210Z'
updated_by:
username: elastic
full_name: null
email: null
totalAlerts: 0
id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6
version: WzIwNjM2LDFd
totalComment: 1
title: Case title 1
tags:
- tag 1
description: A case description.
settings:
syncAlerts: false
owner: cases
duration: null
severity: low
closed_at: null
closed_by: null
created_at: '2022-03-24T00:37:03.906Z'
created_by:
username: elastic
full_name: null
email: null
status: open
updated_at: '2022-03-24T01:27:06.210Z'
updated_by:
username: elastic
full_name: null
email: null
connector:
id: none
name: none
type: .none
fields: null
external_service: null

2
x-pack/plugins/cases/docs/openapi/components/parameters/case_id.yaml
View file

@ -4,4 +4,4 @@ description: The identifier for the case. To retrieve case IDs, use the find cas
required: true
schema:
type: string
example: '9c235210-6834-11ea-a78c-6ffb38a34414'
example: 9c235210-6834-11ea-a78c-6ffb38a34414

69
x-pack/plugins/cases/docs/openapi/components/schemas/add_alert_comment_request_properties.yaml
View file

@ -1,55 +1,24 @@
type: object
properties:
alertId:
description: >
The alert identifier. It is required only when `type` is `alert`. If it is
an array, `index` must also be an array. This functionality is in
technical preview and may be changed or removed in a future release.
Elastic will apply best effort to fix any issues, but features in
technical preview are not subject to the support SLA of official GA
features.
oneOf:
- type: string
- type: array
items:
type: string
x-technical-preview: true
example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42
index:
description: >
The alert index. It is required only when `type` is `alert`. If it is an
array, `alertId` must also be an array. This functionality is in technical
preview and may be changed or removed in a future release. Elastic will
apply best effort to fix any issues, but features in technical preview are
not subject to the support SLA of official GA features.
oneOf:
- type: string
- type: array
items:
type: string
x-technical-preview: true
owner:
$ref: 'owners.yaml'
rule:
description: >
The rule that is associated with the alert. It is required only when
`type` is `alert`. This functionality is in technical preview and may be
changed or removed in a future release. Elastic will apply best effort to
fix any issues, but features in technical preview are not subject to the
support SLA of official GA features.
type: object
x-technical-preview: true
properties:
$ref: 'rule_properties.yaml'
type:
description: The type of comment.
type: string
enum:
- alert
example: alert
title: Add case comment request properties for alerts
required:
- alertId
- index
- owner
- rule
- type
- type
description: Defines properties for case comment requests when type is alert.
type: object
properties:
alertId:
$ref: 'alert_identifiers.yaml'
index:
$ref: 'alert_indices.yaml'
owner:
$ref: 'owners.yaml'
rule:
$ref: 'rule.yaml'
type:
description: The type of comment.
type: string
example: alert
enum:
- alert

9
x-pack/plugins/cases/docs/openapi/components/schemas/add_case_comment_request.yaml Normal file
View file

@ -0,0 +1,9 @@
title: Add case comment request
description: >-
The add comment to case API request body varies depending on whether you are
adding an alert or a comment.
discriminator:
propertyName: type
oneOf:
- $ref: 'add_alert_comment_request_properties.yaml'
- $ref: 'add_user_comment_request_properties.yaml'

4
x-pack/plugins/cases/docs/openapi/components/schemas/add_user_comment_request_properties.yaml
View file

@ -1,3 +1,5 @@
title: Add case comment request properties for user comments
description: Defines properties for case comment requests when type is user.
type: object
properties:
comment:
@ -9,9 +11,9 @@ properties:
type:
type: string
description: The type of comment.
example: user
enum:
- user
example: user
required:
- comment
- owner

6
x-pack/plugins/cases/docs/openapi/components/schemas/alert_comment_response_properties.yaml
View file

@ -1,5 +1,7 @@
title: Add case comment response properties for alerts
type: object
required:
- type
properties:
alertId:
type: string
@ -37,6 +39,8 @@ properties:
type:
type: string
example: alert
enum:
- alert
updated_at:
type: string
format: date-time

