github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.16] Improves Entity Analytics API content (#193404) (#204919)

Browse source 
# Backport

This will backport the following commits from `main` to `8.16`:
- [Improves Entity Analytics API content
(#193404)](https://github.com/elastic/kibana/pull/193404)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"natasha-moore-elastic","email":"137783811+natasha-moore-elastic@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-09-20T10:26:54Z","message":"Improves
Entity Analytics API content (#193404)\n\n## Summary\r\n\r\nResolves
https://github.com/elastic/security-docs-internal/issues/39
by\r\nimproving the Entity Analytics API docs content. Adds missing
and\r\nimproves existing operation summaries and operation descriptions
to\r\nadhere to our
[OAS\r\nstandards](450494532/API+reference+docs).\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"d49f7e4a6bdcd133c0dc05170eae9592bfc59c63","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:skip","v9.0.0","docs","Team:
SecuritySolution","APIDocs","Team:Entity
Analytics"],"number":193404,"url":"https://github.com/elastic/kibana/pull/193404","mergeCommit":{"message":"Improves
Entity Analytics API content (#193404)\n\n## Summary\r\n\r\nResolves
https://github.com/elastic/security-docs-internal/issues/39
by\r\nimproving the Entity Analytics API docs content. Adds missing
and\r\nimproves existing operation summaries and operation descriptions
to\r\nadhere to our
[OAS\r\nstandards](450494532/API+reference+docs).\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"d49f7e4a6bdcd133c0dc05170eae9592bfc59c63"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193404","number":193404,"mergeCommit":{"message":"Improves
Entity Analytics API content (#193404)\n\n## Summary\r\n\r\nResolves
https://github.com/elastic/security-docs-internal/issues/39
by\r\nimproving the Entity Analytics API docs content. Adds missing
and\r\nimproves existing operation summaries and operation descriptions
to\r\nadhere to our
[OAS\r\nstandards](450494532/API+reference+docs).\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"d49f7e4a6bdcd133c0dc05170eae9592bfc59c63"}}]}]
BACKPORT-->

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
natasha-moore-elastic 2024-12-19 13:18:40 +00:00 committed by GitHub
parent 62cb92963f
commit 360e200bac
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 118 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

27
oas_docs/output/kibana.yaml
View file

@ -6114,7 +6114,7 @@ paths:
- APM annotations
/api/asset_criticality:
delete:
description: Delete the asset criticality record for a specific asset if it exists.
description: Delete the asset criticality record for a specific entity.
operationId: DeleteAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -6156,11 +6156,11 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Delete Criticality Record
summary: Delete an asset criticality record
tags:
- Security Entity Analytics API
get:
description: Get the criticality record for a specific asset.
description: Get the asset criticality record for a specific entity.
operationId: GetAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -6187,11 +6187,14 @@ paths:
description: Invalid request
'404':
description: Criticality record not found
summary: Get Criticality Record
summary: Get an asset criticality record
tags:
- Security Entity Analytics API
post:
description: Create or update a criticality record for a specific asset.
description: |
Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created.
operationId: CreateAssetCriticalityRecord
requestBody:
content:
@ -6216,12 +6219,15 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Upsert Criticality Record
summary: Upsert an asset criticality record
tags:
- Security Entity Analytics API
/api/asset_criticality/bulk:
post:
description: Bulk upsert up to 1000 asset criticality records, creating or updating them as needed.
description: |
Bulk upsert up to 1000 asset criticality records.
If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created.
operationId: BulkUpsertAssetCriticalityRecords
requestBody:
content:
@ -6272,7 +6278,7 @@ paths:
description: Bulk upload successful
'413':
description: File too large
summary: Bulk Upsert Asset Criticality Records
summary: Bulk upsert asset criticality records
tags:
- Security Entity Analytics API
/api/asset_criticality/list:
@ -6348,7 +6354,7 @@ paths:
- per_page
- total
description: Bulk upload successful
summary: List Asset Criticality Records
summary: List asset criticality records
tags:
- Security Entity Analytics API
/api/cases:
@ -17596,6 +17602,7 @@ paths:
- Security Entity Analytics API
/api/risk_score/engine/schedule_now:
post:
description: Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality.
operationId: ScheduleRiskEngineNow
requestBody:
content:
@ -17619,7 +17626,7 @@ paths:
schema:
$ref: '#/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse'
description: Unexpected error
summary: Schedule the risk engine to run as soon as possible
summary: Run the risk scoring engine
tags:
- Security Entity Analytics API
/api/saved_objects/_bulk_create:

