github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.x] [EDR Workflows] OpenApi Missing Content - Endpoint Management (#212205) (#212491)

Browse source 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[EDR Workflows] OpenApi Missing Content - Endpoint Management
(#212205)](https://github.com/elastic/kibana/pull/212205)

<!--- Backport version: 9.6.6 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sorenlouv/backport)

<!--BACKPORT [{"author":{"name":"Konrad
Szwarc","email":"konrad.szwarc@elastic.co"},"sourceCommit":{"committedDate":"2025-02-25T13:18:56Z","message":"[EDR
Workflows] OpenApi Missing Content - Endpoint Management
(#212205)\n\nPart of DW team effort
-\nhttps://github.com/elastic/security-team/issues/11804\n\nThis PR
aligns the property/schema descriptions and examples in\nAsciiDocs with
OpenAPI schemas. The primary goal of this PR was not to\nextend or
enhance the documentation but to migrate from one system
to\nanother.\n\nAscii docs
-\nhttps://www.elastic.co/guide/en/kibana/8.17/osquery-manager-api.html\nOpenApi
generated docs
-\nhttps://www.elastic.co/docs/api/doc/kibana/operation/operation-endpointgetactionslist\n\nChanges:\n\nCopied
missing property descriptions from AsciiDoc to OpenApi
properties\nCopied existing AsciiDoc examples for both requests and
responses\nFixed falsy query object in some GET requests - in OpenApi it
was\ndefined as an object, not as path query
params.\n\n---------\n\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by:
natasha-moore-elastic
<137783811+natasha-moore-elastic@users.noreply.github.com>","sha":"3492f12c6c47d36de200682e43fae5684dbf49bb","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Defend
Workflows","backport:prev-major","v8.16.0","v8.17.0","v8.18.0","v9.1.0","v8.17.3","v8.16.5"],"title":"[EDR
Workflows] OpenApi Missing Content - Endpoint
Management","number":212205,"url":"https://github.com/elastic/kibana/pull/212205","mergeCommit":{"message":"[EDR
Workflows] OpenApi Missing Content - Endpoint Management
(#212205)\n\nPart of DW team effort
-\nhttps://github.com/elastic/security-team/issues/11804\n\nThis PR
aligns the property/schema descriptions and examples in\nAsciiDocs with
OpenAPI schemas. The primary goal of this PR was not to\nextend or
enhance the documentation but to migrate from one system
to\nanother.\n\nAscii docs
-\nhttps://www.elastic.co/guide/en/kibana/8.17/osquery-manager-api.html\nOpenApi
generated docs
-\nhttps://www.elastic.co/docs/api/doc/kibana/operation/operation-endpointgetactionslist\n\nChanges:\n\nCopied
missing property descriptions from AsciiDoc to OpenApi
properties\nCopied existing AsciiDoc examples for both requests and
responses\nFixed falsy query object in some GET requests - in OpenApi it
was\ndefined as an object, not as path query
params.\n\n---------\n\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by:
natasha-moore-elastic
<137783811+natasha-moore-elastic@users.noreply.github.com>","sha":"3492f12c6c47d36de200682e43fae5684dbf49bb"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/212374","number":212374,"state":"MERGED","mergeCommit":{"sha":"b04883c3bd71119437692d8b679c1d2941d6ee8c","message":"[9.0]
[EDR Workflows] OpenApi Missing Content - Endpoint Management (#212205)
(#212374)\n\n# Backport\n\nThis will backport the following commits from
`main` to `9.0`:\n- [[EDR Workflows] OpenApi Missing Content - Endpoint