15
x-pack/plugins/cases/docs/openapi/components/schemas/alert_identifiers.yaml Normal file
View file

@ -0,0 +1,15 @@
title: Alert identifiers
description: >
The alert identifier. It is required only when `type` is `alert`. If it is
an array, `index` must also be an array with the same length or number of
elements. This functionality is in technical preview and may be changed or
removed in a future release. Elastic will apply best effort to fix any issues,
but features in technical preview are not subject to the support SLA of
official GA features.
oneOf:
- type: string
- type: array
items:
type: string
x-technical-preview: true
example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42

14
x-pack/plugins/cases/docs/openapi/components/schemas/alert_indices.yaml Normal file
View file

@ -0,0 +1,14 @@
title: Alert indices
description: >
The alert index. It is required only when `type` is `alert`. If it is an
array, `alertId` must also be an array with the same length or number of
elements. This functionality is in technical preview and may be changed or
removed in a future release. Elastic will apply best effort to fix any issues,
but features in technical preview are not subject to the support SLA of
official GA features.
oneOf:
- type: string
- type: array
items:
type: string
x-technical-preview: true

9
x-pack/plugins/cases/docs/openapi/components/schemas/case_response_closed_by_properties.yaml Normal file
View file

@ -0,0 +1,9 @@
title: Case response properties for closed_by
type: object
nullable: true
properties:
$ref: 'user_properties.yaml'
required:
- email
- full_name
- username

52
x-pack/plugins/cases/docs/openapi/components/schemas/case_response_connector_field_properties.yaml Normal file
View file

@ -0,0 +1,52 @@
title: Case response properties for connector fields
type: object
description: An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.
nullable: true
properties:
caseId:
description: The case identifier for Swimlane connectors.
type: string
category:
description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
type: string
destIp:
description: A comma-separated list of destination IPs for ServiceNow SecOps connectors.
type: string
impact:
description: The effect an incident had on business for ServiceNow ITSM connectors.
type: string
issueType:
description: The type of issue for Jira connectors.
type: string
issueTypes:
description: The type of incident for IBM Resilient connectors.
type: array
items:
type: number
malwareHash:
description: A comma-separated list of malware hashes for ServiceNow SecOps connectors.
type: string
malwareUrl:
description: A comma-separated list of malware URLs for ServiceNow SecOps connectors.
type: string
parent:
description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
type: string
priority:
description: The priority of the issue for Jira and ServiceNow SecOps connectors.
type: string
severity:
description: The severity of the incident for ServiceNow ITSM connectors.
type: string
severityCode:
description: The severity code of the incident for IBM Resilient connectors.
type: number
sourceIp:
description: A comma-separated list of source IPs for ServiceNow SecOps connectors.
type: string
subcategory:
description: The subcategory of the incident for ServiceNow ITSM connectors.
type: string
urgency:
description: The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors.
type: string

8
x-pack/plugins/cases/docs/openapi/components/schemas/case_response_created_by_properties.yaml Normal file
View file

@ -0,0 +1,8 @@
title: Case response properties for created_by
type: object
properties:
$ref: 'user_properties.yaml'
required:
- email
- full_name
- username

192
x-pack/plugins/cases/docs/openapi/components/schemas/case_response_properties.yaml
View file

