diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 055f79a13988..19884c4f64cd 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -5824,7 +5824,43 @@ paths: responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/json: + examples: + success: + value: + application: {} + cluster: + all: true + manage: true + manage_api_key: true + manage_index_templates: true + manage_ml: true + manage_own_api_key: true + manage_pipeline: true + manage_security: true + manage_transform: true + monitor: true + monitor_ml: true + monitor_transform: true + has_all_requested: true + has_encryption_key: true + index: + .alerts-security.alerts-default: + all: true + create: true + create_doc: true + create_index: true + delete: true + delete_index: true + index: true + maintenance: true + manage: true + monitor: true + read: true + view_index_metadata: true + write: true + is_authenticated: true + username: elastic schema: type: object properties: @@ -6495,7 +6531,24 @@ paths: operationId: SetAlertAssignees requestBody: content: - application/json; Elastic-Api-Version=2023-10-31: + application/json: + examples: + add: + value: + assignees: + add: + - u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0 + remove: [] + ids: + - 681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6 + remove: + value: + assignees: + add: [] + remove: + - u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0 + ids: + - 681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6 schema: type: object properties: @@ -6504,13 +6557,32 @@ paths: description: Details about the assignees to assign and unassign. ids: $ref: '#/components/schemas/Security_Detections_API_AlertIds' - description: List of alerts ids to assign and unassign passed assignees. required: - assignees - ids required: true responses: '200': + content: + application/ndjson: + examples: + add: + value: + batches: 1, + deleted: 0, + failures: [] + noops: 0, + requests_per_second: '-1,' + retries: + - bulk: 0, + - search: 0 + throttled_millis: 0, + throttled_until_millis: 0, + timed_out: false, + took: 76, + total: 1, + updated: 1, + version_conflicts: 0, description: Indicates a successful call. '400': description: Invalid request. @@ -6524,7 +6596,36 @@ paths: operationId: SearchAlerts requestBody: content: - application/json; Elastic-Api-Version=2023-10-31: + application/json: + examples: + query: + value: + aggs: + alertsByGrouping: + terms: + field: host.name + size: 10 + missingFields: + missing: + field: host.name + query: + bool: + filter: + - bool: + filter: + - match_phrase: + kibana.alert.workflow_status: open + must: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + - range: + '@timestamp': + gte: '2025-01-17T08:00:00.000Z' + lte: '2025-01-18T07:59:59.999Z' + runtime_mappings: {} + size: 0 schema: description: Elasticsearch query and aggregation request type: object @@ -6561,7 +6662,32 @@ paths: responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/json: + examples: + success: + value: + _shards: + failed: 0 + skipped: 0 + successful: 1 + total: 1 + aggregations: + alertsByGrouping: + buckets: + - doc_count: 5 + key: Host-f43kkddfyc + doc_count_error_upper_bound: 0 + sum_other_doc_count: 0 + missingFields: + doc_count: 0 + hits: + hits: [] + max_score: null + total: + relation: eq + value: 5 + timed_out: false + took: 0 schema: additionalProperties: true description: Elasticsearch search response @@ -6597,7 +6723,44 @@ paths: operationId: SetAlertsStatus requestBody: content: - application/json; Elastic-Api-Version=2023-10-31: + application/json: + examples: + byId: + value: + signal_ids: + - 80e1383f856e67c1b7f7a1634744fa6d66b6e2ef7aa26d226e57afb5a7b2b4a1 + status: closed + byQuery: + value: + conflicts: proceed + query: + bool: + filter: + - '@timestamp': + format: strict_date_optional_time + gte: '2024-10-23T07:00:00.000Z' + lte: '2025-01-21T20:12:11.704Z' + range: null + - bool: + filter: + bool: + filter: + - match_phrase: + kibana.alert.workflow_status: open + - '@timestamp': + format: strict_date_optional_time + gte: '2024-10-23T07:00:00.000Z' + lte: '2025-01-21T20:12:11.704Z' + range: null + must: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + must: [] + must_not: [] + should: [] + status: closed schema: oneOf: - $ref: '#/components/schemas/Security_Detections_API_SetAlertsStatusByIds' @@ -6607,7 +6770,42 @@ paths: responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/json: + examples: + byId: + value: + batches: 1 + deleted: 0 + failures: [] + noops: 0 + requests_per_second: -1 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + throttled_until_millis: 0 + timed_out: false + took: 81 + total: 1 + updated: 1 + version_conflicts: 0 + byQuery: + value: + batches: 1 + deleted: 0 + failures: [] + noops: 0 + requests_per_second: -1 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + throttled_until_millis: 0 + timed_out: false + took: 100 + total: 17 + updated: 17 + version_conflicts: 0 schema: additionalProperties: true description: Elasticsearch update by query response @@ -6646,7 +6844,24 @@ paths: operationId: SetAlertTags requestBody: content: - application/json; Elastic-Api-Version=2023-10-31: + application/json: + examples: + add: + value: + ids: + - 549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e + tags: + tags_to_add: + - Duplicate + tags_to_remove: [] + remove: + value: + ids: + - 549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e + tags: + tags_to_add: [] + tags_to_remove: + - Duplicate schema: type: object properties: @@ -6662,7 +6877,25 @@ paths: responses: '200': content: - application/json; Elastic-Api-Version=2023-10-31: + application/json: + examples: + success: + value: + batches: 1, + deleted: 0, + failures: [] + noops: 0, + requests_per_second: '-1,' + retries: + bulk: 0, + search: 0 + throttled_millis: 0, + throttled_until_millis: 0, + timed_out: false, + took: 68, + total: 1, + updated: 1, + version_conflicts: 0, schema: additionalProperties: true description: Elasticsearch update by query response @@ -43276,22 +43509,28 @@ components: type: object properties: add: - description: A list of users ids to assign. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: A list of users ids to assign. + format: nonempty + minLength: 1 + type: string type: array remove: - description: A list of users ids to unassign. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: A list of users ids to unassign. + format: nonempty + minLength: 1 + type: string type: array required: - add - remove Security_Detections_API_AlertIds: - description: A list of alerts ids. + description: A list of alerts `id`s. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array Security_Detections_API_AlertsIndex: @@ -43313,6 +43552,7 @@ components: - additionalProperties: true type: object Security_Detections_API_AlertStatus: + description: The status of an alert, which can be `open`, `acknowledged`, `in-progress`, or `closed`. enum: - open - closed @@ -43363,8 +43603,12 @@ components: - suppress type: string Security_Detections_API_AlertTag: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Use alert tags to organize related alerts into categories that you can filter and group. + format: nonempty + minLength: 1 + type: string Security_Detections_API_AlertTags: + description: List of keywords to organize related alerts into categories that you can filter and group. items: $ref: '#/components/schemas/Security_Detections_API_AlertTag' type: array @@ -47370,8 +47614,11 @@ components: type: object properties: signal_ids: + description: List of alert `id`s. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array status: @@ -47397,6 +47644,7 @@ components: - query - status Security_Detections_API_SetAlertTags: + description: Object with list of tags to add and remove. type: object properties: tags_to_add: @@ -49153,9 +49401,11 @@ components: - microsoft_defender_endpoint type: string Security_Endpoint_Management_API_AlertIds: - description: A list of alerts ids. + description: A list of alerts `id`s. items: - $ref: '#/components/schemas/Security_Endpoint_Management_API_NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array Security_Endpoint_Management_API_CaseIds: @@ -49436,11 +49686,6 @@ components: type: string required: - hostStatuses - Security_Endpoint_Management_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string Security_Endpoint_Management_API_Page: default: 1 description: Page number diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index 06577aece744..31a7e11ecbf3 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -10606,6 +10606,11 @@ paths: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + success: + value: + index_mapping_outdated: false + name: .alerts-security.alerts-default schema: type: object properties: @@ -10698,6 +10703,42 @@ paths: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + success: + value: + application: {} + cluster: + all: true + manage: true + manage_api_key: true + manage_index_templates: true + manage_ml: true + manage_own_api_key: true + manage_pipeline: true + manage_security: true + manage_transform: true + monitor: true + monitor_ml: true + monitor_transform: true + has_all_requested: true + has_encryption_key: true + index: + .alerts-security.alerts-default: + all: true + create: true + create_doc: true + create_index: true + delete: true + delete_index: true + index: true + maintenance: true + manage: true + monitor: true + read: true + view_index_metadata: true + write: true + is_authenticated: true + username: elastic schema: type: object properties: @@ -11617,6 +11658,23 @@ paths: requestBody: content: application/json; Elastic-Api-Version=2023-10-31: + examples: + add: + value: + assignees: + add: + - u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0 + remove: [] + ids: + - 681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6 + remove: + value: + assignees: + add: [] + remove: + - u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0 + ids: + - 681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6 schema: type: object properties: @@ -11625,13 +11683,32 @@ paths: description: Details about the assignees to assign and unassign. ids: $ref: '#/components/schemas/Security_Detections_API_AlertIds' - description: List of alerts ids to assign and unassign passed assignees. required: - assignees - ids required: true responses: '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + examples: + add: + value: + batches: 1, + deleted: 0, + failures: [] + noops: 0, + requests_per_second: '-1,' + retries: + - bulk: 0, + - search: 0 + throttled_millis: 0, + throttled_until_millis: 0, + timed_out: false, + took: 76, + total: 1, + updated: 1, + version_conflicts: 0, description: Indicates a successful call. '400': description: Invalid request. @@ -11650,9 +11727,13 @@ paths: content: application/json; Elastic-Api-Version=2023-10-31: schema: + example: + migration_ids: + - 924f7c50-505f-11eb-ae0a-3fa2e626a51d type: object properties: migration_ids: + description: Array of `migration_id`s to finalize. items: type: string minItems: 1 @@ -11665,6 +11746,17 @@ paths: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + success: + value: + migrations: + - completed: true + destinationIndex: .siem-signals-default-000002-r000016 + id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + sourceIndex: .siem-signals-default-000002 + status: success + updated: '2021-01-06T22:05:56.859Z' + version: 16 schema: items: $ref: '#/components/schemas/Security_Detections_API_MigrationFinalizationResult' @@ -11709,9 +11801,13 @@ paths: content: application/json; Elastic-Api-Version=2023-10-31: schema: + example: + migration_ids: + - 924f7c50-505f-11eb-ae0a-3fa2e626a51d type: object properties: migration_ids: + description: Array of `migration_id`s to cleanup. items: type: string minItems: 1 @@ -11724,6 +11820,16 @@ paths: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + success: + value: + migrations: + - destinationIndex: .siem-signals-default-000002-r000016 + id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + sourceIndex: .siem-signals-default-000002 + status: success + updated: '2021-01-06T22:05:56.859Z' + version: 16 schema: items: $ref: '#/components/schemas/Security_Detections_API_MigrationCleanupResult' @@ -11761,13 +11867,21 @@ paths: requestBody: content: application/json; Elastic-Api-Version=2023-10-31: + examples: + singleIndex: + value: + index: + - .siem-signals-default-000001 schema: allOf: - type: object properties: index: + description: Array of index names to migrate. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array required: @@ -11779,6 +11893,13 @@ paths: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + success: + value: + indices: + - index: .siem-signals-default-000001, + migration_id: 923f7c50-505f-11eb-ae0a-3fa2e626a51d + migration_index: .siem-signals-default-000001-r000016 schema: type: object properties: @@ -11816,7 +11937,7 @@ paths: tags: - Security Detections API /api/detection_engine/signals/migration_status: - post: + get: deprecated: true description: Retrieve indices that contain detection alerts of a particular age, along with migration information for each of those indices. operationId: ReadAlertsMigrationStatus @@ -11829,12 +11950,37 @@ paths: description: | Time from which data is analyzed. For example, now-4200s means the rule analyzes data from 70 minutes before its start time. Defaults to now-6m (analyzes data from 6 minutes before the start time). + example: now-30d format: date-math type: string responses: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + success: + value: + indices: + - index: .siem-signals-default-000002 + is_outdated: true + migrations: + - id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + status: pending + updated: '2021-01-06T20:41:37.173Z' + version: 16 + signal_versions: + - count: 100 + version: 15 + - count: 87 + version: 16 + version: 15 + - index: .siem-signals-default-000003 + is_outdated: false + migrations: [] + signal_versions: + - count: 54 + version: 16 + version: 16 schema: type: object properties: @@ -11875,6 +12021,35 @@ paths: requestBody: content: application/json; Elastic-Api-Version=2023-10-31: + examples: + query: + value: + aggs: + alertsByGrouping: + terms: + field: host.name + size: 10 + missingFields: + missing: + field: host.name + query: + bool: + filter: + - bool: + filter: + - match_phrase: + kibana.alert.workflow_status: open + must: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + - range: + '@timestamp': + gte: '2025-01-17T08:00:00.000Z' + lte: '2025-01-18T07:59:59.999Z' + runtime_mappings: {} + size: 0 schema: description: Elasticsearch query and aggregation request type: object @@ -11912,6 +12087,31 @@ paths: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + success: + value: + _shards: + failed: 0 + skipped: 0 + successful: 1 + total: 1 + aggregations: + alertsByGrouping: + buckets: + - doc_count: 5 + key: Host-f43kkddfyc + doc_count_error_upper_bound: 0 + sum_other_doc_count: 0 + missingFields: + doc_count: 0 + hits: + hits: [] + max_score: null + total: + relation: eq + value: 5 + timed_out: false + took: 0 schema: additionalProperties: true description: Elasticsearch search response @@ -11947,6 +12147,43 @@ paths: requestBody: content: application/json; Elastic-Api-Version=2023-10-31: + examples: + byId: + value: + signal_ids: + - 80e1383f856e67c1b7f7a1634744fa6d66b6e2ef7aa26d226e57afb5a7b2b4a1 + status: closed + byQuery: + value: + conflicts: proceed + query: + bool: + filter: + - '@timestamp': + format: strict_date_optional_time + gte: '2024-10-23T07:00:00.000Z' + lte: '2025-01-21T20:12:11.704Z' + range: null + - bool: + filter: + bool: + filter: + - match_phrase: + kibana.alert.workflow_status: open + - '@timestamp': + format: strict_date_optional_time + gte: '2024-10-23T07:00:00.000Z' + lte: '2025-01-21T20:12:11.704Z' + range: null + must: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + must: [] + must_not: [] + should: [] + status: closed schema: oneOf: - $ref: '#/components/schemas/Security_Detections_API_SetAlertsStatusByIds' @@ -11957,6 +12194,41 @@ paths: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + byId: + value: + batches: 1 + deleted: 0 + failures: [] + noops: 0 + requests_per_second: -1 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + throttled_until_millis: 0 + timed_out: false + took: 81 + total: 1 + updated: 1 + version_conflicts: 0 + byQuery: + value: + batches: 1 + deleted: 0 + failures: [] + noops: 0 + requests_per_second: -1 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + throttled_until_millis: 0 + timed_out: false + took: 100 + total: 17 + updated: 17 + version_conflicts: 0 schema: additionalProperties: true description: Elasticsearch update by query response @@ -11995,6 +12267,23 @@ paths: requestBody: content: application/json; Elastic-Api-Version=2023-10-31: + examples: + add: + value: + ids: + - 549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e + tags: + tags_to_add: + - Duplicate + tags_to_remove: [] + remove: + value: + ids: + - 549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e + tags: + tags_to_add: [] + tags_to_remove: + - Duplicate schema: type: object properties: @@ -12011,6 +12300,24 @@ paths: '200': content: application/json; Elastic-Api-Version=2023-10-31: + examples: + success: + value: + batches: 1, + deleted: 0, + failures: [] + noops: 0, + requests_per_second: '-1,' + retries: + bulk: 0, + search: 0 + throttled_millis: 0, + throttled_until_millis: 0, + timed_out: false, + took: 68, + total: 1, + updated: 1, + version_conflicts: 0, schema: additionalProperties: true description: Elasticsearch update by query response @@ -31463,22 +31770,28 @@ components: type: object properties: add: - description: A list of users ids to assign. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: A list of users ids to assign. + format: nonempty + minLength: 1 + type: string type: array remove: - description: A list of users ids to unassign. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: A list of users ids to unassign. + format: nonempty + minLength: 1 + type: string type: array required: - add - remove Security_Detections_API_AlertIds: - description: A list of alerts ids. + description: A list of alerts `id`s. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array Security_Detections_API_AlertsIndex: @@ -31523,12 +31836,15 @@ components: type: object properties: requests_per_second: + description: The throttle for the migration task in sub-requests per second. Corresponds to requests_per_second on the Reindex API. minimum: 1 type: integer size: + description: Number of alerts to migrate per batch. Corresponds to the source.size option on the Reindex API. minimum: 1 type: integer slices: + description: The number of subtasks for the migration task. Corresponds to slices on the Reindex API. minimum: 1 type: integer Security_Detections_API_AlertsSort: @@ -31543,6 +31859,7 @@ components: - additionalProperties: true type: object Security_Detections_API_AlertStatus: + description: The status of an alert, which can be `open`, `acknowledged`, `in-progress`, or `closed`. enum: - open - closed @@ -31593,8 +31910,12 @@ components: - suppress type: string Security_Detections_API_AlertTag: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + description: Use alert tags to organize related alerts into categories that you can filter and group. + format: nonempty + minLength: 1 + type: string Security_Detections_API_AlertTags: + description: List of keywords to organize related alerts into categories that you can filter and group. items: $ref: '#/components/schemas/Security_Detections_API_AlertTag' type: array @@ -35737,8 +36058,11 @@ components: type: object properties: signal_ids: + description: List of alert `id`s. items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array status: @@ -35764,6 +36088,7 @@ components: - query - status Security_Detections_API_SetAlertTags: + description: Object with list of tags to add and remove. type: object properties: tags_to_add: @@ -37538,9 +37863,11 @@ components: - microsoft_defender_endpoint type: string Security_Endpoint_Management_API_AlertIds: - description: A list of alerts ids. + description: A list of alerts `id`s. items: - $ref: '#/components/schemas/Security_Endpoint_Management_API_NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array Security_Endpoint_Management_API_CaseIds: @@ -37821,11 +38148,6 @@ components: type: string required: - hostStatuses - Security_Endpoint_Management_API_NonEmptyString: - description: A string that does not contain only whitespace characters - format: nonempty - minLength: 1 - type: string Security_Endpoint_Management_API_Page: default: 1 description: Page number diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen.ts index 2cefcab9756b..a4c51a07359e 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen.ts @@ -15,20 +15,14 @@ */ import { z } from '@kbn/zod'; +import { isNonEmptyString } from '@kbn/zod-helpers'; import { AlertIds } from '../../model/alert.gen'; -import { NonEmptyString } from '../../model/primitives.gen'; export type AlertAssignees = z.infer; export const AlertAssignees = z.object({ - /** - * A list of users ids to assign. - */ - add: z.array(NonEmptyString), - /** - * A list of users ids to unassign. - */ - remove: z.array(NonEmptyString), + add: z.array(z.string().min(1).superRefine(isNonEmptyString)), + remove: z.array(z.string().min(1).superRefine(isNonEmptyString)), }); export type SetAlertAssigneesRequestBody = z.infer; @@ -37,9 +31,6 @@ export const SetAlertAssigneesRequestBody = z.object({ * Details about the assignees to assign and unassign. */ assignees: AlertAssignees, - /** - * List of alerts ids to assign and unassign passed assignees. - */ ids: AlertIds, }); export type SetAlertAssigneesRequestBodyInput = z.input; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.schema.yaml index b4b5e858672d..6c28c76a0b29 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.schema.yaml @@ -28,10 +28,42 @@ paths: description: Details about the assignees to assign and unassign. ids: $ref: '../../model/alert.schema.yaml#/components/schemas/AlertIds' - description: List of alerts ids to assign and unassign passed assignees. + examples: + add: + value: + assignees: + add: ['u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0'] + remove: [] + ids: ['681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6'] + remove: + value: + assignees: + add: [] + remove: ['u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0'] + ids: ['681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6'] responses: 200: description: Indicates a successful call. + content: + application/ndjson: + examples: + add: + value: + took: 76, + timed_out: false, + total: 1, + updated: 1, + deleted: 0, + batches: 1, + version_conflicts: 0, + noops: 0, + retries: + - bulk: 0, + - search: 0 + throttled_millis: 0, + requests_per_second: -1, + throttled_until_millis: 0, + failures: [] 400: description: Invalid request. @@ -46,10 +78,14 @@ components: add: type: array items: - $ref: '../../model/primitives.schema.yaml#/components/schemas/NonEmptyString' - description: A list of users ids to assign. + type: string + format: nonempty + minLength: 1 + description: A list of users ids to assign. remove: type: array items: - $ref: '../../model/primitives.schema.yaml#/components/schemas/NonEmptyString' - description: A list of users ids to unassign. + type: string + format: nonempty + minLength: 1 + description: A list of users ids to unassign. diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen.ts index b08d4ff87705..f4b40c03a634 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen.ts @@ -18,6 +18,9 @@ import { z } from '@kbn/zod'; import { AlertIds, AlertTags } from '../../../model/alert.gen'; +/** + * Object with list of tags to add and remove. + */ export type SetAlertTags = z.infer; export const SetAlertTags = z.object({ tags_to_add: AlertTags, diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.schema.yaml index 2e712ed3fec4..e80be52c9941 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.schema.yaml @@ -30,6 +30,19 @@ paths: required: - ids - tags + examples: + add: + value: + tags: + tags_to_add: ['Duplicate'] + tags_to_remove: [] + ids: ['549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e'] + remove: + value: + tags: + tags_to_add: [] + tags_to_remove: ['Duplicate'] + ids: ['549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e'] responses: 200: description: Successful response @@ -39,6 +52,24 @@ paths: type: object additionalProperties: true description: Elasticsearch update by query response + examples: + success: + value: + took: 68, + timed_out: false, + total: 1, + updated: 1, + deleted: 0, + batches: 1, + version_conflicts: 0, + noops: 0, + retries: + bulk: 0, + search: 0 + throttled_millis: 0, + requests_per_second: -1, + throttled_until_millis: 0, + failures: [] 400: description: Invalid input data response content: @@ -63,6 +94,7 @@ paths: components: schemas: SetAlertTags: + description: Object with list of tags to add and remove. type: object properties: tags_to_add: diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_index/read_index.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_index/read_index.schema.yaml index 70283f59ef79..f9a854689c49 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_index/read_index.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_index/read_index.schema.yaml @@ -25,6 +25,11 @@ paths: type: boolean nullable: true required: [name, index_mapping_outdated] + examples: + success: + value: + index_mapping_outdated: false + name: '.alerts-security.alerts-default' 401: description: Unsuccessful authentication response content: diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_privileges/read_privileges.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_privileges/read_privileges.schema.yaml index 168ad4484901..02239060325d 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_privileges/read_privileges.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/index_management/read_privileges/read_privileges.schema.yaml @@ -29,6 +29,42 @@ paths: has_encryption_key: type: boolean required: [is_authenticated, has_encryption_key] + examples: + success: + value: + username: elastic + has_all_requested: true + cluster: + all: true + monitor_ml: true + manage_transform: true + manage_index_templates: true + monitor_transform: true + manage_ml: true + monitor: true + manage_pipeline: true + manage_api_key: true + manage_security: true + manage_own_api_key: true + manage: true + index: + .alerts-security.alerts-default: + all: true + create: true + create_doc: true + create_index: true + delete: true + delete_index: true + index: true + maintenance: true + manage: true + monitor: true + read: true + view_index_metadata: true + write: true + application: {} + is_authenticated: true + has_encryption_key: true 401: description: Unsuccessful authentication response content: diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/query_signals/query_signals_route.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/query_signals/query_signals_route.schema.yaml index 00061cf50c60..b16899d75559 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/query_signals/query_signals_route.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/query_signals/query_signals_route.schema.yaml @@ -48,6 +48,35 @@ paths: sort: $ref: '#/components/schemas/AlertsSort' description: Elasticsearch query and aggregation request + examples: + query: + value: + size: 0 + query: + bool: + filter: + - bool: + must: [] + filter: + - match_phrase: + kibana.alert.workflow_status: open + should: [] + must_not: + - exists: + field: kibana.alert.building_block_type + - range: + '@timestamp': + gte: 2025-01-17T08:00:00.000Z + lte: 2025-01-18T07:59:59.999Z + aggs: + alertsByGrouping: + terms: + field: host.name + size: 10 + missingFields: + missing: + field: host.name + runtime_mappings: {} responses: 200: description: Successful response @@ -57,6 +86,31 @@ paths: type: object additionalProperties: true description: Elasticsearch search response + examples: + success: + value: + took: 0 + timed_out: false + _shards: + total: 1 + successful: 1 + skipped: 0 + failed: 0 + hits: + total: + value: 5 + relation: eq + max_score: null + hits: [] + aggregations: + alertsByGrouping: + doc_count_error_upper_bound: 0 + sum_other_doc_count: 0 + buckets: + - key: Host-f43kkddfyc + doc_count: 5 + missingFields: + doc_count: 0 400: description: Invalid input data response content: diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen.ts index c8def8a2fb30..b95be98a5c89 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen.ts @@ -15,13 +15,16 @@ */ import { z } from '@kbn/zod'; +import { isNonEmptyString } from '@kbn/zod-helpers'; -import { NonEmptyString } from '../../../model/primitives.gen'; import { AlertStatus } from '../../../model/alert.gen'; export type SetAlertsStatusByIds = z.infer; export const SetAlertsStatusByIds = z.object({ - signal_ids: z.array(NonEmptyString).min(1), + /** + * List of alert `id`s. + */ + signal_ids: z.array(z.string().min(1).superRefine(isNonEmptyString)).min(1), status: AlertStatus, }); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.schema.yaml index fe514c4dafe2..2f3266254ebd 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.schema.yaml @@ -21,6 +21,42 @@ paths: oneOf: - $ref: '#/components/schemas/SetAlertsStatusByIds' - $ref: '#/components/schemas/SetAlertsStatusByQuery' + examples: + byId: + value: + status: closed + signal_ids: ['80e1383f856e67c1b7f7a1634744fa6d66b6e2ef7aa26d226e57afb5a7b2b4a1'] + byQuery: + value: + conflicts: proceed + status: closed + query: + bool: + must: [] + filter: + - range: + '@timestamp': + gte: 2024-10-23T07:00:00.000Z + lte: 2025-01-21T20:12:11.704Z + format: strict_date_optional_time + - bool: + filter: + bool: + must: [] + filter: + - match_phrase: + kibana.alert.workflow_status: open + - range: + '@timestamp': + gte: 2024-10-23T07:00:00.000Z + lte: 2025-01-21T20:12:11.704Z + format: strict_date_optional_time + should: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + must_not: [] responses: 200: description: Successful response @@ -30,6 +66,41 @@ paths: type: object additionalProperties: true description: Elasticsearch update by query response + examples: + byId: + value: + took: 81 + timed_out: false + total: 1 + updated: 1 + deleted: 0 + batches: 1 + version_conflicts: 0 + noops: 0 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + requests_per_second: -1 + throttled_until_millis: 0 + failures: [] + byQuery: + value: + took: 100 + timed_out: false + total: 17 + updated: 17 + deleted: 0 + batches: 1 + version_conflicts: 0 + noops: 0 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + requests_per_second: -1 + throttled_until_millis: 0 + failures: [] 400: description: Invalid input data response content: @@ -58,8 +129,11 @@ components: properties: signal_ids: type: array + description: List of alert `id`s. items: - $ref: '../../../model/primitives.schema.yaml#/components/schemas/NonEmptyString' + type: string + format: nonempty + minLength: 1 minItems: 1 status: $ref: '../../../model/alert.schema.yaml#/components/schemas/AlertStatus' diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen.ts index 7f321de7c06d..8dd0f1833472 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen.ts @@ -15,13 +15,21 @@ */ import { z } from '@kbn/zod'; - -import { NonEmptyString } from '../../../model/primitives.gen'; +import { isNonEmptyString } from '@kbn/zod-helpers'; export type AlertsReindexOptions = z.infer; export const AlertsReindexOptions = z.object({ + /** + * The throttle for the migration task in sub-requests per second. Corresponds to requests_per_second on the Reindex API. + */ requests_per_second: z.number().int().min(1).optional(), + /** + * Number of alerts to migrate per batch. Corresponds to the source.size option on the Reindex API. + */ size: z.number().int().min(1).optional(), + /** + * The number of subtasks for the migration task. Corresponds to slices on the Reindex API. + */ slices: z.number().int().min(1).optional(), }); @@ -49,7 +57,10 @@ export const SkippedAlertsIndexMigration = z.object({ export type CreateAlertsMigrationRequestBody = z.infer; export const CreateAlertsMigrationRequestBody = z .object({ - index: z.array(NonEmptyString).min(1), + /** + * Array of index names to migrate. + */ + index: z.array(z.string().min(1).superRefine(isNonEmptyString)).min(1), }) .merge(AlertsReindexOptions); export type CreateAlertsMigrationRequestBodyInput = z.input< diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.schema.yaml index d77bb820ec59..0196e031f872 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.schema.yaml @@ -25,13 +25,19 @@ paths: - type: object properties: index: + description: Array of index names to migrate. type: array items: - $ref: '../../../model/primitives.schema.yaml#/components/schemas/NonEmptyString' + type: string + format: nonempty + minLength: 1 minItems: 1 required: [index] - $ref: '#/components/schemas/AlertsReindexOptions' - + examples: + singleIndex: + value: + index: [.siem-signals-default-000001] responses: 200: description: Successful response @@ -48,6 +54,13 @@ paths: - $ref: '#/components/schemas/AlertsIndexMigrationError' - $ref: '#/components/schemas/SkippedAlertsIndexMigration' required: [indices] + examples: + success: + value: + indices: + - index: .siem-signals-default-000001, + migration_id: 923f7c50-505f-11eb-ae0a-3fa2e626a51d + migration_index: .siem-signals-default-000001-r000016 400: description: Invalid input data response content: @@ -77,12 +90,15 @@ components: requests_per_second: type: integer minimum: 1 + description: The throttle for the migration task in sub-requests per second. Corresponds to requests_per_second on the Reindex API. size: type: integer minimum: 1 + description: Number of alerts to migrate per batch. Corresponds to the source.size option on the Reindex API. slices: type: integer minimum: 1 + description: The number of subtasks for the migration task. Corresponds to slices on the Reindex API. AlertsIndexMigrationSuccess: type: object diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen.ts index b9d9604f5449..47b043706f40 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen.ts @@ -34,6 +34,9 @@ export const MigrationCleanupResult = z.object({ export type AlertsMigrationCleanupRequestBody = z.infer; export const AlertsMigrationCleanupRequestBody = z.object({ + /** + * Array of `migration_id`s to cleanup. + */ migration_ids: z.array(z.string()).min(1), }); export type AlertsMigrationCleanupRequestBodyInput = z.input< diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.schema.yaml index a03d7c476d65..458f594091dd 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.schema.yaml @@ -14,7 +14,7 @@ paths: Migrations favor data integrity over shard size. Consequently, unused or orphaned indices are artifacts of the migration process. A successful migration will result in both the old and new indices being present. As such, the old, orphaned index can (and likely should) be deleted. - + While you can delete these indices manually, the endpoint accomplishes this task by applying a deletion policy to the relevant index, causing it to be deleted after 30 days. It also deletes other artifacts specific to the migration implementation. @@ -29,11 +29,14 @@ paths: type: object properties: migration_ids: + description: Array of `migration_id`s to cleanup. type: array items: type: string minItems: 1 required: [migration_ids] + example: + migration_ids: [924f7c50-505f-11eb-ae0a-3fa2e626a51d] responses: 200: description: Successful response @@ -43,6 +46,16 @@ paths: type: array items: $ref: '#/components/schemas/MigrationCleanupResult' + examples: + success: + value: + migrations: + - id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + destinationIndex: .siem-signals-default-000002-r000016 + status: success + sourceIndex: .siem-signals-default-000002 + version: 16 + updated: 2021-01-06T22:05:56.859Z 400: description: Invalid input data response content: diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen.ts index d337beffb9f4..d5da5fcc892d 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen.ts @@ -35,6 +35,9 @@ export const MigrationFinalizationResult = z.object({ export type FinalizeAlertsMigrationRequestBody = z.infer; export const FinalizeAlertsMigrationRequestBody = z.object({ + /** + * Array of `migration_id`s to finalize. + */ migration_ids: z.array(z.string()).min(1), }); export type FinalizeAlertsMigrationRequestBodyInput = z.input< diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.schema.yaml index 116046749409..03ec7e481322 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.schema.yaml @@ -25,11 +25,14 @@ paths: type: object properties: migration_ids: + description: Array of `migration_id`s to finalize. type: array items: type: string minItems: 1 required: [migration_ids] + example: + migration_ids: ['924f7c50-505f-11eb-ae0a-3fa2e626a51d'] responses: 200: description: Successful response @@ -39,6 +42,17 @@ paths: type: array items: $ref: '#/components/schemas/MigrationFinalizationResult' + examples: + success: + value: + migrations: + - id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + completed: true + destinationIndex: '.siem-signals-default-000002-r000016' + status: success + sourceIndex: '.siem-signals-default-000002' + version: 16 + updated: '2021-01-06T22:05:56.859Z' 400: description: Invalid input data response content: diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.schema.yaml index 0baa8e228150..27688f9867f4 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.schema.yaml @@ -4,7 +4,7 @@ info: version: '2023-10-31' paths: /api/detection_engine/signals/migration_status: - post: + get: x-labels: [ess] operationId: ReadAlertsMigrationStatus x-codegen-enabled: true @@ -24,6 +24,7 @@ paths: Time from which data is analyzed. For example, now-4200s means the rule analyzes data from 70 minutes before its start time. Defaults to now-6m (analyzes data from 6 minutes before the start time). format: date-math + example: now-30d responses: 200: description: Successful response @@ -37,6 +38,30 @@ paths: items: $ref: '#/components/schemas/IndexMigrationStatus' required: [indices] + examples: + success: + value: + indices: + - index: .siem-signals-default-000002 + version: 15 + signal_versions: + - version: 15 + count: 100 + - version: 16 + count: 87 + migrations: + - id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + status: pending + version: 16 + updated: 2021-01-06T20:41:37.173Z + is_outdated: true + - index: .siem-signals-default-000003 + version: 16 + signal_versions: + - version: 16 + count: 54 + migrations: [] + is_outdated: false 400: description: Invalid input data response content: diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/model/alert.