github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Edit layout of connector pages (#151534)

Browse source
This commit is contained in:
Lisa Cawley 2023-02-21 08:20:21 -08:00 committed by GitHub
parent 04ebbe66c5
commit 3759d73bac
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 748 additions and 615 deletions
Download patch file Download diff file Expand all files Collapse all files

43
docs/action-type-template.asciidoc
View file

@ -1,16 +1,25 @@
[[<ACTION-TYPE>-action-type]]
=== <ACTION-TYPE> connector and action
== <ACTION-TYPE> connector and action
++++
<titleabbrev><ACTION-TYPE></titleabbrev>
++++
Include a short description of the connector type.
[float]
[[define-<ACTION-TYPE>-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule.
// Optionally add a screenshot
[float]
[[<ACTION-TYPE>-connector-configuration]]
==== Connector configuration
<ACTION-TYPE> connectors have the following configuration properties.
<ACTION-TYPE> connectors have the following configuration properties:
////
List of user-facing connector configurations. This should align with the fields available in the Create connector flyout form for this connector type.
@ -20,8 +29,12 @@ Property1:: A short description of this property.
Property2:: A short description of this property with format hints. This can be specified in `this specific format`.
[float]
[[Preconfigured-<ACTION-TYPE>-configuration]]
==== Preconfigured connector type
[[preconfigured-<ACTION-TYPE>-configuration]]
=== Create preconfigured connectors
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
////
Example preconfigured format for this connector type
@ -29,14 +42,15 @@ Example preconfigured format for this connector type
[source,text]
--
my-<ACTION-TYPE>:
name: preconfigured-<ACTION-TYPE>-connector-type
actionTypeId: .<ACTION-TYPE>
config:
property1: value1
property2: value2
secrets:
property3: value3
xpack.actions.preconfigured:
my-<ACTION-TYPE>:
name: preconfigured-<ACTION-TYPE>-connector-type
actionTypeId: .<ACTION-TYPE>
config:
property1: value1
property2: value2
secrets:
property3: value3
--
////
@ -53,7 +67,10 @@ Secrets defines sensitive information for the connector type.
[float]
[[<ACTION-TYPE>-action-configuration]]
==== Action configuration
=== Test connectors
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}.
<ACTION-TYPE> actions have the following properties.

91
docs/management/connectors/action-types/cases-webhook.asciidoc
View file

@ -7,9 +7,19 @@
The {webhook-cm} connector uses https://github.com/axios/axios[axios] to send POST, PUT, and GET requests to a case management RESTful API web service.
[float]
[[define-cases-webhook-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/cases-webhook-connector.gif[{webhook-cm} connector]
[float]
[[cases-webhook-connector-configuration]]
=== Connector configuration
==== Connector configuration
{webhook-cm} connectors have the following configuration properties:
@ -96,39 +106,38 @@ Create comment object:: (Optional) A JSON payload sent to the create comment URL
NOTE: Due to Mustache template variables (the text enclosed in triple braces, for example, `{{{case.title}}}`), the JSON is not validated in this step. The JSON is validated once the mustache variables have been placed and when REST method runs. We recommend manually ensuring that the JSON is valid, disregarding the Mustache variables, so the later validation will pass.
[float]
[[cases-webhook-connector-networking-configuration]]
=== Connector networking configuration
[[preconfigured-cases-webhook-configuration]]
=== Create preconfigured connectors
Use the <<action-settings,action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-cases-webhook-configuration]]
=== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-case-management-webhook:
name: Case Management Webhook Connector
actionTypeId: .cases-webhook
config:
hasAuth: true
headers:
'content-type': 'application/json'
createIncidentUrl: 'https://testing-jira.atlassian.net/rest/api/2/issue'
createIncidentMethod: 'post'
createIncidentJson: '{"fields":{"summary":{{{case.title}}},"description":{{{case.description}}},"labels":{{{case.tags}}}'
getIncidentUrl: 'https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}'
getIncidentResponseExternalTitleKey: 'key'
viewIncidentUrl: 'https://testing-jira.atlassian.net/browse/{{{external.system.title}}}'
updateIncidentUrl: 'https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}'
updateIncidentMethod: 'put'
updateIncidentJson: '{"fields":{"summary":{{{case.title}}},"description":{{{case.description}}},"labels":{{{case.tags}}}'
createCommentMethod: 'post',
createCommentUrl: 'https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}/comment',
createCommentJson: '{"body": {{{case.comment}}}}',
secrets:
user: testuser
password: passwordvalue
xpack.actions.preconfigured:
my-case-management-webhook:
name: Case Management Webhook Connector
actionTypeId: .cases-webhook
config:
hasAuth: true
headers:
'content-type': 'application/json'
createIncidentUrl: 'https://testing-jira.atlassian.net/rest/api/2/issue'
createIncidentMethod: 'post'
createIncidentJson: '{"fields":{"summary":{{{case.title}}},"description":{{{case.description}}},"labels":{{{case.tags}}}'
getIncidentUrl: 'https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}'
getIncidentResponseExternalTitleKey: 'key'
viewIncidentUrl: 'https://testing-jira.atlassian.net/browse/{{{external.system.title}}}'
updateIncidentUrl: 'https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}'
updateIncidentMethod: 'put'
updateIncidentJson: '{"fields":{"summary":{{{case.title}}},"description":{{{case.description}}},"labels":{{{case.tags}}}'
createCommentMethod: 'post',
createCommentUrl: 'https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}/comment',
createCommentJson: '{"body": {{{case.comment}}}}',
secrets:
user: testuser
password: passwordvalue
--
`config`:: Defines information for the connector type.
@ -153,23 +162,15 @@ Use the <<action-settings,action configuration settings>> to customize connector
`password`::: A string that corresponds to *Password*. Required if `hasAuth` is set to `true`.
[float]
[[define-cases-webhook-ui]]
=== Define connector in {stack-manage-app}
[[cases-webhook-action-configuration]]
=== Test connectors
Define {webhook-cm} connector properties:
[role="screenshot"]
image::management/connectors/images/cases-webhook-connector.gif[{webhook-cm} connector]
Test {webhook-cm} action parameters:
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/cases-webhook-test.gif[{webhook-cm} params test]
[float]
[[cases-webhook-action-configuration]]
=== Action configuration
{webhook-cm} actions have the following configuration properties:
Title:: A title for the issue, which is used for searching the contents of the knowledge base.
@ -177,6 +178,12 @@ Description:: The details about the incident.
Labels:: The labels for the incident.
Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
[float]
[[cases-webhook-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings,action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
////
[float]
[[cases-webhook-connector-full-example]]