Management\n(#212205)](https://github.com/elastic/kibana/pull/212205)\n\n\n\n###
Questions ?\nPlease refer to the [Backport
tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\nCo-authored-by:
Konrad Szwarc
<konrad.szwarc@elastic.co>"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/212389","number":212389,"state":"MERGED","mergeCommit":{"sha":"279b42370ee6166bb03fb993ee8682c4b7181876","message":"[8.16]
[EDR Workflows] OpenApi Missing Content - Endpoint Management (#212205)
(#212389)\n\n# Backport\n\nThis will backport the following commits from
`main` to `8.16`:\n- [[EDR Workflows] OpenApi Missing Content - Endpoint
Management\n(#212205)](https://github.com/elastic/kibana/pull/212205)\n\n\n\n###
Questions ?\nPlease refer to the [Backport
tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\n---------\n\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>"}},{"branch":"8.17","label":"v8.17.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/212387","number":212387,"state":"MERGED","mergeCommit":{"sha":"83391ca5d980c6d26f0337be63454116c319bbf1","message":"[8.17]
[EDR Workflows] OpenApi Missing Content - Endpoint Management (#212205)
(#212387)\n\n# Backport\n\nThis will backport the following commits from
`main` to `8.17`:\n- [[EDR Workflows] OpenApi Missing Content - Endpoint
Management\n(#212205)](https://github.com/elastic/kibana/pull/212205)\n\n\n\n###
Questions ?\nPlease refer to the [Backport
tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\n---------\n\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>"}},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/212373","number":212373,"state":"MERGED","mergeCommit":{"sha":"d371f5cf34bfcea45e8316d2d99e361ab5527f7b","message":"[8.18]
[EDR Workflows] OpenApi Missing Content - Endpoint Management (#212205)
(#212373)\n\n# Backport\n\nThis will backport the following commits from
`main` to `8.18`:\n- [[EDR Workflows] OpenApi Missing Content - Endpoint
Management\n(#212205)](https://github.com/elastic/kibana/pull/212205)\n\n\n\n###
Questions ?\nPlease refer to the [Backport
tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\n---------\n\nCo-authored-by:
Konrad Szwarc
<konrad.szwarc@elastic.co>"}},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/212205","number":212205,"mergeCommit":{"message":"[EDR
Workflows] OpenApi Missing Content - Endpoint Management
(#212205)\n\nPart of DW team effort
-\nhttps://github.com/elastic/security-team/issues/11804\n\nThis PR
aligns the property/schema descriptions and examples in\nAsciiDocs with
OpenAPI schemas. The primary goal of this PR was not to\nextend or
enhance the documentation but to migrate from one system
to\nanother.\n\nAscii docs
-\nhttps://www.elastic.co/guide/en/kibana/8.17/osquery-manager-api.html\nOpenApi
generated docs
-\nhttps://www.elastic.co/docs/api/doc/kibana/operation/operation-endpointgetactionslist\n\nChanges:\n\nCopied
missing property descriptions from AsciiDoc to OpenApi
properties\nCopied existing AsciiDoc examples for both requests and
responses\nFixed falsy query object in some GET requests - in OpenApi it
was\ndefined as an object, not as path query
params.\n\n---------\n\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by:
natasha-moore-elastic
<137783811+natasha-moore-elastic@users.noreply.github.com>","sha":"3492f12c6c47d36de200682e43fae5684dbf49bb"}}]}]
BACKPORT-->