@ -1,82 +1,112 @@
closed_at:
type: string
format: date-time
nullable: true
example: null
closed_by:
type: object
properties:
$ref: 'user_properties.yaml'
nullable: true
example: null
comments:
type: array
items:
oneOf:
- $ref: 'alert_comment_response_properties.yaml'
- $ref: 'user_comment_response_properties.yaml'
example: []
connector:
type: object
properties:
$ref: 'connector_properties.yaml'
created_at:
type: string
format: date-time
example: 2022-05-13T09:16:17.416Z
created_by:
type: object
properties:
$ref: 'user_properties.yaml'
description:
type: string
example: "A case description."
duration:
type: integer
description: >
The elapsed time from the creation of the case to its closure (in seconds).
If the case has not been closed, the duration is set to null. If the case
was closed after less than half a second, the duration is rounded down to
zero.
example: 120
external_service:
$ref: 'external_service.yaml'
id:
type: string
example: 66b9aa00-94fa-11ea-9f74-e7e108796192
owner:
$ref: 'owners.yaml'
settings:
$ref: 'settings.yaml'
severity:
$ref: 'severity_property.yaml'
status:
$ref: 'status.yaml'
tags:
type: array
items:
title: Case response properties
type: object
required:
- closed_at
- closed_by
- comments
- connector
- created_at
- created_by
- description
- duration
- external_service
- id
- owner
- settings
- severity
- status
- tags
- title
- totalAlerts
- totalComment
- updated_at
- updated_by
- version
properties:
closed_at:
type: string
example: ["tag-1"]
title:
type: string
example: Case title 1
totalAlerts:
type: integer
example: 0
totalComment:
type: integer
example: 0
updated_at:
type: string
format: date-time
nullable: true
example: null
updated_by:
type: object
properties:
$ref: 'user_properties.yaml'
nullable: true
example: null
version:
type: string
example: WzUzMiwxXQ==
format: date-time
nullable: true
closed_by:
$ref: 'case_response_closed_by_properties.yaml'
comments:
title: Case response properties for comments
description: An array of comment objects for the case.
type: array
items:
discriminator:
propertyName: type
oneOf:
- $ref: 'alert_comment_response_properties.yaml'
- $ref: 'user_comment_response_properties.yaml'
connector:
title: Case response properties for connectors
type: object
properties:
fields:
$ref: 'case_response_connector_field_properties.yaml'
id:
description: The identifier for the connector. To create a case without a connector, use `none`.
type: string
example: none
name:
description: The name of the connector. To create a case without a connector, use `none`.
type: string
example: none
type:
$ref: 'connector_types.yaml'
created_at:
type: string
format: date-time
example: '2022-05-13T09:16:17.416Z'
created_by:
$ref: 'case_response_created_by_properties.yaml'
description:
type: string
example: A case description.
duration:
type: integer
description: >
The elapsed time from the creation of the case to its closure (in seconds).
If the case has not been closed, the duration is set to null. If the case
was closed after less than half a second, the duration is rounded down to
zero.
nullable: true
example: 120
external_service:
$ref: 'external_service.yaml'
id:
type: string
example: 66b9aa00-94fa-11ea-9f74-e7e108796192
owner:
$ref: 'owners.yaml'
settings:
$ref: 'settings.yaml'
severity:
$ref: 'severity_property.yaml'
status:
$ref: 'status.yaml'
tags:
type: array
items:
type: string
example:
- tag-1
title:
type: string
example: Case title 1
totalAlerts:
type: integer
example: 0
totalComment:
type: integer
example: 0
updated_at:
type: string
format: date-time
nullable: true
updated_by:
$ref: 'case_response_updated_by_properties.yaml'
version:
type: string
example: WzUzMiwxXQ==

9
x-pack/plugins/cases/docs/openapi/components/schemas/case_response_pushed_by_properties.yaml Normal file
View file

@ -0,0 +1,9 @@
title: Case response properties for pushed_by
type: object
nullable: true
properties:
$ref: 'user_properties.yaml'
required:
- email
- full_name
- username

9
x-pack/plugins/cases/docs/openapi/components/schemas/case_response_updated_by_properties.yaml Normal file
View file

@ -0,0 +1,9 @@
title: Case response properties for updated_by
type: object
nullable: true
properties:
$ref: 'user_properties.yaml'
required:
- email
- full_name
- username

1
x-pack/plugins/cases/docs/openapi/components/schemas/external_service.yaml
View file

@ -1,4 +1,5 @@
type: object
nullable: true
properties:
connector_id:
type: string

18
x-pack/plugins/cases/docs/openapi/components/schemas/rule.yaml Normal file
View file

@ -0,0 +1,18 @@
title: Alerting rule
description: >
The rule that is associated with the alert. It is required only when
`type` is `alert`. This functionality is in technical preview and may be
changed or removed in a future release. Elastic will apply best effort to
fix any issues, but features in technical preview are not subject to the
support SLA of official GA features.
type: object
x-technical-preview: true
properties:
id:
description: The rule identifier.
type: string
example: 94d80550-aaf4-11ec-985f-97e55adae8b9
name:
description: The rule name.
type: string
example: security_rule