83
docs/management/connectors/action-types/email.asciidoc
View file

@ -1,6 +1,5 @@
[role="xpack"]
[[email-action-type]]
=== Email connector and action
== Email connector and action
++++
<titleabbrev>Email</titleabbrev>
++++
@ -22,11 +21,21 @@ configuration setting is used, the email addresses used for all of the Sender
configuration setting.
====
[float]
[[define-email-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/email-connector.png[Email connector]
[float]
[[email-connector-configuration]]
==== Connector configuration
Email connectors have the following configuration properties.
Email connectors have the following configuration properties:
Name::
The name of the connector. The name is used to identify a connector in the
@ -87,33 +96,29 @@ Username for login type authentication.
Password::
Password for login type authentication.
[float]
[[email-connector-networking-configuration]]
==== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize
connector networking configurations, such as proxies, certificates, or TLS
settings. You can set configurations that apply to all your connectors or use
`xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[preconfigured-email-configuration]]
==== Preconfigured connector type
=== Create preconfigured connectors
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-email:
name: preconfigured-email-connector-type
actionTypeId: .email
config:
service: other
from: testsender@test.com
host: validhostname
port: 8080
secure: false
secrets:
user: testuser
password: passwordkeystorevalue
xpack.actions.preconfigured:
my-email:
name: preconfigured-email-connector-type
actionTypeId: .email
config:
service: other
from: testsender@test.com
host: validhostname
port: 8080
secure: false
secrets:
user: testuser
password: passwordkeystorevalue
--
Config defines information for the connector type.
@ -169,23 +174,15 @@ A string that corresponds to *Client Secret*. Should be stored in the
`exchange_server`, which uses OAuth 2.0 Client Credentials Authentication.
[float]
[[define-email-ui]]
==== Define connector in {stack-manage-app}
[[email-action-configuration]]
=== Test connectors
Define email connector properties.
[role="screenshot"]
image::management/connectors/images/email-connector.png[Email connector]
Test email action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/email-params-test.png[Email params test]
[float]
[[email-action-configuration]]
==== Action configuration
Email actions have the following configuration properties.
To, CC, BCC::
@ -199,9 +196,19 @@ The subject line of the email.
Message::
The message text of the email. Markdown format is supported.
[float]
[[email-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize
connector networking configurations, such as proxies, certificates, or TLS
settings. You can set configurations that apply to all your connectors or use
`xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-email]]
==== Configuring email accounts for well-known services
=== Configure email accounts for well-known services
The email connector can send email using many popular SMTP email services and
the Microsoft Exchange Graph API.

16
docs/management/connectors/action-types/index.asciidoc
View file

@ -11,14 +11,6 @@ You can create index connectors in {kib} or by using the
If you are running {kib} on-prem, you can also create more preconfigured index
connectors.
[float]
[[index-connector-configuration]]
=== Connector configuration
Index connectors must have a name and an {es} index. You can optionally set the
{ref}/docs-refresh.html[refresh] policy and the time field, which contains the
details about when each alert condition was detected.
[float]
[[define-index-ui]]
=== Create connectors in {kib}
@ -30,6 +22,14 @@ or as needed when you're creating a rule. For example:
image::management/connectors/images/index-connector.png[Index connector]
// NOTE: This is an autogenerated screenshot. Do not edit it directly.
[float]
[[index-connector-configuration]]
==== Connector configuration
Index connectors must have a name and an {es} index. You can optionally set the
{ref}/docs-refresh.html[refresh] policy and the time field, which contains the
details about when each alert condition was detected.
[float]
[[preconfigured-index-configuration]]
=== Create preconfigured connectors

69
docs/management/connectors/action-types/jira.asciidoc
View file

@ -1,17 +1,26 @@
[role="xpack"]
[[jira-action-type]]
=== Jira connector and action
== Jira connector and action
++++
<titleabbrev>Jira</titleabbrev>
++++
The Jira connector uses the https://developer.atlassian.com/cloud/jira/platform/rest/v2/[REST API v2] to create Jira issues.
[float]
[[define-jira-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/jira-connector.png[Jira connector]
[float]
[[jira-connector-configuration]]
==== Connector configuration
Jira connectors have the following configuration properties.
Jira connectors have the following configuration properties:
Name:: The name of the connector.
URL:: Jira instance URL.
@ -20,26 +29,25 @@ Email:: The account email for HTTP Basic authentication.
API token:: Jira API authentication token for HTTP Basic authentication.
[float]
[[jira-connector-networking-configuration]]
==== Connector networking configuration
[[preconfigured-jira-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-jira-configuration]]
==== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-jira:
name: preconfigured-jira-connector-type
actionTypeId: .jira
config:
apiUrl: https://elastic.atlassian.net
projectKey: ES
secrets:
email: testuser
apiToken: tokenkeystorevalue
xpack.actions.preconfigured:
my-jira:
name: preconfigured-jira-connector-type
actionTypeId: .jira
config:
apiUrl: https://elastic.atlassian.net
projectKey: ES
secrets:
email: testuser
apiToken: tokenkeystorevalue
--
Config defines information for the connector type.
@ -53,23 +61,16 @@ Secrets defines sensitive information for the connector type.
`apiToken`:: A string that corresponds to *API Token*. Should be stored in the <<creating-keystore, {kib} keystore>>.
[float]
[[define-jira-ui]]
==== Define connector in {stack-manage-app}
[[jira-action-configuration]]
=== Test connectors
Define Jira connector properties.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/jira-connector.png[Jira connector]
Test Jira action parameters.
[role="screenshot"]
image::management/connectors/images/jira-params-test.png[Jira params test]
[float]
[[jira-action-configuration]]
==== Action configuration
Jira actions have the following configuration properties.
Issue type:: The type of the issue.
@ -80,8 +81,14 @@ Description:: The details about the incident.
Parent:: The ID or key of the parent issue. Only for `Subtask` issue types.
Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
[float]
[[jira-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-jira]]
==== Configure Jira
=== Configure Jira
Jira offers free https://www.atlassian.com/software/jira/free[Instances], which you can use to test incidents.

