Add open API specification for get case activity (#136465)

2025-04-24 17:59:23 -04:00 · 2022-07-21 07:14:44 -07:00 · 2022-07-21 07:14:44 -07:00 · bd6339ea02
commit bd6339ea02
parent cf8c9223af
34 changed files with 2013 additions and 1317 deletions
--- a/docs/api/cases/cases-api-add-comment.asciidoc
+++ b/docs/api/cases/cases-api-add-comment.asciidoc
@ -32,15 +32,15 @@ default space is used.
 === {api-request-body-title}

 `alertId`::
-(Required*, string) The alert identifier. It is required only when `type` is
-`alert`. preview:[]
+(Required*, string or array of strings) The alert identifier. It is required
+only when `type` is `alert`. If it is an array, `index` must also be an array. preview:[]

 `comment`::
 (Required*, string) The new comment. It is required only when `type` is `user`.

 `index`::
-(Required*, string) The alert index. It is required only when `type` is `alert`.
-preview:[]
+(Required*, string or array of strings) The alert index. It is required only
+when `type` is `alert`. If it is an array, `alertId` must also be an array. preview:[]

 `owner`::
 (Required, string) The application that owns the case. Valid values are:
--- a/docs/api/cases/cases-api-get-case-activity.asciidoc
+++ b/docs/api/cases/cases-api-get-case-activity.asciidoc
@ -4,7 +4,7 @@
 <titleabbrev>Get case activity</titleabbrev>
 ++++

-Returns all user activity for the specified case.
+Returns all user activity for a case.

 deprecated::[8.1.0]

@ -19,7 +19,7 @@ deprecated::[8.1.0]
 You must have `read` privileges for the *Cases* feature in the *Management*,
 *{observability}*, or *Security* section of the
 <<kibana-feature-privileges,{kib} feature privileges>>, depending on the
-`owner` of the cases you're seeking.
+`owner` of the case you're seeking.

 === {api-path-parms-title}

@ -38,11 +38,11 @@ default space is used.

 === {api-examples-title}

-Gets all activity for case ID `a18b38a0-71b0-11ea-a0b2-c51ea50a58e2`:
+Gets all activity for case ID `22df07d0-03b1-11ed-920c-974bfa104448`:

 [source,sh]
 --------------------------------------------------
-GET api/cases/a18b38a0-71b0-11ea-a0b2-c51ea50a58e2/user_actions
+GET api/cases/22df07d0-03b1-11ed-920c-974bfa104448/user_actions
 --------------------------------------------------
 // KIBANA

@ -52,55 +52,54 @@ The API returns a JSON object with all the activity for the case. For example:
 --------------------------------------------------
 [
  {
-    "created_at": "2022-12-16T14:34:48.709Z",
-    "created_by": {
-      "email": "",
-      "full_name": "",
-      "username": "elastic"
+    "created_at":"2022-07-14T20:11:24.947Z",
+    "created_by":{
+      "username":"elastic",
+      "email":null,
+      "full_name":null
    },
-    "owner": "securitySolution",
-    "action": "create",
-    "payload": {
-      "title": "User actions",
-      "tags": [
-        "user",
-        "actions"
-      ],
-      "connector": {
-        "fields": null,
-        "id": "none",
-        "name": "none",
-        "type": ".none"
+    "owner":"cases",
+    "action":"create",
+    "payload":{
+      "description":"A case description",
+      "title":"Case title 1",
+      "tags":["tag 1"],
+      "connector":{
+        "name":"none",
+        "type":".none",
+        "fields":null,
+        "id":"none"
      },
-      "settings": {
-        "syncAlerts": true
-      },
-      "owner": "cases",
-      "severity": "low",
-      "description": "migrating user actions",
-      "status": "open"  
+      "settings":{"syncAlerts":true},
+      "owner":"cases",
+      "severity":"low",
+      "status":"open"
    },
-    "type": "create_case",
-    "action_id": "5275af50-5e7d-11ec-9ee9-cd64f0b77b3c",
-    "case_id": "5257a000-5e7d-11ec-9ee9-cd64f0b77b3c",
-    "comment_id": null
+    "type":"create_case",
+    "action_id":"22fd3e30-03b1-11ed-920c-974bfa104448",
+    "case_id":"22df07d0-03b1-11ed-920c-974bfa104448",
+    "comment_id":null
  },
  {
-    "created_at": "2022-12-16T14:35:42.872Z",
-    "created_by": {
-      "email": "",
-      "full_name": "",
-      "username": "elastic"
+    "created_at":"2022-07-14T20:12:53.354Z",
+    "created_by":{
+      "username":"elastic",
+      "email":null,
+      "full_name":null
    },
-    "owner": "cases",
-    "action": "add", 
-    "payload": {
-      "tags": ["bubblegum"]
+    "owner":"cases",
+    "action":"create",
+    "payload":{
+      "comment":{
+        "type":"user",
+        "owner":"cases",
+        "comment":"A new comment"
+      }
    },
-    "type": "tags",
-    "action_id": "72e73240-5e7d-11ec-9ee9-cd64f0b77b3c",
-    "case_id": "5257a000-5e7d-11ec-9ee9-cd64f0b77b3c",
-    "comment_id": null
+    "type":"comment",
+    "action_id":"57af14a0-03b1-11ed-920c-974bfa104448",
+    "case_id":"22df07d0-03b1-11ed-920c-974bfa104448",
+    "comment_id":"578608d0-03b1-11ed-920c-974bfa104448"
  }
 ]
 --------------------------------------------------
--- a/docs/api/cases/cases-api-update-comment.asciidoc
+++ b/docs/api/cases/cases-api-update-comment.asciidoc
@ -32,8 +32,9 @@ default space is used.
 === {api-request-body-title}

 `alertId`::
-(Required*, string) The identifier for the alert. It is required only when
-`type` is `alert`. preview:[]
+(Required*, string or array of strings) The identifier for the alert. It is
+required only when `type` is `alert`. If it is an array, `index` must also be an
+array.preview:[]

 `comment`::
 (Required*, string) The updated comment. It is required only when `type` is
@ -44,7 +45,8 @@ default space is used.
 <<cases-api-get-comments>>.

 `index`::
-(Required*, string) The alert index. It is required only when `type` is `alert`.
+(Required*, string or array of strings) The alert index. It is required only
+when `type` is `alert`. If it is an array, `alertId` must also be an array.
 preview:[]

 `owner`::