61
x-pack/plugins/cases/docs/openapi/components/schemas/update_alert_comment_request_properties.yaml
View file

@ -1,20 +1,17 @@
title: Update case comment request properties for alerts
description: Defines properties for case comment requests when type is alert.
required:
- alertId
- id
- index
- owner
- rule
- type
- version
type: object
properties:
alertId:
description: >
The alert identifier. It is required only when `type` is `alert`. If it is
an array, `index` must also be an array. This functionality is in
technical preview and may be changed or removed in a future release.
Elastic will apply best effort to fix any issues, but features in
technical preview are not subject to the support SLA of official GA
features.
oneOf:
- type: string
- type: array
items:
type: string
x-technical-preview: true
example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42
alertId:
$ref: 'alert_identifiers.yaml'
id:
type: string
description: >
@ -22,31 +19,11 @@ properties:
get comments API.
example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
index:
description: >
The alert index. It is required only when `type` is `alert`. If it is an
array, `alertId` must also be an array. This functionality is in technical
preview and may be changed or removed in a future release. Elastic will
apply best effort to fix any issues, but features in technical preview are
not subject to the support SLA of official GA features.
oneOf:
- type: string
- type: array
items:
type: string
x-technical-preview: true
$ref: 'alert_indices.yaml'
owner:
$ref: 'owners.yaml'
rule:
description: >
The rule that is associated with the alert. It is required only when
`type` is `alert`. This functionality is in technical preview and may be
changed or removed in a future release. Elastic will apply best effort to
fix any issues, but features in technical preview are not subject to the
support SLA of official GA features.
type: object
x-technical-preview: true
properties:
$ref: 'rule_properties.yaml'
$ref: 'rule.yaml'
type:
description: The type of comment.
type: string
@ -58,12 +35,4 @@ properties:
The current comment version. To retrieve version values, use the get
comments API.
type: string
example: Wzk1LDFd
required:
- alertId
- id
- index
- owner
- rule
- type
- version
example: Wzk1LDFd

9
x-pack/plugins/cases/docs/openapi/components/schemas/update_case_comment_request.yaml Normal file
View file

@ -0,0 +1,9 @@
title: Update case comment request
description: >-
The update case comment API request body varies depending on whether you are
updating an alert or a comment.
discriminator:
propertyName: type
oneOf:
- $ref: 'update_alert_comment_request_properties.yaml'
- $ref: 'update_user_comment_request_properties.yaml'

2
x-pack/plugins/cases/docs/openapi/components/schemas/update_user_comment_request_properties.yaml
View file

@ -1,3 +1,5 @@
title: Update case comment request properties for user comments
description: Defines properties for case comment requests when type is user.
type: object
properties:
comment:

21
x-pack/plugins/cases/docs/openapi/components/schemas/user_comment_response_properties.yaml
View file

@ -1,4 +1,7 @@
title: Case response properties for user comments
type: object
required:
- type
properties:
comment:
type: string
@ -8,9 +11,7 @@ properties:
format: date-time
example: 2022-05-13T09:16:17.416Z
created_by:
type: object
properties:
$ref: 'user_properties.yaml'
$ref: 'case_response_created_by_properties.yaml'
id:
type: string
example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
@ -22,25 +23,19 @@ properties:
nullable: true
example: null
pushed_by:
type: object
properties:
$ref: 'user_properties.yaml'
nullable: true
example: null
$ref: 'case_response_pushed_by_properties.yaml'
type:
type: string
example: user
enum:
- user
updated_at:
type: string
format: date-time
nullable: true
example: null
updated_by:
type: object
properties:
$ref: 'user_properties.yaml'
nullable: true
example: null
$ref: 'case_response_updated_by_properties.yaml'
version:
type: string
example: WzIwNDMxLDFd

3
x-pack/plugins/cases/docs/openapi/components/schemas/user_properties.yaml
View file