75
docs/management/connectors/action-types/opsgenie.asciidoc
View file

@ -1,17 +1,26 @@
[role="xpack"]
[[opsgenie-action-type]]
=== Opsgenie connector and action
== Opsgenie connector and action
++++
<titleabbrev>Opsgenie</titleabbrev>
++++
The Opsgenie connector uses the https://docs.opsgenie.com/docs/alert-api[Opsgenie alert API].
[float]
[[define-opsgenie-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/opsgenie-connector.png[Opsgenie connector]
[float]
[[opsgenie-connector-configuration]]
==== Connector configuration
Opsgenie connectors have the following configuration properties.
Opsgenie connectors have the following configuration properties:
Name:: The name of the connector. The name is used to identify a connector in the management UI connector listing, or in the connector list when configuring an action.
URL:: The Opsgenie URL. For example, https://api.opsgenie.com or https://api.eu.opsgenie.com.
@ -20,24 +29,23 @@ NOTE: If you are using the <<action-settings, `xpack.actions.allowedHosts`>> set
API Key:: The Opsgenie API authentication key for HTTP Basic authentication. For more details about generating Opsgenie API keys, refer to https://support.atlassian.com/opsgenie/docs/create-a-default-api-integration/[Opsgenie documentation].
[float]
[[opgenie-connector-networking-configuration]]
==== Connector networking configuration
[[preconfigured-opsgenie-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-opsgenie-configuration]]
==== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-opsgenie:
name: preconfigured-opsgenie-connector-type
actionTypeId: .opsgenie
config:
apiUrl: https://api.opsgenie.com
secrets:
apiKey: apikey
xpack.actions.preconfigured:
my-opsgenie:
name: preconfigured-opsgenie-connector-type
actionTypeId: .opsgenie
config:
apiUrl: https://api.opsgenie.com
secrets:
apiKey: apikey
--
Config defines information for the connector type.
@ -49,23 +57,15 @@ Secrets defines sensitive information for the connector type.
`apiKey`:: A string that corresponds to *API Key*.
[float]
[[define-opsgenie-ui]]
==== Define connector in {stack-manage-app}
[[opsgenie-action-configuration]]
=== Test connectors
Define Opsgenie connector properties.
[role="screenshot"]
image::management/connectors/images/opsgenie-connector.png[Opsgenie connector]
Test Opsgenie action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/opsgenie-params-test.png[Opsgenie params test]
[float]
[[opsgenie-action-configuration]]
==== Action configuration
The Opsgenie connector supports two types of actions: Create alert and Close alert. The properties supported for each action are different because Opsgenie defines different properties for each operation.
When testing the Opsgenie connector, choose the appropriate action from the selector. Each action has different properties that can be configured.
@ -74,13 +74,13 @@ Action:: Select *Create alert* to configure the actions that occur when a rule's
[float]
[[opsgenie-action-create-alert-configuration]]
===== Configure the create alert action
==== Configure the create alert action
You can configure the create alert action through the form view or using a JSON editor.
[float]
[[opsgenie-action-create-alert-form-configuration]]
====== Form view
===== Form view
The create alert action form has the following configuration properties.
@ -96,7 +96,7 @@ Note:: Additional information for the alert (optional).
[float]
[[opsgenie-action-create-alert-json-configuration]]
====== JSON editor
===== JSON editor
A JSON editor is provided as an alternative to the form view and supports additional fields not shown in the form view. The JSON editor supports all of the forms configuration properties but as lowercase keys as https://docs.opsgenie.com/docs/alert-api#create-alert[described in the Opsgenie API documentation]. The JSON editor supports the following additional properties:
@ -141,7 +141,7 @@ Example JSON editor contents
[float]
[[opsgenie-action-close-alert-configuration]]
===== Close alert configuration
==== Close alert configuration
The close alert action has the following configuration properties.
@ -150,9 +150,16 @@ Note:: Additional information for the alert (optional).
Source:: The display name of the source (optional).
User:: The display name of the owner (optional).
[float]
[[opgenie-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-opsgenie]]
==== Configure an Opsgenie account
=== Configure an Opsgenie account
After obtaining an Opsgenie instance, configure the API integration. For details, refer to the https://support.atlassian.com/opsgenie/docs/create-a-default-api-integration/[Opsgenie documentation].

75
docs/management/connectors/action-types/pagerduty.asciidoc
View file

@ -1,41 +1,49 @@
[role="xpack"]
[[pagerduty-action-type]]
=== PagerDuty connector and action
== PagerDuty connector and action
++++
<titleabbrev>PagerDuty</titleabbrev>
++++
The PagerDuty connector uses the https://v2.developer.pagerduty.com/docs/events-api-v2[v2 Events API] to trigger, acknowledge, and resolve PagerDuty alerts.
[float]
[[define-pagerduty-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/pagerduty-connector.png[PagerDuty connector]
[float]
[[pagerduty-connector-configuration]]
==== Connector configuration
PagerDuty connectors have the following configuration properties.
PagerDuty connectors have the following configuration properties:
Name:: The name of the connector. The name is used to identify a connector in the management UI connector listing, or in the connector list when configuring an action.
API URL:: An optional PagerDuty event URL. Defaults to `https://events.pagerduty.com/v2/enqueue`. If you are using the <<action-settings, `xpack.actions.allowedHosts`>> setting, make sure the hostname is added to the allowed hosts.
Integration Key:: A 32 character PagerDuty Integration Key for an integration on a service, also referred to as the routing key.
[float]
[[pagerduty-connector-networking-configuration]]
==== Connector networking configuration
[[preconfigured-pagerduty-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-pagerduty-configuration]]
==== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-pagerduty:
name: preconfigured-pagerduty-connector-type
actionTypeId: .pagerduty
config:
apiUrl: https://test.host
secrets:
routingKey: testroutingkey
xpack.actions.preconfigured:
my-pagerduty:
name: preconfigured-pagerduty-connector-type
actionTypeId: .pagerduty
config:
apiUrl: https://test.host
secrets:
routingKey: testroutingkey
--
Config defines information for the connector type.
@ -47,23 +55,15 @@ Secrets defines sensitive information for the connector type.
`routingKey`:: A string that corresponds to *Integration Key*.
[float]
[[define-pagerduty-ui]]
==== Define connector in {stack-manage-app}
[[pagerduty-action-configuration]]
=== Test connectors
Define PagerDuty connector properties.
[role="screenshot"]
image::management/connectors/images/pagerduty-connector.png[PagerDuty connector]
Test PagerDuty action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/pagerduty-params-test.png[PagerDuty params test]
[float]
[[pagerduty-action-configuration]]
==== Action configuration
PagerDuty actions have the following properties.
Severity:: The perceived severity of on the affected system. This can be one of `Critical`, `Error`, `Warning` or `Info`(default).
@ -78,9 +78,16 @@ Class:: An *optional* value indicating the class/type of the event, for
For more details on these properties, see https://v2.developer.pagerduty.com/v2/docs/send-an-event-events-api-v2[PagerDuty v2 event parameters].
[float]
[[pagerduty-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[pagerduty-benefits]]
==== Configure PagerDuty
=== Configure PagerDuty
By integrating PagerDuty with rules, you can:
@ -90,14 +97,14 @@ By integrating PagerDuty with rules, you can:
[float]
[[pagerduty-support]]
==== Support
=== Support
If you need help with this integration, get in touch with the {kib} team by visiting
https://support.elastic.co[support.elastic.co] or by using the *Ask Elastic* option in the {kib} Help menu.
You can also select the {kib} category at https://discuss.elastic.co/[discuss.elastic.co].
[float]
[[pagerduty-integration-walkthrough]]
==== Integration with PagerDuty walkthrough
=== Integration with PagerDuty walkthrough
[[pagerduty-in-pagerduty]]
*In PagerDuty*
@ -145,8 +152,8 @@ See <<pagerduty-in-pagerduty,In PagerDuty>> for how to obtain the endpoint and k
. Set up an action using your PagerDuty connector, by determining:
+
* The actions type: Trigger, Resolve, or Acknowledge.
* The events severity: Info, warning, error, or critical.
* The action's type: Trigger, Resolve, or Acknowledge.
* The event's severity: Info, warning, error, or critical.
* An array of different fields, including the timestamp, group, class, component, and your dedup key. By default, the dedup is configured to create a new PagerDuty incident for each alert and reuse the incident when a recovered alert reactivates.
Depending on your custom needs, assign them variables from the rule context.
To see the available context variables, click on the *Add variable* icon next