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Konrad Szwarc 2025-02-26 13:21:07 +01:00 committed by GitHub
parent 33d2621b1c
commit c7d2770ffb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 1733 additions and 286 deletions
Download patch file Download diff file Expand all files Collapse all files

391
oas_docs/output/kibana.serverless.yaml
View file

@ -7405,16 +7405,41 @@ paths:
operationId: GetEndpointMetadataList
parameters:
- in: query
name: query
name: page
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_Page'
- in: query
name: pageSize
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_PageSize'
- in: query
name: kuery
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_Kuery'
- in: query
name: hostStatuses
required: true
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_ListRequestQuery'
$ref: '#/components/schemas/Security_Endpoint_Management_API_HostStatuses'
- in: query
name: sortField
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_SortField'
- in: query
name: sortDirection
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_SortDirection'
responses:
'200':
content:
application/json; Elastic-Api-Version=2023-10-31:
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_SuccessResponse'
$ref: '#/components/schemas/Security_Endpoint_Management_API_MetadataListResponse'
description: OK
summary: Get a metadata list
tags:
@ -7428,13 +7453,14 @@ paths:
name: id
required: true
schema:
example: ed518850-681a-4d60-bb98-e22640cae2a8
type: string
responses:
'200':
content:
application/json; Elastic-Api-Version=2023-10-31:
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_SuccessResponse'
$ref: '#/components/schemas/Security_Endpoint_Management_API_EndpointMetadataResponse'
description: OK
summary: Get metadata
tags:
@ -47174,6 +47200,92 @@ components:
type: string
minItems: 1
type: array
Security_Endpoint_Management_API_EndpointMetadataResponse:
example:
host_status: healthy
last_checkin: '2023-07-04T15:48:57.360Z'
metadata:
'@timestamp': '2023-07-04T15:48:57.3609346Z'
agent:
build:
original: 'version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab'
id: abb8a826-6812-448c-a571-6d8269b51449
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: abb8a826-6812-448c-a571-6d8269b51449
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:48:57.3609346Z'
dataset: endpoint.metadata
id: MNtRc++KoKHXXwlj+++++OhZ
ingested: '2023-07-04T15:48:58Z'
kind: metric
module: endpoint
sequence: 43757
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: 17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5
ip:
- 10.0.2.15
- fe80::21a6:63d3:d70e:e3ad
- 127.0.0.1
- '::1'
mac:
- 08:00:27:b1:1d:5a
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: 20H2 (10.0.19042.906)
name: Windows
platform: windows
type: windows
version: 20H2 (10.0.19042.906)
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
type: object
properties: {}
Security_Endpoint_Management_API_EntityId:
type: object
properties:
@ -47301,6 +47413,20 @@ components:
type: integer
required:
- hostPath
Security_Endpoint_Management_API_HostStatuses:
description: A set of agent health statuses to filter by.
example:
- healthy
- updating
items:
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
type: string
type: array
Security_Endpoint_Management_API_IsolateRouteRequestBody:
type: object
properties:
@ -47350,61 +47476,195 @@ components:
type: string
required:
- parameters
Security_Endpoint_Management_API_ListRequestQuery:
type: object
properties:
hostStatuses:
items:
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
type: string
type: array
kuery:
nullable: true
type: string
page:
default: 0