@ -1,12 +1,15 @@
email:
type: string
example: null
nullable: true
full_name:
type: string
example: null
nullable: true
username:
type: string
example: elastic
nullable: true
profile_uid:
type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0

59
x-pack/plugins/cases/docs/openapi/entrypoint-min.yaml Normal file
View file

@ -0,0 +1,59 @@
openapi: 3.0.1
info:
title: Cases
description: OpenAPI schema for Cases endpoints
version: '0.2'
contact:
name: Cases Team
license:
name: Elastic License 2.0
url: https://www.elastic.co/licensing/elastic-license
tags:
- name: cases
description: Case APIs enable you to open and track issues.
servers:
- url: 'http://localhost:5601'
description: local
paths:
# '/s/{spaceId}/api/cases':
# $ref: 'paths/s@{spaceid}@api@cases.yaml'
# '/s/{spaceId}/api/cases/_find':
# $ref: 'paths/s@{spaceid}@api@cases@_find.yaml'
# '/s/{spaceId}/api/cases/alerts/{alertId}':
# $ref: 'paths/s@{spaceid}@api@cases@alerts@{alertid}.yaml'
# '/s/{spaceId}/api/cases/configure':
# $ref: paths/s@{spaceid}@api@cases@configure.yaml
# '/s/{spaceId}/api/cases/configure/{configurationId}':
# $ref: paths/s@{spaceid}@api@cases@configure@{configurationid}.yaml
# '/s/{spaceId}/api/cases/configure/connectors/_find':
# $ref: paths/s@{spaceid}@api@cases@configure@connectors@_find.yaml
# '/s/{spaceId}/api/cases/reporters':
# $ref: 'paths/s@{spaceid}@api@cases@reporters.yaml'
# '/s/{spaceId}/api/cases/status':
# $ref: 'paths/s@{spaceid}@api@cases@status.yaml'
# '/s/{spaceId}/api/cases/tags':
# $ref: 'paths/s@{spaceid}@api@cases@tags.yaml'
# '/s/{spaceId}/api/cases/{caseId}':
# $ref: 'paths/s@{spaceid}@api@cases@{caseid}.yaml'
# '/s/{spaceId}/api/cases/{caseId}/alerts':
# $ref: 'paths/s@{spaceid}@api@cases@{caseid}@alerts.yaml'
'/s/{spaceId}/api/cases/{caseId}/comments':
$ref: 'paths/s@{spaceid}@api@cases@{caseid}@comments.yaml'
# '/s/{spaceId}/api/cases/{caseId}/comments/{commentId}':
# $ref: 'paths/s@{spaceid}@api@cases@{caseid}@comments@{commentid}.yaml'
# '/s/{spaceId}/api/cases/{caseId}/connector/{connectorId}/_push':
# $ref: 'paths/s@{spaceid}@api@cases@{caseid}@connector@{connectorid}@_push.yaml'
# '/s/{spaceId}/api/cases/{caseId}/user_actions':
# $ref: 'paths/s@{spaceid}@api@cases@{caseid}@user_actions.yaml'
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
apiKeyAuth:
type: apiKey
in: header
name: ApiKey
security:
- basicAuth: []
- apiKeyAuth: []

2
x-pack/plugins/cases/docs/openapi/entrypoint.yaml
View file

@ -11,8 +11,6 @@ info:
tags:
- name: cases
description: Case APIs enable you to open and track issues.
- name: kibana
description: Kibana APIs enable you to interact with Kibana features.
servers:
- url: 'http://localhost:5601'
description: local

12
x-pack/plugins/cases/docs/openapi/paths/s@{spaceid}@api@cases.yaml
View file

@ -57,11 +57,9 @@ post:
'200':
description: Indicates a successful call.
content:
application/json; charset=utf-8:
application/json:
schema:
type: object
properties:
$ref: '../components/schemas/case_response_properties.yaml'
$ref: '../components/schemas/case_response_properties.yaml'
examples:
createCaseResponse:
$ref: '../components/examples/create_case_response.yaml'
@ -160,11 +158,9 @@ patch:
'200':
description: Indicates a successful call.
content:
application/json; charset=utf-8:
application/json:
schema:
type: object
properties:
$ref: '../components/schemas/case_response_properties.yaml'
$ref: '../components/schemas/case_response_properties.yaml'
examples:
updateCaseResponse:
$ref: '../components/examples/update_case_response.yaml'