69
docs/management/connectors/action-types/resilient.asciidoc
View file

@ -1,17 +1,26 @@
[role="xpack"]
[[resilient-action-type]]
=== IBM Resilient connector and action
== IBM Resilient connector and action
++++
<titleabbrev>IBM Resilient</titleabbrev>
++++
The IBM Resilient connector uses the https://developer.ibm.com/security/resilient/rest/[RESILIENT REST v2] to create IBM Resilient incidents.
[float]
[[define-resilient-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/resilient-connector.png[IBM Resilient connector]
[float]
[[resilient-connector-configuration]]
==== Connector configuration
IBM Resilient connectors have the following configuration properties.
IBM Resilient connectors have the following configuration properties:
Name:: The name of the connector.
URL:: IBM Resilient instance URL.
@ -20,26 +29,25 @@ API key ID:: The authentication key ID for HTTP Basic authentication.
API key secret:: The authentication key secret for HTTP Basic authentication.
[float]
[[resilient-connector-networking-configuration]]
==== Connector networking configuration
[[preconfigured-resilient-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-resilient-configuration]]
==== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-resilient:
name: preconfigured-resilient-connector-type
actionTypeId: .resilient
config:
apiUrl: https://elastic.resilient.net
orgId: ES
secrets:
apiKeyId: testuser
apiKeySecret: tokenkeystorevalue
xpack.actions.preconfigured:
my-resilient:
name: preconfigured-resilient-connector-type
actionTypeId: .resilient
config:
apiUrl: https://elastic.resilient.net
orgId: ES
secrets:
apiKeyId: testuser
apiKeySecret: tokenkeystorevalue
--
Config defines information for the connector type.
@ -53,22 +61,15 @@ Secrets defines sensitive information for the connector type.
`apiKeySecret`:: A string that corresponds to *API Key secret*. Should be stored in the <<creating-keystore, {kib} keystore>>.
[float]
[[define-resilient-ui]]
==== Define connector in {stack-manage-app}
[[resilient-action-configuration]]
=== Test connectors
Define IBM Resilient connector properties.
[role="screenshot"]
image::management/connectors/images/resilient-connector.png[IBM Resilient connector]
Test IBM Resilient action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/resilient-params-test.png[IBM Resilient params test]
[float]
[[resilient-action-configuration]]
==== Action configuration
IBM Resilient actions have the following configuration properties.
@ -78,8 +79,14 @@ Name:: A name for the issue, used for searching the contents of the knowledge ba
Description:: The details about the incident.
Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
[float]
[[resilient-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-resilient]]
==== Configure IBM Resilient
=== Configure IBM Resilient
IBM Resilient offers https://www.ibm.com/security/intelligent-orchestration/resilient[Instances], which you can use to test incidents.

12
docs/management/connectors/action-types/server-log.asciidoc
View file

@ -10,12 +10,6 @@ You can create a server log connectors in {kib} or by using the
<<create-connector-api,create connector API>>. If you are running {kib}
on-prem, you can also create preconfigured server log connectors.
[float]
[[server-log-connector-configuration]]
=== Connector configuration
Server log connectors do not have any configuration properties other than a name.
[float]
[[define-serverlog-ui]]
=== Create connectors in {kib}
@ -27,6 +21,12 @@ or as needed when you're creating a rule. For example:
image::management/connectors/images/serverlog-connector.png[Server log connector]
// NOTE: This is an autogenerated screenshot. Do not edit it directly.
[float]
[[server-log-connector-configuration]]
==== Connector configuration
Server log connectors do not have any configuration properties other than a name.
[float]
[[preconfigured-server-log-configuration]]
=== Create preconfigured connectors

73
docs/management/connectors/action-types/servicenow-itom.asciidoc
View file

@ -49,10 +49,23 @@ include::servicenow.asciidoc[tag=servicenow-certificate]
include::servicenow.asciidoc[tag=servicenow-endpoint]
[float]
[[servicenow-itom-connector-configuration]]
=== Connector configuration
[[define-servicenow-itom-ui]]
=== Create connectors in {kib}
{sn-itom} connectors have the following configuration properties.
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. You must choose whether to use OAuth for authentication.
[role="screenshot"]
image::management/connectors/images/servicenow-itom-connector-basic.png[{sn-itom} connector using basic auth]
[role="screenshot"]
image::management/connectors/images/servicenow-itom-connector-oauth.png[{sn-itom} connector using OAuth]
[float]
[[servicenow-itom-connector-configuration]]
==== Connector configuration
{sn-itom} connectors have the following configuration properties:
Name:: The name of the connector.
Is OAuth:: The type of authentication to use.
@ -67,26 +80,25 @@ Private Key:: The RSA private key generated during setup.
Private Key Password:: The password for the RSA private key generated during setup, if set.
[float]
[[servicenow-itom-connector-networking-configuration]]
=== Connector networking configuration
[[preconfigured-servicenow-itom-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-servicenow-itom-configuration]]
=== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
Connector using Basic Authentication
[source,text]
--
my-servicenow-itom:
name: preconfigured-servicenow-connector-type
actionTypeId: .servicenow-itom
config:
apiUrl: https://example.service-now.com/
secrets:
username: testuser
password: passwordkeystorevalue
xpack.actions.preconfigured:
my-servicenow-itom:
name: preconfigured-servicenow-connector-type
actionTypeId: .servicenow-itom
config:
apiUrl: https://example.service-now.com/
secrets:
username: testuser
password: passwordkeystorevalue
--
Connector using OAuth
@ -124,26 +136,15 @@ Secrets defines sensitive information for the connector type.
`privateKeyPassword`:: A string that corresponds to *Private Key Password*.
[float]
[[define-servicenow-itom-ui]]
=== Define connector in {stack-manage-app}
[[servicenow-itom-action-configuration]]
=== Test connectors
Define {sn-itom} connector properties. Choose whether to use OAuth for authentication.
[role="screenshot"]
image::management/connectors/images/servicenow-itom-connector-basic.png[{sn-itom} connector using basic auth]
[role="screenshot"]
image::management/connectors/images/servicenow-itom-connector-oauth.png[{sn-itom} connector using OAuth]
Test {sn-itom} action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/servicenow-itom-params-test.png[{sn-itom} params test]
[float]
[[servicenow-itom-action-configuration]]
=== Action configuration
{sn-itom} actions have the following configuration properties.
Source:: The name of the event source type.
@ -158,6 +159,12 @@ Description:: The details about the event.
Refer to https://docs.servicenow.com/bundle/rome-it-operations-management/page/product/event-management/task/send-events-via-web-service.html[{sn} documentation] for more information about the properties.
[float]
[[servicenow-itom-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-servicenow-itom]]
=== Configure {sn-itom}