description: Page number
minimum: 0
type: integer
pageSize:
default: 10
description: Number of items per page
maximum: 10000
minimum: 1
type: integer
sortDirection:
enum:
- asc
- desc
nullable: true
type: string
sortField:
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
type: string
required:
- hostStatuses
Security_Endpoint_Management_API_NonEmptyString:
description: A string that is not empty and does not contain only whitespace
minLength: 1
pattern: ^(?! *$).+$
Security_Endpoint_Management_API_Kuery:
description: A KQL string.
example: 'united.endpoint.host.os.name : ''Windows'''
type: string
Security_Endpoint_Management_API_MetadataListResponse:
example:
data:
- host_status: healthy
last_checkin: '2023-07-04T15:47:57.432Z'
metadata:
'@timestamp': '2023-07-04T15:47:57.432173535Z'
agent:
build:
original: 'version: 7.16.0, compiled: Tue Nov 16 16:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab'
id: 285297c6-3bff-4b83-9a07-f3e749801123
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: 285297c6-3bff-4b83-9a07-f3e749801123
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:47:57.432173535Z'
dataset: endpoint.metadata
id: MNtSXK/SkhEBnmgt++++++7S
ingested: '2023-07-04T15:47:58Z'
kind: metric
module: endpoint
sequence: 400
type:
- info
host:
architecture: x86_64
hostname: david-Xubuntu
id: 0cfead88e2024bd8a27476352b5ab264
ip:
- 127.0.0.1
- '::1'
- 10.0.2.15
- fe80::2ac7:8e15:b957:2fa1
mac:
- 08:00:27:e6:78:8b
name: david-Xubuntu
os:
Ext:
variant: Ubuntu
family: ubuntu
full: Ubuntu 20.04.2
kernel: '5.8.0-59-generic #66~20.04.1-Ubuntu SMP Thu Jun 17 11:14:10 UTC 2021'
name: Linux
platform: ubuntu
type: linux
version: 20.04.2
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 0
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
- host_status: healthy
last_checkin: '2023-07-04T15:44:31.491Z'
metadata:
'@timestamp': '2023-07-04T15:44:31.4917849Z'
agent:
build:
original: 'version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab'
id: abb8a826-6812-448c-a571-6d8269b51449
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: abb8a826-6812-448c-a571-6d8269b51449
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:44:31.4917849Z'
dataset: endpoint.metadata
id: MNtRc++KoKHXXwlj+++++/N9
ingested: '2023-07-04T15:44:33Z'
kind: metric
module: endpoint
sequence: 5159
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: 17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5
ip:
- 10.0.2.15
- fe80::21a6:63d3:d70e:e3ad
- 127.0.0.1
- '::1'
mac:
- 08:00:27:b1:1d:5a
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: 20H2 (10.0.19042.906)
name: Windows
platform: windows
type: windows
version: 20H2 (10.0.19042.906)
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 0
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
page: 0
pageSize: 10
sortDirection: desc
sortField: enrolled_at
total: 2
type: object
properties: {}
Security_Endpoint_Management_API_Page:
default: 1
description: Page number
example: 1
minimum: 1
type: integer
Security_Endpoint_Management_API_PageSize:
default: 10
description: Number of items per page
example: 10
maximum: 100
minimum: 1
type: integer
Security_Endpoint_Management_API_Parameters:
@ -47504,6 +47764,27 @@ components:
- path
required:
- parameters
Security_Endpoint_Management_API_SortDirection:
description: Determines the sort order.
enum:
- asc
- desc
example: desc
type: string
Security_Endpoint_Management_API_SortField:
description: Determines which field is used to sort the results.
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
example: enrolled_at
type: string
Security_Endpoint_Management_API_StartDate:
description: Start date
type: string