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/model/alert.gen.ts index 04a32d7866d0..bb9cf4354684 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/model/alert.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/model/alert.gen.ts @@ -15,21 +15,29 @@ */ import { z } from '@kbn/zod'; - -import { NonEmptyString } from './primitives.gen'; +import { isNonEmptyString } from '@kbn/zod-helpers'; /** - * A list of alerts ids. + * A list of alerts `id`s. */ export type AlertIds = z.infer; -export const AlertIds = z.array(NonEmptyString).min(1); +export const AlertIds = z.array(z.string().min(1).superRefine(isNonEmptyString)).min(1); +/** + * Use alert tags to organize related alerts into categories that you can filter and group. + */ export type AlertTag = z.infer; -export const AlertTag = NonEmptyString; +export const AlertTag = z.string().min(1).superRefine(isNonEmptyString); +/** + * List of keywords to organize related alerts into categories that you can filter and group. + */ export type AlertTags = z.infer; export const AlertTags = z.array(AlertTag); +/** + * The status of an alert, which can be `open`, `acknowledged`, `in-progress`, or `closed`. + */ export type AlertStatus = z.infer; export const AlertStatus = z.enum(['open', 'closed', 'acknowledged', 'in-progress']); export type AlertStatusEnum = typeof AlertStatus.enum; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/model/alert.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/model/alert.schema.yaml index ecf7e02d6ebe..9304c1acdffc 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/model/alert.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/common/api/model/alert.schema.yaml @@ -9,19 +9,26 @@ components: AlertIds: type: array items: - $ref: './primitives.schema.yaml#/components/schemas/NonEmptyString' + type: string + minLength: 1 + format: nonempty minItems: 1 - description: A list of alerts ids. + description: A list of alerts `id`s. AlertTag: - $ref: './primitives.schema.yaml#/components/schemas/NonEmptyString' + type: string + format: nonempty + minLength: 1 + description: Use alert tags to organize related alerts into categories that you can filter and group. AlertTags: type: array + description: List of keywords to organize related alerts into categories that you can filter and group. items: $ref: '#/components/schemas/AlertTag' AlertStatus: + description: The status of an alert, which can be `open`, `acknowledged`, `in-progress`, or `closed`. type: string enum: - open diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/quickstart_client.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/quickstart_client.gen.ts index 47bdcbfd046b..cd0fd9526187 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/api/quickstart_client.gen.ts +++ b/x-pack/solutions/security/plugins/security_solution/common/api/quickstart_client.gen.ts @@ -1962,7 +1962,7 @@ finalize it. headers: { [ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31', }, - method: 'POST', + method: 'GET', query: props.query, }) diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml index 3543861bfee5..4f123a9e7452 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml @@ -65,6 +65,11 @@ paths: '200': content: application/json: + examples: + success: + value: + index_mapping_outdated: false + name: .alerts-security.alerts-default schema: type: object properties: @@ -163,6 +168,42 @@ paths: '200': content: application/json: + examples: + success: + value: + application: {} + cluster: + all: true + manage: true + manage_api_key: true + manage_index_templates: true + manage_ml: true + manage_own_api_key: true + manage_pipeline: true + manage_security: true + manage_transform: true + monitor: true + monitor_ml: true + monitor_transform: true + has_all_requested: true + has_encryption_key: true + index: + .alerts-security.alerts-default: + all: true + create: true + create_doc: true + create_index: true + delete: true + delete_index: true + index: true + maintenance: true + manage: true + monitor: true + read: true + view_index_metadata: true + write: true + is_authenticated: true + username: elastic schema: type: object properties: @@ -1001,6 +1042,25 @@ paths: requestBody: content: application/json: + examples: + add: + value: + assignees: + add: + - u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0 + remove: [] + ids: + - >- + 681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6 + remove: + value: + assignees: + add: [] + remove: + - u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0 + ids: + - >- + 681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6 schema: type: object properties: @@ -1009,13 +1069,32 @@ paths: description: Details about the assignees to assign and unassign. ids: $ref: '#/components/schemas/AlertIds' - description: List of alerts ids to assign and unassign passed assignees. required: - assignees - ids required: true responses: '200': + content: + application/ndjson: + examples: + add: + value: + batches: '1,' + deleted: '0,' + failures: [] + noops: '0,' + requests_per_second: '-1,' + retries: + - bulk: '0,' + - search: 0 + throttled_millis: '0,' + throttled_until_millis: '0,' + timed_out: 'false,' + took: '76,' + total: '1,' + updated: '1,' + version_conflicts: '0,' description: Indicates a successful call. '400': description: Invalid request. @@ -1038,9 +1117,13 @@ paths: content: application/json: schema: + example: + migration_ids: + - 924f7c50-505f-11eb-ae0a-3fa2e626a51d type: object properties: migration_ids: + description: Array of `migration_id`s to finalize. items: type: string minItems: 1 @@ -1053,6 +1136,17 @@ paths: '200': content: application/json: + examples: + success: + value: + migrations: + - completed: true + destinationIndex: .siem-signals-default-000002-r000016 + id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + sourceIndex: .siem-signals-default-000002 + status: success + updated: '2021-01-06T22:05:56.859Z' + version: 16 schema: items: $ref: '#/components/schemas/MigrationFinalizationResult' @@ -1107,9 +1201,13 @@ paths: content: application/json: schema: + example: + migration_ids: + - 924f7c50-505f-11eb-ae0a-3fa2e626a51d type: object properties: migration_ids: + description: Array of `migration_id`s to cleanup. items: type: string minItems: 1 @@ -1122,6 +1220,16 @@ paths: '200': content: application/json: + examples: + success: + value: + migrations: + - destinationIndex: .siem-signals-default-000002-r000016 + id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + sourceIndex: .siem-signals-default-000002 + status: success + updated: 2021-01-06T22:05:56.859Z + version: 16 schema: items: $ref: '#/components/schemas/MigrationCleanupResult' @@ -1164,13 +1272,21 @@ paths: requestBody: content: application/json: + examples: + singleIndex: + value: + index: + - .siem-signals-default-000001 schema: allOf: - type: object properties: index: + description: Array of index names to migrate. items: - $ref: '#/components/schemas/NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array required: @@ -1182,6 +1298,13 @@ paths: '200': content: application/json: + examples: + success: + value: + indices: + - index: '.siem-signals-default-000001,' + migration_id: 923f7c50-505f-11eb-ae0a-3fa2e626a51d + migration_index: .siem-signals-default-000001-r000016 schema: type: object properties: @@ -1220,7 +1343,7 @@ paths: - Security Detections API - Alerts migration API /api/detection_engine/signals/migration_status: - post: + get: deprecated: true description: >- Retrieve indices that contain detection alerts of a particular age, @@ -1238,12 +1361,37 @@ paths: before its start time. Defaults to now-6m (analyzes data from 6 minutes before the start time). + example: now-30d format: date-math type: string responses: '200': content: application/json: + examples: + success: + value: + indices: + - index: .siem-signals-default-000002 + is_outdated: true + migrations: + - id: 924f7c50-505f-11eb-ae0a-3fa2e626a51d + status: pending + updated: 2021-01-06T20:41:37.173Z + version: 16 + signal_versions: + - count: 100 + version: 15 + - count: 87 + version: 16 + version: 15 + - index: .siem-signals-default-000003 + is_outdated: false + migrations: [] + signal_versions: + - count: 54 + version: 16 + version: 16 schema: type: object properties: @@ -1285,6 +1433,35 @@ paths: requestBody: content: application/json: + examples: + query: + value: + aggs: + alertsByGrouping: + terms: + field: host.name + size: 10 + missingFields: + missing: + field: host.name + query: + bool: + filter: + - bool: + filter: + - match_phrase: + kibana.alert.workflow_status: open + must: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + - range: + '@timestamp': + gte: 2025-01-17T08:00:00.000Z + lte: 2025-01-18T07:59:59.999Z + runtime_mappings: {} + size: 0 schema: description: Elasticsearch query and aggregation request type: object @@ -1322,6 +1499,31 @@ paths: '200': content: application/json: + examples: + success: + value: + _shards: + failed: 0 + skipped: 0 + successful: 1 + total: 1 + aggregations: + alertsByGrouping: + buckets: + - doc_count: 5 + key: Host-f43kkddfyc + doc_count_error_upper_bound: 0 + sum_other_doc_count: 0 + missingFields: + doc_count: 0 + hits: + hits: [] + max_score: null + total: + relation: eq + value: 5 + timed_out: false + took: 0 schema: additionalProperties: true description: Elasticsearch search response @@ -1358,6 +1560,44 @@ paths: requestBody: content: application/json: + examples: + byId: + value: + signal_ids: + - >- + 80e1383f856e67c1b7f7a1634744fa6d66b6e2ef7aa26d226e57afb5a7b2b4a1 + status: closed + byQuery: + value: + conflicts: proceed + query: + bool: + filter: + - '@timestamp': + format: strict_date_optional_time + gte: 2024-10-23T07:00:00.000Z + lte: 2025-01-21T20:12:11.704Z + range: null + - bool: + filter: + bool: + filter: + - match_phrase: + kibana.alert.workflow_status: open + - '@timestamp': + format: strict_date_optional_time + gte: 2024-10-23T07:00:00.000Z + lte: 2025-01-21T20:12:11.704Z + range: null + must: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + must: [] + must_not: [] + should: [] + status: closed schema: oneOf: - $ref: '#/components/schemas/SetAlertsStatusByIds' @@ -1370,6 +1610,41 @@ paths: '200': content: application/json: + examples: + byId: + value: + batches: 1 + deleted: 0 + failures: [] + noops: 0 + requests_per_second: -1 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + throttled_until_millis: 0 + timed_out: false + took: 81 + total: 1 + updated: 1 + version_conflicts: 0 + byQuery: + value: + batches: 1 + deleted: 0 + failures: [] + noops: 0 + requests_per_second: -1 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + throttled_until_millis: 0 + timed_out: false + took: 100 + total: 17 + updated: 17 + version_conflicts: 0 schema: additionalProperties: true description: Elasticsearch update by query response @@ -1409,6 +1684,25 @@ paths: requestBody: content: application/json: + examples: + add: + value: + ids: + - >- + 549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e + tags: + tags_to_add: + - Duplicate + tags_to_remove: [] + remove: + value: + ids: + - >- + 549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e + tags: + tags_to_add: [] + tags_to_remove: + - Duplicate schema: type: object properties: @@ -1427,6 +1721,24 @@ paths: '200': content: application/json: + examples: + success: + value: + batches: '1,' + deleted: '0,' + failures: [] + noops: '0,' + requests_per_second: '-1,' + retries: + bulk: '0,' + search: 0 + throttled_millis: '0,' + throttled_until_millis: '0,' + timed_out: 'false,' + took: '68,' + total: '1,' + updated: '1,' + version_conflicts: '0,' schema: additionalProperties: true description: Elasticsearch update by query response @@ -1477,22 +1789,28 @@ components: type: object properties: add: - description: A list of users ids to assign. items: - $ref: '#/components/schemas/NonEmptyString' + description: A list of users ids to assign. + format: nonempty + minLength: 1 + type: string type: array remove: - description: A list of users ids to unassign. items: - $ref: '#/components/schemas/NonEmptyString' + description: A list of users ids to unassign. + format: nonempty + minLength: 1 + type: string type: array required: - add - remove AlertIds: - description: A list of alerts ids. + description: A list of alerts `id`s. items: - $ref: '#/components/schemas/NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array AlertsIndex: @@ -1537,12 +1855,21 @@ components: type: object properties: requests_per_second: + description: >- + The throttle for the migration task in sub-requests per second. + Corresponds to requests_per_second on the Reindex API. minimum: 1 type: integer size: + description: >- + Number of alerts to migrate per batch. Corresponds to the + source.size option on the Reindex API. minimum: 1 type: integer slices: + description: >- + The number of subtasks for the migration task. Corresponds to slices + on the Reindex API. minimum: 1 type: integer AlertsSort: @@ -1557,6 +1884,9 @@ components: - additionalProperties: true type: object AlertStatus: + description: >- + The status of an alert, which can be `open`, `acknowledged`, + `in-progress`, or `closed`. enum: - open - closed @@ -1610,8 +1940,16 @@ components: - suppress type: string AlertTag: - $ref: '#/components/schemas/NonEmptyString' + description: >- + Use alert tags to organize related alerts into categories that you can + filter and group. + format: nonempty + minLength: 1 + type: string AlertTags: + description: >- + List of keywords to organize related alerts into categories that you can + filter and group. items: $ref: '#/components/schemas/AlertTag' type: array @@ -5872,8 +6210,11 @@ components: type: object properties: signal_ids: + description: List of alert `id`s. items: - $ref: '#/components/schemas/NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array status: @@ -5899,6 +6240,7 @@ components: - query - status SetAlertTags: + description: Object with list of tags to add and remove. type: object properties: tags_to_add: diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml index 190fccc04308..40c95e97e5d1 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml @@ -722,9 +722,11 @@ components: - microsoft_defender_endpoint type: string AlertIds: - description: A list of alerts ids. + description: A list of alerts `id`s. items: - $ref: '#/components/schemas/NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array CaseIds: @@ -1005,11 +1007,6 @@ components: type: string required: - hostStatuses - NonEmptyString: - description: A string that does not contain only whitespace characters - format: nonempty - minLength: 1 - type: string Page: default: 1 description: Page number diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml index 29d4a531e764..1be6a23540f5 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml @@ -32,6 +32,42 @@ paths: '200': content: application/json: + examples: + success: + value: + application: {} + cluster: + all: true + manage: true + manage_api_key: true + manage_index_templates: true + manage_ml: true + manage_own_api_key: true + manage_pipeline: true + manage_security: true + manage_transform: true + monitor: true + monitor_ml: true + monitor_transform: true + has_all_requested: true + has_encryption_key: true + index: + .alerts-security.alerts-default: + all: true + create: true + create_doc: true + create_index: true + delete: true + delete_index: true + index: true + maintenance: true + manage: true + monitor: true + read: true + view_index_metadata: true + write: true + is_authenticated: true + username: elastic