102
docs/management/connectors/action-types/servicenow-sir.asciidoc
View file

@ -92,10 +92,23 @@ To update a deprecated connector:
. Click *Update*.
[float]
[[servicenow-sir-connector-configuration]]
=== Connector configuration
[[define-servicenow-sir-ui]]
=== Create connectors in {kib}
{sn-sir} connectors have the following configuration properties.
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. You must choose whether to use OAuth for authentication.
[role="screenshot"]
image::management/connectors/images/servicenow-sir-connector-basic.png[{sn-sir} connector using basic auth]
[role="screenshot"]
image::management/connectors/images/servicenow-sir-connector-oauth.png[{sn-sir} connector using OAuth]
[float]
[[servicenow-sir-connector-configuration]]
==== Connector configuration
{sn-sir} connectors have the following configuration properties:
Name:: The name of the connector.
Is OAuth:: The type of authentication to use.
@ -110,45 +123,45 @@ Private Key:: The RSA private key generated during setup.
Private Key Password:: The password for the RSA private key generated during setup, if set.
[float]
[[servicenow-sir-connector-networking-configuration]]
=== Connector networking configuration
[[preconfigured-servicenow-sir-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-servicenow-sir-configuration]]
=== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
Connector using Basic Authentication
[source,text]
--
my-servicenow-sir:
name: preconfigured-servicenow-connector-type
actionTypeId: .servicenow-sir
config:
apiUrl: https://example.service-now.com/
usesTableApi: false
secrets:
username: testuser
password: passwordkeystorevalue
xpack.actions.preconfigured:
my-servicenow-sir:
name: preconfigured-servicenow-connector-type
actionTypeId: .servicenow-sir
config:
apiUrl: https://example.service-now.com/
usesTableApi: false
secrets:
username: testuser
password: passwordkeystorevalue
--
Connector using OAuth
[source,text]
--
my-servicenow:
name: preconfigured-oauth-servicenow-connector-type
actionTypeId: .servicenow-sir
config:
apiUrl: https://example.service-now.com/
usesTableApi: false
isOAuth: true
userIdentifierValue: testuser@email.com
clientId: abcdefghijklmnopqrstuvwxyzabcdef
jwtKeyId: fedcbazyxwvutsrqponmlkjihgfedcba
secrets:
clientSecret: secretsecret
privateKey: -----BEGIN RSA PRIVATE KEY-----\nprivatekeyhere\n-----END RSA PRIVATE KEY-----
xpack.actions.preconfigured:
my-servicenow:
name: preconfigured-oauth-servicenow-connector-type
actionTypeId: .servicenow-sir
config:
apiUrl: https://example.service-now.com/
usesTableApi: false
isOAuth: true
userIdentifierValue: testuser@email.com
clientId: abcdefghijklmnopqrstuvwxyzabcdef
jwtKeyId: fedcbazyxwvutsrqponmlkjihgfedcba
secrets:
clientSecret: secretsecret
privateKey: -----BEGIN RSA PRIVATE KEY-----\nprivatekeyhere\n-----END RSA PRIVATE KEY-----
--
Config defines information for the connector type.
@ -172,26 +185,15 @@ Secrets defines sensitive information for the connector type.
`privateKeyPassword`:: A string that corresponds to *Private Key Password*.
[float]
[[define-servicenow-sir-ui]]
=== Define connector in {stack-manage-app}
[[servicenow-sir-action-configuration]]
=== Test connectors
Define {sn} SecOps connector properties. Choose whether to use OAuth for authentication.
[role="screenshot"]
image::management/connectors/images/servicenow-sir-connector-basic.png[{sn-sir} connector using basic auth]
[role="screenshot"]
image::management/connectors/images/servicenow-sir-connector-oauth.png[{sn-sir} connector using OAuth]
Test {sn-sir} action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/servicenow-sir-params-test.png[{sn-sir} params test]
[float]
[[servicenow-sir-action-configuration]]
=== Action configuration
{sn-sir} actions have the following configuration properties.
Short description:: A short description for the incident, used for searching the contents of the knowledge base.
@ -206,6 +208,12 @@ Correlation Display:: A descriptive label of the alert for correlation purposes
Description:: The details about the incident.
Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
[float]
[[servicenow-sir-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-servicenow-sir]]
=== Configure {sn-sir}

101
docs/management/connectors/action-types/servicenow.asciidoc
View file

@ -176,10 +176,23 @@ To update a deprecated connector:
. Click *Update*.
[float]
[[servicenow-connector-configuration]]
=== Connector configuration
[[define-servicenow-ui]]
=== Create connectors in {kib}
{sn-itsm} connectors have the following configuration properties.
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. You must choose whether to use OAuth for authentication.
[role="screenshot"]
image::management/connectors/images/servicenow-connector-basic.png[ServiceNow connector using basic auth]
[role="screenshot"]
image::management/connectors/images/servicenow-connector-oauth.png[ServiceNow connector using OAuth]
[float]
[[servicenow-connector-configuration]]
==== Connector configuration
{sn-itsm} connectors have the following configuration properties:
Name:: The name of the connector.
Is OAuth:: The type of authentication to use.
@ -194,45 +207,45 @@ Private Key:: The RSA private key generated during setup.
Private Key Password:: The password for the RSA private key generated during setup, if set.
[float]
[[servicenow-connector-networking-configuration]]
=== Connector networking configuration
[[preconfigured-servicenow-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-servicenow-configuration]]
=== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
Connector using Basic Authentication
[source,text]
--
my-servicenow:
name: preconfigured-servicenow-connector-type
actionTypeId: .servicenow
config:
apiUrl: https://example.service-now.com/
usesTableApi: false
secrets:
username: testuser
password: passwordkeystorevalue
xpack.actions.preconfigured:
my-servicenow:
name: preconfigured-servicenow-connector-type
actionTypeId: .servicenow
config:
apiUrl: https://example.service-now.com/
usesTableApi: false
secrets:
username: testuser
password: passwordkeystorevalue
--
Connector using OAuth
[source,text]
--
my-servicenow:
name: preconfigured-oauth-servicenow-connector-type
actionTypeId: .servicenow
config:
apiUrl: https://example.service-now.com/
usesTableApi: false
isOAuth: true
userIdentifierValue: testuser@email.com
clientId: abcdefghijklmnopqrstuvwxyzabcdef
jwtKeyId: fedcbazyxwvutsrqponmlkjihgfedcba
secrets:
clientSecret: secretsecret
privateKey: -----BEGIN RSA PRIVATE KEY-----\nprivatekeyhere\n-----END RSA PRIVATE KEY-----
xpack.actions.preconfigured:
my-servicenow:
name: preconfigured-oauth-servicenow-connector-type
actionTypeId: .servicenow
config:
apiUrl: https://example.service-now.com/
usesTableApi: false
isOAuth: true
userIdentifierValue: testuser@email.com
clientId: abcdefghijklmnopqrstuvwxyzabcdef
jwtKeyId: fedcbazyxwvutsrqponmlkjihgfedcba
secrets:
clientSecret: secretsecret
privateKey: -----BEGIN RSA PRIVATE KEY-----\nprivatekeyhere\n-----END RSA PRIVATE KEY-----
--
Config defines information for the connector type.
@ -256,25 +269,15 @@ Secrets defines sensitive information for the connector type.
`privateKeyPassword`:: A string that corresponds to *Private Key Password*.
[float]
[[define-servicenow-ui]]
=== Define connector in {stack-manage-app}
[[servicenow-action-configuration]]
=== Test connectors
Define {sn-itsm} connector properties. Choose whether to use OAuth for authentication.
[role="screenshot"]
image::management/connectors/images/servicenow-connector-basic.png[ServiceNow connector using basic auth]
[role="screenshot"]
image::management/connectors/images/servicenow-connector-oauth.png[ServiceNow connector using OAuth]
Test {sn-itsm} action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/servicenow-params-test.png[ServiceNow params test]
[float]
[[servicenow-action-configuration]]
=== Action configuration
{sn-itsm} actions have the following configuration properties.
@ -292,6 +295,12 @@ Short description:: A short description for the incident, used for searching
Description:: The details about the incident.
Additional comments:: Additional information for the client, such as how to troubleshoot the issue.
[float]
[[servicenow-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-servicenow]]
=== Configure {sn}