380
oas_docs/output/kibana.yaml
View file

@ -12867,16 +12867,41 @@ paths:
operationId: GetEndpointMetadataList
parameters:
- in: query
name: query
name: page
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_Page'
- in: query
name: pageSize
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_PageSize'
- in: query
name: kuery
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_Kuery'
- in: query
name: hostStatuses
required: true
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_ListRequestQuery'
$ref: '#/components/schemas/Security_Endpoint_Management_API_HostStatuses'
- in: query
name: sortField
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_SortField'
- in: query
name: sortDirection
required: false
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_SortDirection'
responses:
'200':
content:
application/json; Elastic-Api-Version=2023-10-31:
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_SuccessResponse'
$ref: '#/components/schemas/Security_Endpoint_Management_API_MetadataListResponse'
description: OK
summary: Get a metadata list
tags:
@ -12889,13 +12914,14 @@ paths:
name: id
required: true
schema:
example: ed518850-681a-4d60-bb98-e22640cae2a8
type: string
responses:
'200':
content:
application/json; Elastic-Api-Version=2023-10-31:
schema:
$ref: '#/components/schemas/Security_Endpoint_Management_API_SuccessResponse'
$ref: '#/components/schemas/Security_Endpoint_Management_API_EndpointMetadataResponse'
description: OK
summary: Get metadata
tags:
@ -35558,6 +35584,92 @@ components:
type: string
minItems: 1
type: array
Security_Endpoint_Management_API_EndpointMetadataResponse:
example:
host_status: healthy
last_checkin: '2023-07-04T15:48:57.360Z'
metadata:
'@timestamp': '2023-07-04T15:48:57.3609346Z'
agent:
build:
original: 'version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab'
id: abb8a826-6812-448c-a571-6d8269b51449
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: abb8a826-6812-448c-a571-6d8269b51449
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:48:57.3609346Z'
dataset: endpoint.metadata
id: MNtRc++KoKHXXwlj+++++OhZ
ingested: '2023-07-04T15:48:58Z'
kind: metric
module: endpoint
sequence: 43757
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: 17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5
ip:
- 10.0.2.15
- fe80::21a6:63d3:d70e:e3ad
- 127.0.0.1
- '::1'
mac:
- 08:00:27:b1:1d:5a
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: 20H2 (10.0.19042.906)
name: Windows
platform: windows
type: windows
version: 20H2 (10.0.19042.906)
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
type: object
properties: {}
Security_Endpoint_Management_API_EntityId:
type: object
properties:
@ -35685,6 +35797,20 @@ components:
type: integer
required:
- hostPath
Security_Endpoint_Management_API_HostStatuses:
description: A set of agent health statuses to filter by.
example:
- healthy
- updating
items:
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
type: string
type: array
Security_Endpoint_Management_API_IsolateRouteRequestBody:
type: object
properties:
@ -35734,53 +35860,184 @@ components:
type: string
required:
- parameters
Security_Endpoint_Management_API_ListRequestQuery:
Security_Endpoint_Management_API_Kuery:
description: A KQL string.
example: 'united.endpoint.host.os.name : ''Windows'''
type: string
Security_Endpoint_Management_API_MetadataListResponse:
example:
data:
- host_status: healthy
last_checkin: '2023-07-04T15:47:57.432Z'
metadata:
'@timestamp': '2023-07-04T15:47:57.432173535Z'
agent:
build:
original: 'version: 7.16.0, compiled: Tue Nov 16 16:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab'
id: 285297c6-3bff-4b83-9a07-f3e749801123
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: 285297c6-3bff-4b83-9a07-f3e749801123
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:47:57.432173535Z'
dataset: endpoint.metadata
id: MNtSXK/SkhEBnmgt++++++7S
ingested: '2023-07-04T15:47:58Z'
kind: metric
module: endpoint
sequence: 400
type:
- info
host:
architecture: x86_64
hostname: david-Xubuntu
id: 0cfead88e2024bd8a27476352b5ab264
ip:
- 127.0.0.1
- '::1'
- 10.0.2.15
- fe80::2ac7:8e15:b957:2fa1
mac:
- 08:00:27:e6:78:8b
name: david-Xubuntu
os:
Ext:
variant: Ubuntu
family: ubuntu
full: Ubuntu 20.04.2
kernel: '5.8.0-59-generic #66~20.04.1-Ubuntu SMP Thu Jun 17 11:14:10 UTC 2021'
name: Linux
platform: ubuntu
type: linux
version: 20.04.2
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 0
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
- host_status: healthy
last_checkin: '2023-07-04T15:44:31.491Z'
metadata:
'@timestamp': '2023-07-04T15:44:31.4917849Z'
agent:
build:
original: 'version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab'
id: abb8a826-6812-448c-a571-6d8269b51449
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: abb8a826-6812-448c-a571-6d8269b51449
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:44:31.4917849Z'
dataset: endpoint.metadata
id: MNtRc++KoKHXXwlj+++++/N9
ingested: '2023-07-04T15:44:33Z'
kind: metric
module: endpoint
sequence: 5159
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: 17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5
ip:
- 10.0.2.15
- fe80::21a6:63d3:d70e:e3ad
- 127.0.0.1
- '::1'
mac:
- 08:00:27:b1:1d:5a
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: 20H2 (10.0.19042.906)
name: Windows
platform: windows
type: windows
version: 20H2 (10.0.19042.906)
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 0
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
page: 0
pageSize: 10
sortDirection: desc
sortField: enrolled_at
total: 2
type: object
properties:
hostStatuses:
items:
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
type: string
type: array
kuery:
nullable: true
type: string
page:
default: 0
description: Page number
minimum: 0
type: integer
pageSize:
default: 10
description: Number of items per page
maximum: 10000
minimum: 1
type: integer
sortDirection:
enum:
- asc
- desc
nullable: true
type: string
sortField:
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
type: string
required:
- hostStatuses
properties: {}
Security_Endpoint_Management_API_NonEmptyString:
description: A string that does not contain only whitespace characters
format: nonempty
@ -35789,11 +36046,13 @@ components:
Security_Endpoint_Management_API_Page:
default: 1
description: Page number
example: 1
minimum: 1
type: integer
Security_Endpoint_Management_API_PageSize:
default: 10
description: Number of items per page
example: 10
maximum: 100
minimum: 1
type: integer
@ -35894,6 +36153,27 @@ components:
- path
required:
- parameters
Security_Endpoint_Management_API_SortDirection:
description: Determines the sort order.
enum:
- asc
- desc
example: desc
type: string
Security_Endpoint_Management_API_SortField:
description: Determines which field is used to sort the results.
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
example: enrolled_at
type: string
Security_Endpoint_Management_API_StartDate:
description: Start date
type: string