7
x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.schema.yaml
View file

@ -9,8 +9,11 @@ paths:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: BulkUpsertAssetCriticalityRecords
summary: Bulk Upsert Asset Criticality Records
description: Bulk upsert up to 1000 asset criticality records, creating or updating them as needed.
summary: Bulk upsert asset criticality records
description: |
Bulk upsert up to 1000 asset criticality records.
If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created.
requestBody:
content:
application/json:

7
x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/create_asset_criticality.schema.yaml
View file

@ -9,8 +9,11 @@ paths:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: CreateAssetCriticalityRecord
summary: Upsert Criticality Record
description: Create or update a criticality record for a specific asset.
summary: Upsert an asset criticality record
description: |
Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created.
requestBody:
required: true
content:

4
x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/delete_asset_criticality.schema.yaml
View file

@ -9,8 +9,8 @@ paths:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: DeleteAssetCriticalityRecord
summary: Delete Criticality Record
description: Delete the asset criticality record for a specific asset if it exists.
summary: Delete an asset criticality record
description: Delete the asset criticality record for a specific entity.
parameters:
- name: id_value
in: query

4
x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/get_asset_criticality.schema.yaml
View file

@ -9,8 +9,8 @@ paths:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: GetAssetCriticalityRecord
summary: Get Criticality Record
description: Get the criticality record for a specific asset.
summary: Get an asset criticality record
description: Get the asset criticality record for a specific entity.
parameters:
- name: id_value
in: query

2
x-pack/plugins/security_solution/common/api/entity_analytics/asset_criticality/list_asset_criticality.schema.yaml
View file

@ -9,7 +9,7 @@ paths:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: FindAssetCriticalityRecords
summary: List Asset Criticality Records
summary: List asset criticality records
description: List asset criticality records, paging, sorting and filtering as needed.
parameters:
- name: sort_field

3
x-pack/plugins/security_solution/common/api/entity_analytics/risk_engine/engine_schedule_now_route.schema.yaml
View file

@ -19,7 +19,8 @@ paths:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: ScheduleRiskEngineNow
summary: Schedule the risk engine to run as soon as possible
summary: Run the risk scoring engine
description: Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality.
requestBody:
content:
application/json: {}

21
x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts
View file

@ -521,8 +521,11 @@ after 30 days. It also deletes other artifacts specific to the migration impleme
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Bulk upsert up to 1000 asset criticality records, creating or updating them as needed.
*/
* Bulk upsert up to 1000 asset criticality records.
If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created.
*/
async bulkUpsertAssetCriticalityRecords(props: BulkUpsertAssetCriticalityRecordsProps) {
this.log.info(`${new Date().toISOString()} Calling API BulkUpsertAssetCriticalityRecords`);
return this.kbnClient
@ -618,8 +621,11 @@ Migrations are initiated per index. While the process is neither destructive nor
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Create or update a criticality record for a specific asset.
*/
* Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created.
*/
async createAssetCriticalityRecord(props: CreateAssetCriticalityRecordProps) {
this.log.info(`${new Date().toISOString()} Calling API CreateAssetCriticalityRecord`);
return this.kbnClient
@ -694,7 +700,7 @@ Migrations are initiated per index. While the process is neither destructive nor
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Delete the asset criticality record for a specific asset if it exists.
* Delete the asset criticality record for a specific entity.
*/
async deleteAssetCriticalityRecord(props: DeleteAssetCriticalityRecordProps) {
this.log.info(`${new Date().toISOString()} Calling API DeleteAssetCriticalityRecord`);
@ -1199,7 +1205,7 @@ finalize it.
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get the criticality record for a specific asset.
* Get the asset criticality record for a specific entity.
*/
async getAssetCriticalityRecord(props: GetAssetCriticalityRecordProps) {
this.log.info(`${new Date().toISOString()} Calling API GetAssetCriticalityRecord`);
@ -1821,6 +1827,9 @@ detection engine rules.
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality.
*/
async scheduleRiskEngineNow() {
this.log.info(`${new Date().toISOString()} Calling API ScheduleRiskEngineNow`);
return this.kbnClient