62
docs/management/connectors/action-types/slack.asciidoc
View file

@ -1,38 +1,46 @@
[role="xpack"]
[[slack-action-type]]
=== Slack connector and action
== Slack connector and action
++++
<titleabbrev>Slack</titleabbrev>
++++
The Slack connector uses https://api.slack.com/incoming-webhooks[Slack Incoming Webhooks].
[float]
[[define-slack-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/slack-connector.png[Slack connector]
[float]
[[slack-connector-configuration]]
==== Connector configuration
Slack connectors have the following configuration properties.
Slack connectors have the following configuration properties:
Name:: The name of the connector.
Webhook URL:: The URL of the incoming webhook. See https://api.slack.com/messaging/webhooks#getting_started[Slack Incoming Webhooks] for instructions on generating this URL. If you are using the <<action-settings, `xpack.actions.allowedHosts`>> setting, make sure the hostname is added to the allowed hosts.
[float]
[[slack-connector-networking-configuration]]
==== Connector networking configuration
[[preconfigured-slack-configuration]]
=== Create preconfigured connectors
Use the <<action-settings,Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-slack-configuration]]
==== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-slack:
name: preconfigured-slack-connector-type
actionTypeId: .slack
secrets:
webhookUrl: 'https://hooks.slack.com/services/abcd/efgh/ijklmnopqrstuvwxyz'
xpack.actions.preconfigured:
my-slack:
name: preconfigured-slack-connector-type
actionTypeId: .slack
secrets:
webhookUrl: 'https://hooks.slack.com/services/abcd/efgh/ijklmnopqrstuvwxyz'
--
Secrets defines sensitive information for the connector type.
@ -40,27 +48,25 @@ Secrets defines sensitive information for the connector type.
`webhookUrl`:: A string that corresponds to *Webhook URL*.
[float]
[[define-slack-ui]]
==== Define connector in {stack-manage-app}
[[slack-action-configuration]]
=== Test connectors
Define Slack connector properties.
[role="screenshot"]
image::management/connectors/images/slack-connector.png[Slack connector]
Test Slack action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/slack-params-test.png[Slack params test]
[float]
[[slack-action-configuration]]
==== Action configuration
Slack actions have the following properties.
Slack actions have the following properties:
Message:: The message text, converted to the `text` field in the Webhook JSON payload. Currently only the text field is supported. Markdown, images, and other advanced formatting are not yet supported.
[float]
[[slack-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings,Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-slack]]
==== Configure a Slack account

129
docs/management/connectors/action-types/swimlane.asciidoc
View file

@ -1,73 +1,88 @@
[role="xpack"]
[[swimlane-action-type]]
=== Swimlane connector and action
== Swimlane connector and action
++++
<titleabbrev>Swimlane</titleabbrev>
++++
The Swimlane connector uses the https://swimlane.com/knowledge-center/docs/developer-guide/rest-api/[Swimlane REST API] to create Swimlane records.
[float]
[[define-swimlane-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/swimlane-connector.png[Swimlane connector]
[float]
[[swimlane-connector-configuration]]
==== Connector configuration
Swimlane connectors have the following configuration properties.
Swimlane connectors have the following configuration properties:
Name:: The name of the connector.
URL:: Swimlane instance URL.
Application ID:: Swimlane application ID.
API token:: Swimlane API authentication token for HTTP Basic authentication.
[float]
[[Preconfigured-swimlane-configuration]]
==== Preconfigured connector type
[[preconfigured-swimlane-configuration]]
=== Create preconfigured connectors
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-swimlane:
name: preconfigured-swimlane-connector-type
actionTypeId: .swimlane
config:
apiUrl: https://elastic.swimlaneurl.us
appId: app-id
mappings:
alertIdConfig:
fieldType: text
id: agp4s
key: alert-id
name: Alert ID
caseIdConfig:
fieldType: text
id: ae1mi
key: case-id
name: Case ID
caseNameConfig:
fieldType: text
id: anxnr
key: case-name
name: Case Name
commentsConfig:
fieldType: comments
id: au18d
key: comments
name: Comments
descriptionConfig:
fieldType: text
id: ae1gd
key: description
name: Description
ruleNameConfig:
fieldType: text
id: avfsl
key: rule-name
name: Rule Name
severityConfig:
fieldType: text
id: a71ik
key: severity
name: severity
secrets:
apiToken: tokenkeystorevalue
xpack.actions.preconfigured:
my-swimlane:
name: preconfigured-swimlane-connector-type
actionTypeId: .swimlane
config:
apiUrl: https://elastic.swimlaneurl.us
appId: app-id
mappings:
alertIdConfig:
fieldType: text
id: agp4s
key: alert-id
name: Alert ID
caseIdConfig:
fieldType: text
id: ae1mi
key: case-id
name: Case ID
caseNameConfig:
fieldType: text
id: anxnr
key: case-name
name: Case Name
commentsConfig:
fieldType: comments
id: au18d
key: comments
name: Comments
descriptionConfig:
fieldType: text
id: ae1gd
key: description
name: Description
ruleNameConfig:
fieldType: text
id: avfsl
key: rule-name
name: Rule Name
severityConfig:
fieldType: text
id: a71ik
key: severity
name: severity
secrets:
apiToken: tokenkeystorevalue
--
Config defines information for the connector type.
@ -80,23 +95,15 @@ Secrets defines sensitive information for the connector type.
`apiToken`:: A string that corresponds to *API Token*. Should be stored in the <<creating-keystore, {kib} keystore>>.
[float]
[[define-swimlane-ui]]
==== Define connector in {stack-manage-app}
[[swimlane-action-configuration]]
=== Test connectors
Define Swimlane connector properties.
[role="screenshot"]
image::management/connectors/images/swimlane-connector.png[Swimlane connector]
Test Swimlane action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/swimlane-params-test.png[Swimlane params test]
[float]
[[swimlane-action-configuration]]
==== Action configuration
Swimlane actions have the following configuration properties.
Comments:: Additional information for the client, such as how to troubleshoot the issue.

62
docs/management/connectors/action-types/teams.asciidoc
View file

@ -1,38 +1,46 @@
[role="xpack"]
[[teams-action-type]]
=== Microsoft Teams connector and action
== Microsoft Teams connector and action
++++
<titleabbrev>Microsoft Teams</titleabbrev>
++++
The Microsoft Teams connector uses https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook[Incoming Webhooks].
[float]
[[define-teams-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/teams-connector.png[Teams connector]
[float]
[[teams-connector-configuration]]
==== Connector configuration
Microsoft Teams connectors have the following configuration properties.
Microsoft Teams connectors have the following configuration properties:
Name:: The name of the connector.
Webhook URL:: The URL of the incoming webhook. See https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook#add-an-incoming-webhook-to-a-teams-channel[Add Incoming Webhooks] for instructions on generating this URL. If you are using the <<action-settings, `xpack.actions.allowedHosts`>> setting, make sure the hostname is added to the allowed hosts.
[float]
[[teams-connector-networking-configuration]]
==== Connector networking configuration
[[preconfigured-teams-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-teams-configuration]]
==== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-teams:
name: preconfigured-teams-connector-type
actionTypeId: .teams
secrets:
webhookUrl: 'https://outlook.office.com/webhook/abcd@0123456/IncomingWebhook/abcdefgh/ijklmnopqrstuvwxyz'
xpack.actions.preconfigured:
my-teams:
name: preconfigured-teams-connector-type
actionTypeId: .teams
secrets:
webhookUrl: 'https://outlook.office.com/webhook/abcd@0123456/IncomingWebhook/abcdefgh/ijklmnopqrstuvwxyz'
--
Secrets defines sensitive information for the connector type.
@ -40,30 +48,28 @@ Secrets defines sensitive information for the connector type.
`webhookUrl`:: A string that corresponds to *Webhook URL*.
[float]
[[define-teams-ui]]
==== Define connector in {stack-manage-app}
[[teams-action-configuration]]
=== Test connectors
Define Teams connector properties.
[role="screenshot"]
image::management/connectors/images/teams-connector.png[Teams connector]
Test Teams action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/teams-params-test.png[Teams params test]
[float]
[[teams-action-configuration]]
==== Action configuration
Microsoft Teams actions have the following properties.
Message:: The message text, converted to the `text` field in the Webhook JSON payload. Currently only the text field is supported. Markdown, images, and other advanced formatting are not yet supported.
[float]
[[teams-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[configuring-teams]]
==== Configure a Microsoft Teams account
=== Configure a Microsoft Teams account
You need a https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook[Microsoft Teams webhook URL] to
configure a Microsoft Teams action. To create a webhook