20
x-pack/solutions/security/plugins/security_solution/common/api/endpoint/metadata/get_metadata.gen.ts
View file

@ -16,18 +16,30 @@
import { z } from '@kbn/zod';
import { ListRequestQuery } from './list_metadata.gen';
import { SuccessResponse } from '../model/schema/common.gen';
import {
Page,
PageSize,
Kuery,
HostStatuses,
SortField,
SortDirection,
} from '../model/schema/common.gen';
import { MetadataListResponse } from './list_metadata.gen';
export type GetEndpointMetadataListRequestQuery = z.infer<
typeof GetEndpointMetadataListRequestQuery
>;
export const GetEndpointMetadataListRequestQuery = z.object({
query: ListRequestQuery,
page: Page.optional(),
pageSize: PageSize.optional(),
kuery: Kuery.optional(),
hostStatuses: HostStatuses,
sortField: SortField.optional(),
sortDirection: SortDirection.optional(),
});
export type GetEndpointMetadataListRequestQueryInput = z.input<
typeof GetEndpointMetadataListRequestQuery
>;
export type GetEndpointMetadataListResponse = z.infer<typeof GetEndpointMetadataListResponse>;
export const GetEndpointMetadataListResponse = SuccessResponse;
export const GetEndpointMetadataListResponse = MetadataListResponse;

34
x-pack/solutions/security/plugins/security_solution/common/api/endpoint/metadata/get_metadata.schema.yaml
View file

@ -10,18 +10,43 @@ paths:
x-codegen-enabled: true
x-labels: [ess, serverless]
parameters:
- name: query
- name: page
in: query
required: false
schema:
$ref: '../model/schema/common.schema.yaml#/components/schemas/Page'
- name: pageSize
in: query
required: false
schema:
$ref: '../model/schema/common.schema.yaml#/components/schemas/PageSize'
- name: kuery
in: query
required: false
schema:
$ref: '../model/schema/common.schema.yaml#/components/schemas/Kuery'
- name: hostStatuses
in: query
required: true
schema:
$ref: './list_metadata.schema.yaml#/components/schemas/ListRequestQuery'
$ref: '../model/schema/common.schema.yaml#/components/schemas/HostStatuses'
- name: sortField
in: query
required: false
schema:
$ref: '../model/schema/common.schema.yaml#/components/schemas/SortField'
- name: sortDirection
in: query
required: false
schema:
$ref: '../model/schema/common.schema.yaml#/components/schemas/SortDirection'
responses:
'200':
description: OK
content:
application/json:
schema:
$ref: '../model/schema/common.schema.yaml#/components/schemas/SuccessResponse'
$ref: './list_metadata.schema.yaml#/components/schemas/MetadataListResponse'
/api/endpoint/metadata/transforms:
get:
@ -50,10 +75,11 @@ paths:
required: true
schema:
type: string
example: 'ed518850-681a-4d60-bb98-e22640cae2a8'
responses:
'200':
description: OK
content:
application/json:
schema:
$ref: '../model/schema/common.schema.yaml#/components/schemas/SuccessResponse'
$ref: './list_metadata.schema.yaml#/components/schemas/EndpointMetadataResponse'