4
x-pack/plugins/cases/docs/openapi/paths/s@{spaceid}@api@cases@_find.yaml
View file

@ -138,9 +138,7 @@ get:
cases:
type: array
items:
type: object
properties:
$ref: '../components/schemas/case_response_properties.yaml'
$ref: '../components/schemas/case_response_properties.yaml'
count_closed_cases:
type: integer
count_in_progress_cases:

6
x-pack/plugins/cases/docs/openapi/paths/s@{spaceid}@api@cases@{caseid}.yaml
View file

@ -21,11 +21,9 @@ get:
'200':
description: Indicates a successful call.
content:
application/json; charset=utf-8:
application/json:
schema:
type: object
properties:
$ref: '../components/schemas/case_response_properties.yaml'
$ref: '../components/schemas/case_response_properties.yaml'
examples:
getCaseResponse:
$ref: '../components/examples/get_case_response.yaml'

32
x-pack/plugins/cases/docs/openapi/paths/s@{spaceid}@api@cases@{caseid}@comments.yaml
View file

@ -12,12 +12,11 @@ post:
- $ref: '../components/parameters/case_id.yaml'
- $ref: '../components/parameters/space_id.yaml'
requestBody:
required: true
content:
application/json:
schema:
oneOf:
- $ref: '../components/schemas/add_alert_comment_request_properties.yaml'
- $ref: '../components/schemas/add_user_comment_request_properties.yaml'
$ref: '../components/schemas/add_case_comment_request.yaml'
examples:
createCaseCommentRequest:
$ref: '../components/examples/add_comment_request.yaml'
@ -25,11 +24,9 @@ post:
'200':
description: Indicates a successful call.
content:
application/json; charset=utf-8:
application/json:
schema:
type: object
properties:
$ref: '../components/schemas/case_response_properties.yaml'
$ref: '../components/schemas/case_response_properties.yaml'
examples:
createCaseCommentResponse:
$ref: '../components/examples/add_comment_response.yaml'
@ -70,12 +67,11 @@ patch:
- $ref: '../components/parameters/case_id.yaml'
- $ref: '../components/parameters/space_id.yaml'
requestBody:
required: true
content:
application/json:
schema:
oneOf:
- $ref: '../components/schemas/update_alert_comment_request_properties.yaml'
- $ref: '../components/schemas/update_user_comment_request_properties.yaml'
$ref: '../components/schemas/update_case_comment_request.yaml'
examples:
updateCaseCommentRequest:
$ref: '../components/examples/update_comment_request.yaml'
@ -83,11 +79,9 @@ patch:
'200':
description: Indicates a successful call.
content:
application/json; charset=utf-8:
application/json:
schema:
type: object
properties:
$ref: '../components/schemas/case_response_properties.yaml'
$ref: '../components/schemas/case_response_properties.yaml'
examples:
updateCaseCommentResponse:
$ref: '../components/examples/update_comment_response.yaml'
@ -111,14 +105,10 @@ get:
'200':
description: Indicates a successful call.
content:
application/json; charset=utf-8:
application/json:
schema:
type: array
items:
anyOf:
- $ref: '../components/schemas/alert_comment_response_properties.yaml'
- $ref: '../components/schemas/user_comment_response_properties.yaml'
examples: {}
$ref: '../components/schemas/case_response_properties.yaml'
servers:
- url: https://localhost:5601

6
x-pack/plugins/cases/docs/openapi/paths/s@{spaceid}@api@cases@{caseid}@connector@{connectorid}@_push.yaml
View file

@ -21,11 +21,9 @@ post:
'200':
description: Indicates a successful call.
content:
application/json; charset=utf-8:
application/json:
schema:
type: object
properties:
$ref: '../components/schemas/case_response_properties.yaml'
$ref: '../components/schemas/case_response_properties.yaml'
examples:
pushCaseResponse:
$ref: '../components/examples/push_case_response.yaml'