61
docs/management/connectors/action-types/tines.asciidoc
View file

@ -1,4 +1,3 @@
[role="xpack"]
[[tines-action-type]]
== Tines connector
++++
@ -8,32 +7,45 @@
The Tines connector uses Tines's https://www.tines.com/docs/actions/types/webhook[Webhook actions] to send events via POST request.
[float]
[[tines-connector-configuration]]
=== Connector configuration
[[define-tines-ui]]
=== Create connectors in {kib}
Tines connectors have the following configuration properties.
URL:: The Tines tenant URL. If you are using the <<action-settings,`xpack.actions.allowedHosts`>> setting, make sure the hostname is added to the allowed hosts.
Email:: The email used to sign in to Tines.
API Token:: A Tines API token created by the user. For more information, refer to the https://www.tines.com/api/authentication#generate-api-token[Tines documentation].
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/tines-connector.png[Tines connector]
[float]
[[Preconfigured-tines-configuration]]
==== Preconfigured connector type
[[tines-connector-configuration]]
==== Connector configuration
Tines connectors have the following configuration properties:
URL:: The Tines tenant URL. If you are using the <<action-settings,`xpack.actions.allowedHosts`>> setting, make sure the hostname is added to the allowed hosts.
Email:: The email used to sign in to Tines.
API Token:: A Tines API token created by the user. For more information, refer to the https://www.tines.com/api/authentication#generate-api-token[Tines documentation].
[float]
[[preconfigured-tines-configuration]]
=== Create preconfigured connectors
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-tines:
name: preconfigured-tines-connector-type
actionTypeId: .tines
config:
url: https://some-tenant-2345.tines.com
secrets:
email: some.address@test.com
token: ausergeneratedapitoken
xpack.actions.preconfigured:
my-tines:
name: preconfigured-tines-connector-type
actionTypeId: .tines
config:
url: https://some-tenant-2345.tines.com
secrets:
email: some.address@test.com
token: ausergeneratedapitoken
--
Config defines information for the connector type.
@ -47,22 +59,19 @@ Secrets defines sensitive information for the connector type.
[float]
[[tines-action-parameters]]
=== Action parameters
=== Test connectors
Tines action have the following parameters.
Tines actions have the following parameters.
Story:: The Story to send the events to.
Webhook:: The Webhook action from the previous story that will receive the events, it is the data entry point.
Test Tines action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/tines-params-test.png[Tines params test]
[float]
[[tines-action-format]]
=== Actions
Once the Tines connector has been configured in an alerting rule:
[role="screenshot"]
@ -94,6 +103,8 @@ image::management/connectors/images/tines_elastic_stories.png[Tines Elastic stor
They can be imported directly into your Tines tenant.
[float]
[[tines-format]]
=== Format
Tines connector will send the data in JSON format.

58
docs/management/connectors/action-types/torq.asciidoc
View file

@ -1,16 +1,25 @@
[role="xpack"]
[[torq-action-type]]
=== Torq connector and action
== Torq connector and action
++++
<titleabbrev>Torq</titleabbrev>
++++
The Torq connector uses a Torq webhook to trigger workflows with Kibana actions.
[float]
[[define-torq-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/torq-configured-connector.png[configured Torq connector]
[float]
[[torq-connector-configuration]]
==== Connector configuration
Torq connectors have the following configuration properties.
Torq connectors have the following configuration properties:
Name:: The name of the connector. The name is used to identify a connector in the Stack Management UI connector listing, and in the connector list when configuring an action.
@ -19,18 +28,23 @@ Torq endpoint URL:: Endpoint URL (webhook) of the Elastic Security integration y
Torq authentication header secret:: Secret of the webhook authentication header.
[float]
[[Preconfigured-torq-configuration]]
==== Preconfigured connector type
[[preconfigured-torq-configuration]]
=== Create preconfigured connectors
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,yaml]
--
my-torq:
name: preconfigured-torq-connector-type
actionTypeId: .torq
config:
webhookIntegrationUrl: https://hooks.torq.io/v1/somehook
secrets:
token: mytorqtoken
xpack.actions.preconfigured:
my-torq:
name: preconfigured-torq-connector-type
actionTypeId: .torq
config:
webhookIntegrationUrl: https://hooks.torq.io/v1/somehook
secrets:
token: mytorqtoken
--
Config defines information for the connector type.
@ -42,24 +56,16 @@ Secrets defines sensitive information for the connector type.
`token`:: A string that corresponds to **Torq authentication header secret**.
[float]
[[define-torq-ui]]
==== Define connector in Stack Management
[[torq-action-configuration]]
=== Test connectors
Define Torq connector properties.
[role="screenshot"]
image::management/connectors/images/torq-configured-connector.png[configured Torq connector]
Test Torq action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/torq-connector-test.png[Torq connector test]
[float]
[[torq-action-configuration]]
==== Action configuration
Torq actions have the following configuration properties.
Torq actions have the following configuration properties.
Body:: JSON payload to send to Torq.
Body:: JSON payload to send to Torq.