32
x-pack/solutions/security/plugins/security_solution/common/api/endpoint/metadata/list_metadata.gen.ts
View file

@ -16,30 +16,8 @@
import { z } from '@kbn/zod';
export type ListRequestQuery = z.infer<typeof ListRequestQuery>;
export const ListRequestQuery = z.object({
/**
* Page number
*/
page: z.number().int().min(0).optional().default(0),
/**
* Number of items per page
*/
pageSize: z.number().int().min(1).max(10000).optional().default(10),
kuery: z.string().nullable().optional(),
sortField: z
.enum([
'enrolled_at',
'metadata.host.hostname',
'host_status',
'metadata.Endpoint.policy.applied.name',
'metadata.Endpoint.policy.applied.status',
'metadata.host.os.name',
'metadata.host.ip',
'metadata.agent.version',
'last_checkin',
])
.optional(),
sortDirection: z.enum(['asc', 'desc']).nullable().optional(),
hostStatuses: z.array(z.enum(['healthy', 'offline', 'updating', 'inactive', 'unenrolled'])),
});
export type EndpointMetadataResponse = z.infer<typeof EndpointMetadataResponse>;
export const EndpointMetadataResponse = z.object({});
export type MetadataListResponse = z.infer<typeof MetadataListResponse>;
export const MetadataListResponse = z.object({});

307
x-pack/solutions/security/plugins/security_solution/common/api/endpoint/metadata/list_metadata.schema.yaml
View file