schema: type: object properties: @@ -586,6 +622,25 @@ paths: requestBody: content: application/json: + examples: + add: + value: + assignees: + add: + - u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0 + remove: [] + ids: + - >- + 681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6 + remove: + value: + assignees: + add: [] + remove: + - u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0 + ids: + - >- + 681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6 schema: type: object properties: @@ -594,13 +649,32 @@ paths: description: Details about the assignees to assign and unassign. ids: $ref: '#/components/schemas/AlertIds' - description: List of alerts ids to assign and unassign passed assignees. required: - assignees - ids required: true responses: '200': + content: + application/ndjson: + examples: + add: + value: + batches: '1,' + deleted: '0,' + failures: [] + noops: '0,' + requests_per_second: '-1,' + retries: + - bulk: '0,' + - search: 0 + throttled_millis: '0,' + throttled_until_millis: '0,' + timed_out: 'false,' + took: '76,' + total: '1,' + updated: '1,' + version_conflicts: '0,' description: Indicates a successful call. '400': description: Invalid request. @@ -614,6 +688,35 @@ paths: requestBody: content: application/json: + examples: + query: + value: + aggs: + alertsByGrouping: + terms: + field: host.name + size: 10 + missingFields: + missing: + field: host.name + query: + bool: + filter: + - bool: + filter: + - match_phrase: + kibana.alert.workflow_status: open + must: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + - range: + '@timestamp': + gte: 2025-01-17T08:00:00.000Z + lte: 2025-01-18T07:59:59.999Z + runtime_mappings: {} + size: 0 schema: description: Elasticsearch query and aggregation request type: object @@ -651,6 +754,31 @@ paths: '200': content: application/json: + examples: + success: + value: + _shards: + failed: 0 + skipped: 0 + successful: 1 + total: 1 + aggregations: + alertsByGrouping: + buckets: + - doc_count: 5 + key: Host-f43kkddfyc + doc_count_error_upper_bound: 0 + sum_other_doc_count: 0 + missingFields: + doc_count: 0 + hits: + hits: [] + max_score: null + total: + relation: eq + value: 5 + timed_out: false + took: 0 schema: additionalProperties: true description: Elasticsearch search response @@ -687,6 +815,44 @@ paths: requestBody: content: application/json: + examples: + byId: + value: + signal_ids: + - >- + 80e1383f856e67c1b7f7a1634744fa6d66b6e2ef7aa26d226e57afb5a7b2b4a1 + status: closed + byQuery: + value: + conflicts: proceed + query: + bool: + filter: + - '@timestamp': + format: strict_date_optional_time + gte: 2024-10-23T07:00:00.000Z + lte: 2025-01-21T20:12:11.704Z + range: null + - bool: + filter: + bool: + filter: + - match_phrase: + kibana.alert.workflow_status: open + - '@timestamp': + format: strict_date_optional_time + gte: 2024-10-23T07:00:00.000Z + lte: 2025-01-21T20:12:11.704Z + range: null + must: [] + must_not: + - exists: + field: kibana.alert.building_block_type + should: [] + must: [] + must_not: [] + should: [] + status: closed schema: oneOf: - $ref: '#/components/schemas/SetAlertsStatusByIds' @@ -699,6 +865,41 @@ paths: '200': content: application/json: + examples: + byId: + value: + batches: 1 + deleted: 0 + failures: [] + noops: 0 + requests_per_second: -1 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + throttled_until_millis: 0 + timed_out: false + took: 81 + total: 1 + updated: 1 + version_conflicts: 0 + byQuery: + value: + batches: 1 + deleted: 0 + failures: [] + noops: 0 + requests_per_second: -1 + retries: + bulk: 0 + search: 0 + throttled_millis: 0 + throttled_until_millis: 0 + timed_out: false + took: 100 + total: 17 + updated: 17 + version_conflicts: 0 schema: additionalProperties: true description: Elasticsearch update by query response @@ -738,6 +939,25 @@ paths: requestBody: content: application/json: + examples: + add: + value: + ids: + - >- + 549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e + tags: + tags_to_add: + - Duplicate + tags_to_remove: [] + remove: + value: + ids: + - >- + 549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e + tags: + tags_to_add: [] + tags_to_remove: + - Duplicate schema: type: object properties: @@ -756,6 +976,24 @@ paths: '200': content: application/json: + examples: + success: + value: + batches: '1,' + deleted: '0,' + failures: [] + noops: '0,' + requests_per_second: '-1,' + retries: + bulk: '0,' + search: 0 + throttled_millis: '0,' + throttled_until_millis: '0,' + timed_out: 'false,' + took: '68,' + total: '1,' + updated: '1,' + version_conflicts: '0,' schema: additionalProperties: true description: Elasticsearch update by query response @@ -806,22 +1044,28 @@ components: type: object properties: add: - description: A list of users ids to assign. items: - $ref: '#/components/schemas/NonEmptyString' + description: A list of users ids to assign. + format: nonempty + minLength: 1 + type: string type: array remove: - description: A list of users ids to unassign. items: - $ref: '#/components/schemas/NonEmptyString' + description: A list of users ids to unassign. + format: nonempty + minLength: 1 + type: string type: array required: - add - remove AlertIds: - description: A list of alerts ids. + description: A list of alerts `id`s. items: - $ref: '#/components/schemas/NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array AlertsIndex: @@ -843,6 +1087,9 @@ components: - additionalProperties: true type: object AlertStatus: + description: >- + The status of an alert, which can be `open`, `acknowledged`, + `in-progress`, or `closed`. enum: - open - closed @@ -896,8 +1143,16 @@ components: - suppress type: string AlertTag: - $ref: '#/components/schemas/NonEmptyString' + description: >- + Use alert tags to organize related alerts into categories that you can + filter and group. + format: nonempty + minLength: 1 + type: string AlertTags: + description: >- + List of keywords to organize related alerts into categories that you can + filter and group. items: $ref: '#/components/schemas/AlertTag' type: array @@ -5021,8 +5276,11 @@ components: type: object properties: signal_ids: + description: List of alert `id`s. items: - $ref: '#/components/schemas/NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array status: @@ -5048,6 +5306,7 @@ components: - query - status SetAlertTags: + description: Object with list of tags to add and remove. type: object properties: tags_to_add: diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml index b56090568f5f..6dbc0268ef8d 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml @@ -622,9 +622,11 @@ components: - microsoft_defender_endpoint type: string AlertIds: - description: A list of alerts ids. + description: A list of alerts `id`s. items: - $ref: '#/components/schemas/NonEmptyString' + format: nonempty + minLength: 1 + type: string minItems: 1 type: array CaseIds: @@ -905,11 +907,6 @@ components: type: string required: - hostStatuses - NonEmptyString: - description: A string that does not contain only whitespace characters - format: nonempty - minLength: 1 - type: string Page: default: 1 description: Page number diff --git a/x-pack/test/api_integration/services/security_solution_api.gen.ts b/x-pack/test/api_integration/services/security_solution_api.gen.ts index f6844cc77b45..e67545088241 100644 --- a/x-pack/test/api_integration/services/security_solution_api.gen.ts +++ b/x-pack/test/api_integration/services/security_solution_api.gen.ts @@ -1352,7 +1352,7 @@ finalize it. kibanaSpace: string = 'default' ) { return supertest - .post(routeWithNamespace('/api/detection_engine/signals/migration_status', kibanaSpace)) + .get(routeWithNamespace('/api/detection_engine/signals/migration_status', kibanaSpace)) .set('kbn-xsrf', 'true') .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')