72
docs/management/connectors/action-types/webhook.asciidoc
View file

@ -1,17 +1,26 @@
[role="xpack"]
[[webhook-action-type]]
=== Webhook connector and action
== Webhook connector and action
++++
<titleabbrev>Webhook</titleabbrev>
++++
The Webhook connector uses https://github.com/axios/axios[axios] to send a POST or PUT request to a web service.
[float]
[[define-webhook-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:
[role="screenshot"]
image::management/connectors/images/webhook-connector.png[Webhook connector]
[float]
[[webhook-connector-configuration]]
==== Connector configuration
Webhook connectors have the following configuration properties.
Webhook connectors have the following configuration properties:
Name:: The name of the connector.
URL:: The request URL. If you are using the <<action-settings, `xpack.actions.allowedHosts`>> setting, make sure the hostname is added to the allowed hosts.
@ -22,28 +31,27 @@ Username:: Username for HTTP basic authentication.
Password:: Password for HTTP basic authentication.
[float]
[[webhook-connector-networking-configuration]]
==== Connector networking configuration
[[preconfigured-webhook-configuration]]
=== Create preconfigured connectors
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-webhook-configuration]]
==== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
[source,text]
--
my-webhook:
name: preconfigured-webhook-connector-type
actionTypeId: .webhook
config:
url: https://test.host
method: post
headers:
testheader: testvalue
secrets:
user: testuser
password: passwordkeystorevalue
xpack.actions.preconfigured:
my-webhook:
name: preconfigured-webhook-connector-type
actionTypeId: .webhook
config:
url: https://test.host
method: post
headers:
testheader: testvalue
secrets:
user: testuser
password: passwordkeystorevalue
--
Config defines information for the connector type.
@ -59,23 +67,15 @@ Secrets defines sensitive information for the connector type.
`password`:: A string that corresponds to *Password*. Should be stored in the <<creating-keystore, {kib} keystore>>. Required if `hasAuth` is set to `true`.
[float]
[[define-webhook-ui]]
==== Define connector in {stack-manage-app}
[[webhook-action-configuration]]
=== Test connectors
Define Webhook connector properties.
[role="screenshot"]
image::management/connectors/images/webhook-connector.png[Webhook connector]
Test Webhook action parameters.
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/webhook-params-test.png[Webhook params test]
[float]
[[webhook-action-configuration]]
==== Action configuration
Webhook actions have the following properties.
Body:: A JSON payload sent to the request URL. For example:
@ -92,3 +92,9 @@ Body:: A JSON payload sent to the request URL. For example:
Mustache template variables (the text enclosed in double braces, for example, `context.rule.name`) have
their values escaped, so that the final JSON will be valid (escaping double quote characters).
For more information on Mustache template variables, refer to <<defining-rules-actions-details>>.
[float]
[[webhook-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings, Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.

88
docs/management/connectors/action-types/xmatters.asciidoc
View file

@ -1,11 +1,24 @@
[[xmatters-action-type]]
=== xMatters connector and action
== xMatters connector and action
++++
<titleabbrev>xMatters</titleabbrev>
++++
The xMatters connector uses the https://help.xmatters.com/integrations/#cshid=Elastic[xMatters Workflow for Elastic] to send actionable alerts to on-call xMatters resources.
[float]
[[define-xmatters-ui]]
=== Create connectors in {kib}
You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. You must choose between basic and URL authentication for the requests.
[role="screenshot"]
image::management/connectors/images/xmatters-connector-basic.png[xMatters connector with basic authentication]
[role="screenshot"]
image::management/connectors/images/xmatters-connector-url.png[xMatters connector with url authentication]
[float]
[[xmatters-connector-configuration]]
==== Connector configuration
@ -19,39 +32,39 @@ Username:: Username for HTTP Basic Authentication.
Password:: Password for HTTP Basic Authentication.
[float]
[[xmatters-connector-networking-configuration]]
==== Connector networking configuration
[[preconfigured-xmatters-configuration]]
=== Create preconfigured connectors
Use the <<action-settings,Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[Preconfigured-xmatters-configuration]]
==== Preconfigured connector type
If you are running {kib} on-prem, you can define connectors by
adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
For example:
Connector using Basic Authentication
[source,text]
--
my-xmatters:
name: preconfigured-xmatters-connector-type
actionTypeId: .xmatters
config:
configUrl: https://test.host
usesBasic: true
secrets:
user: testuser
password: passwordkeystorevalue
xpack.actions.preconfigured:
my-xmatters:
name: preconfigured-xmatters-connector-type
actionTypeId: .xmatters
config:
configUrl: https://test.host
usesBasic: true
secrets:
user: testuser
password: passwordkeystorevalue
--
Connector using URL Authentication
[source,text]
--
my-xmatters:
name: preconfigured-xmatters-connector-type
actionTypeId: .xmatters
config:
usesBasic: false
secrets:
secretsUrl: https://test.host?apiKey=1234-abcd
xpack.actions.preconfigured:
my-xmatters:
name: preconfigured-xmatters-connector-type
actionTypeId: .xmatters
config:
usesBasic: false
secrets:
secretsUrl: https://test.host?apiKey=1234-abcd
--
Config defines information for the connector type:
@ -69,34 +82,29 @@ Secrets defines sensitive information for the connector type:
`secretsUrl`:: A URL string that corresponds to *URL*. Only used if `usesBasic` is false, indicating the API key is included in the URL.
[float]
[[define-xmatters-ui]]
==== Define connector in {stack-manage-app}
[[xmatters-action-configuration]]
=== Test connectors
Define xMatters connector properties. Choose between basic and URL authentication for the requests:
[role="screenshot"]
image::management/connectors/images/xmatters-connector-basic.png[xMatters connector with basic authentication]
[role="screenshot"]
image::management/connectors/images/xmatters-connector-url.png[xMatters connector with url authentication]
Test xMatters rule parameters:
You can test connectors with the <<execute-connector-api,run connector API>> or
as you're creating or editing the connector in {kib}. For example:
[role="screenshot"]
image::management/connectors/images/xmatters-params-test.png[xMatters params test]
[float]
[[xmatters-action-configuration]]
==== Action configuration
xMatters rules have the following properties:
Severity:: Severity of the rule.
Tags:: Comma-separated list of tags for the rule as provided by the user in Elastic.
[float]
[[xmatters-connector-networking-configuration]]
=== Connector networking configuration
Use the <<action-settings,Action configuration settings>> to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use `xpack.actions.customHostSettings` to set per-host configurations.
[float]
[[xmatters-benefits]]
==== Configure xMatters
=== Configure xMatters
By integrating with xMatters, you can:

22
docs/management/connectors/index.asciidoc
View file

@ -1,19 +1,19 @@
include::action-types/email.asciidoc[]
include::action-types/resilient.asciidoc[]
include::action-types/email.asciidoc[leveloffset=+1]
include::action-types/resilient.asciidoc[leveloffset=+1]
include::action-types/index.asciidoc[leveloffset=+1]
include::action-types/jira.asciidoc[]
include::action-types/teams.asciidoc[]
include::action-types/opsgenie.asciidoc[]
include::action-types/pagerduty.asciidoc[]
include::action-types/jira.asciidoc[leveloffset=+1]
include::action-types/teams.asciidoc[leveloffset=+1]
include::action-types/opsgenie.asciidoc[leveloffset=+1]
include::action-types/pagerduty.asciidoc[leveloffset=+1]
include::action-types/server-log.asciidoc[leveloffset=+1]
include::action-types/servicenow.asciidoc[leveloffset=+1]
include::action-types/servicenow-sir.asciidoc[leveloffset=+1]
include::action-types/servicenow-itom.asciidoc[leveloffset=+1]
include::action-types/swimlane.asciidoc[]
include::action-types/slack.asciidoc[]
include::action-types/swimlane.asciidoc[leveloffset=+1]
include::action-types/slack.asciidoc[leveloffset=+1]
include::action-types/tines.asciidoc[leveloffset=+1]
include::action-types/torq.asciidoc[]
include::action-types/webhook.asciidoc[]
include::action-types/torq.asciidoc[leveloffset=+1]
include::action-types/webhook.asciidoc[leveloffset=+1]
include::action-types/cases-webhook.asciidoc[leveloffset=+1]
include::action-types/xmatters.asciidoc[]
include::action-types/xmatters.asciidoc[leveloffset=+1]
include::pre-configured-connectors.asciidoc[leveloffset=+1]