39
x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml
View file

@ -13,7 +13,7 @@ servers:
paths:
/api/asset_criticality:
delete:
description: Delete the asset criticality record for a specific asset if it exists.
description: Delete the asset criticality record for a specific entity.
operationId: DeleteAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -57,11 +57,11 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Delete Criticality Record
summary: Delete an asset criticality record
tags:
- Security Entity Analytics API
get:
description: Get the criticality record for a specific asset.
description: Get the asset criticality record for a specific entity.
operationId: GetAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -88,11 +88,17 @@ paths:
description: Invalid request
'404':
description: Criticality record not found
summary: Get Criticality Record
summary: Get an asset criticality record
tags:
- Security Entity Analytics API
post:
description: Create or update a criticality record for a specific asset.
description: >
Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is
overwritten with the specified value. If a record doesn't exist for the
specified entity, a new record is created.
operationId: CreateAssetCriticalityRecord
requestBody:
content:
@ -119,14 +125,19 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Upsert Criticality Record
summary: Upsert an asset criticality record
tags:
- Security Entity Analytics API
/api/asset_criticality/bulk:
post:
description: >-
Bulk upsert up to 1000 asset criticality records, creating or updating
them as needed.
description: >
Bulk upsert up to 1000 asset criticality records.
If asset criticality records already exist for the specified entities,
those records are overwritten with the specified values. If asset
criticality records don't exist for the specified entities, new records
are created.
operationId: BulkUpsertAssetCriticalityRecords
requestBody:
content:
@ -177,7 +188,7 @@ paths:
description: Bulk upload successful
'413':
description: File too large
summary: Bulk Upsert Asset Criticality Records
summary: Bulk upsert asset criticality records
tags:
- Security Entity Analytics API
/api/asset_criticality/list:
@ -253,7 +264,7 @@ paths:
- per_page
- total
description: Bulk upload successful
summary: List Asset Criticality Records
summary: List asset criticality records
tags:
- Security Entity Analytics API
/api/entity_store/engines:
@ -598,6 +609,10 @@ paths:
- Security Entity Analytics API
/api/risk_score/engine/schedule_now:
post:
description: >-
Schedule the risk scoring engine to run as soon as possible. You can use
this to recalculate entity risk scores after updating their asset
criticality.
operationId: ScheduleRiskEngineNow
requestBody:
content:
@ -621,7 +636,7 @@ paths:
schema:
$ref: '#/components/schemas/RiskEngineScheduleNowErrorResponse'
description: Unexpected error
summary: Schedule the risk engine to run as soon as possible
summary: Run the risk scoring engine
tags:
- Security Entity Analytics API
components:

39
x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml
View file

@ -13,7 +13,7 @@ servers:
paths:
/api/asset_criticality:
delete:
description: Delete the asset criticality record for a specific asset if it exists.
description: Delete the asset criticality record for a specific entity.
operationId: DeleteAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -57,11 +57,11 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Delete Criticality Record
summary: Delete an asset criticality record
tags:
- Security Entity Analytics API
get:
description: Get the criticality record for a specific asset.
description: Get the asset criticality record for a specific entity.
operationId: GetAssetCriticalityRecord
parameters:
- description: The ID value of the asset.
@ -88,11 +88,17 @@ paths:
description: Invalid request
'404':
description: Criticality record not found
summary: Get Criticality Record
summary: Get an asset criticality record
tags:
- Security Entity Analytics API
post:
description: Create or update a criticality record for a specific asset.
description: >
Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is
overwritten with the specified value. If a record doesn't exist for the
specified entity, a new record is created.
operationId: CreateAssetCriticalityRecord
requestBody:
content:
@ -119,14 +125,19 @@ paths:
description: Successful response
'400':
description: Invalid request
summary: Upsert Criticality Record
summary: Upsert an asset criticality record
tags:
- Security Entity Analytics API
/api/asset_criticality/bulk:
post:
description: >-
Bulk upsert up to 1000 asset criticality records, creating or updating
them as needed.
description: >
Bulk upsert up to 1000 asset criticality records.
If asset criticality records already exist for the specified entities,
those records are overwritten with the specified values. If asset
criticality records don't exist for the specified entities, new records
are created.
operationId: BulkUpsertAssetCriticalityRecords
requestBody:
content:
@ -177,7 +188,7 @@ paths:
description: Bulk upload successful
'413':
description: File too large
summary: Bulk Upsert Asset Criticality Records
summary: Bulk upsert asset criticality records
tags:
- Security Entity Analytics API
/api/asset_criticality/list:
@ -253,7 +264,7 @@ paths:
- per_page
- total
description: Bulk upload successful
summary: List Asset Criticality Records
summary: List asset criticality records
tags:
- Security Entity Analytics API
/api/entity_store/engines:
@ -598,6 +609,10 @@ paths:
- Security Entity Analytics API
/api/risk_score/engine/schedule_now:
post:
description: >-
Schedule the risk scoring engine to run as soon as possible. You can use
this to recalculate entity risk scores after updating their asset
criticality.
operationId: ScheduleRiskEngineNow
requestBody:
content:
@ -621,7 +636,7 @@ paths:
schema:
$ref: '#/components/schemas/RiskEngineScheduleNowErrorResponse'
description: Unexpected error
summary: Schedule the risk engine to run as soon as possible
summary: Run the risk scoring engine
tags:
- Security Entity Analytics API
components:

21
x-pack/test/api_integration/services/security_solution_api.gen.ts
View file

@ -240,8 +240,11 @@ after 30 days. It also deletes other artifacts specific to the migration impleme
.send(props.body as object);
},
/**
* Bulk upsert up to 1000 asset criticality records, creating or updating them as needed.
*/
* Bulk upsert up to 1000 asset criticality records.
If asset criticality records already exist for the specified entities, those records are overwritten with the specified values. If asset criticality records don't exist for the specified entities, new records are created.
*/
bulkUpsertAssetCriticalityRecords(
props: BulkUpsertAssetCriticalityRecordsProps,
kibanaSpace: string = 'default'
@ -310,8 +313,11 @@ Migrations are initiated per index. While the process is neither destructive nor
.send(props.body as object);
},
/**
* Create or update a criticality record for a specific asset.
*/
* Create or update an asset criticality record for a specific entity.
If a record already exists for the specified entity, that record is overwritten with the specified value. If a record doesn't exist for the specified entity, a new record is created.
*/
createAssetCriticalityRecord(
props: CreateAssetCriticalityRecordProps,
kibanaSpace: string = 'default'
@ -372,7 +378,7 @@ Migrations are initiated per index. While the process is neither destructive nor
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');
},
/**
* Delete the asset criticality record for a specific asset if it exists.
* Delete the asset criticality record for a specific entity.
*/
deleteAssetCriticalityRecord(
props: DeleteAssetCriticalityRecordProps,
@ -758,7 +764,7 @@ finalize it.
.query(props.query);
},
/**
* Get the criticality record for a specific asset.
* Get the asset criticality record for a specific entity.
*/
getAssetCriticalityRecord(
props: GetAssetCriticalityRecordProps,
@ -1207,6 +1213,9 @@ detection engine rules.
.send(props.body as object)
.query(props.query);
},
/**
* Schedule the risk scoring engine to run as soon as possible. You can use this to recalculate entity risk scores after updating their asset criticality.
*/
scheduleRiskEngineNow(kibanaSpace: string = 'default') {
return supertest
.post(routeWithNamespace('/api/risk_score/engine/schedule_now', kibanaSpace))