@ -5,50 +5,265 @@ info:
paths: { }
components:
schemas:
ListRequestQuery:
EndpointMetadataResponse:
type: object
required:
- hostStatuses
properties:
page:
type: integer
default: 0
minimum: 0
description: Page number
pageSize:
type: integer
default: 10
minimum: 1
maximum: 10000
description: Number of items per page
kuery:
type: string
nullable: true
sortField:
type: string
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
sortDirection:
type: string
enum:
- 'asc'
- 'desc'
nullable: true
hostStatuses:
type: array
items:
type: string
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
properties: { }
example:
host_status: "healthy"
last_checkin: "2023-07-04T15:48:57.360Z"
metadata:
"@timestamp": "2023-07-04T15:48:57.3609346Z"
Endpoint:
capabilities:
- "isolation"
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: "2"
id: "d5371dcd-93b7-4627-af88-4084f7d6aa3e"
name: "test"
status: "success"
version: "3"
state:
isolation: false
status: "enrolled"
agent:
build:
original: "version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab"
id: "abb8a826-6812-448c-a571-6d8269b51449"
type: "endpoint"
version: "7.16.0"
data_stream:
dataset: "endpoint.metadata"
namespace: "default"
type: "metrics"
ecs:
version: "1.11.0"
elastic:
agent:
id: "abb8a826-6812-448c-a571-6d8269b51449"
event:
action: "endpoint_metadata"
agent_id_status: "verified"
category:
- "host"
created: "2023-07-04T15:48:57.3609346Z"
dataset: "endpoint.metadata"
id: "MNtRc++KoKHXXwlj+++++OhZ"
ingested: "2023-07-04T15:48:58Z"
kind: "metric"
module: "endpoint"
sequence: 43757
type:
- "info"
host:
architecture: "x86_64"
hostname: "WinDev2104Eval"
id: "17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5"
ip:
- "10.0.2.15"
- "fe80::21a6:63d3:d70e:e3ad"
- "127.0.0.1"
- "::1"
mac:
- "08:00:27:b1:1d:5a"
name: "WinDev2104Eval"
os:
Ext:
variant: "Windows 10 Enterprise Evaluation"
family: "windows"
full: "Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)"
kernel: "20H2 (10.0.19042.906)"
name: "Windows"
platform: "windows"
type: "windows"
version: "20H2 (10.0.19042.906)"
message: "Endpoint metadata"
policy_info:
agent:
applied:
id: "ed7e3720-4bad-11ec-a2a8-fb22e62a5753"
revision: 3
configured:
id: "ed7e3720-4bad-11ec-a2a8-fb22e62a5753"
revision: 3
endpoint:
id: "d5371dcd-93b7-4627-af88-4084f7d6aa3e"
revision: 2
MetadataListResponse:
type: object
properties: {}
example:
data:
- host_status: healthy
last_checkin: "2023-07-04T15:47:57.432Z"
metadata:
"@timestamp": "2023-07-04T15:47:57.432173535Z"
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: "2"
id: "d5371dcd-93b7-4627-af88-4084f7d6aa3e"
name: test
status: success
version: "3"
state:
isolation: false
status: enrolled
agent:
build:
original: "version: 7.16.0, compiled: Tue Nov 16 16:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab"
id: "285297c6-3bff-4b83-9a07-f3e749801123"
type: endpoint
version: "7.16.0"
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: "1.11.0"
elastic:
agent:
id: "285297c6-3bff-4b83-9a07-f3e749801123"
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: "2023-07-04T15:47:57.432173535Z"
dataset: endpoint.metadata
id: "MNtSXK/SkhEBnmgt++++++7S"
ingested: "2023-07-04T15:47:58Z"
kind: metric
module: endpoint
sequence: 400
type:
- info
host:
architecture: x86_64
hostname: david-Xubuntu
id: "0cfead88e2024bd8a27476352b5ab264"
ip:
- "127.0.0.1"
- "::1"
- "10.0.2.15"
- "fe80::2ac7:8e15:b957:2fa1"
mac:
- "08:00:27:e6:78:8b"
name: david-Xubuntu
os:
Ext:
variant: Ubuntu
family: ubuntu
full: Ubuntu 20.04.2
kernel: "5.8.0-59-generic #66~20.04.1-Ubuntu SMP Thu Jun 17 11:14:10 UTC 2021"
name: Linux
platform: ubuntu
type: linux
version: "20.04.2"
message: Endpoint metadata
policy_info:
agent:
applied:
id: "ed7e3720-4bad-11ec-a2a8-fb22e62a5753"
revision: 0
configured:
id: "ed7e3720-4bad-11ec-a2a8-fb22e62a5753"
revision: 3
endpoint:
id: "d5371dcd-93b7-4627-af88-4084f7d6aa3e"
revision: 2
- host_status: healthy
last_checkin: "2023-07-04T15:44:31.491Z"
metadata:
"@timestamp": "2023-07-04T15:44:31.4917849Z"
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: "2"
id: "d5371dcd-93b7-4627-af88-4084f7d6aa3e"
name: test
status: success
version: "3"
state:
isolation: false
status: enrolled
agent:
build:
original: "version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab"
id: "abb8a826-6812-448c-a571-6d8269b51449"
type: endpoint
version: "7.16.0"
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: "1.11.0"
elastic:
agent:
id: "abb8a826-6812-448c-a571-6d8269b51449"
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: "2023-07-04T15:44:31.4917849Z"
dataset: endpoint.metadata
id: "MNtRc++KoKHXXwlj+++++/N9"
ingested: "2023-07-04T15:44:33Z"
kind: metric
module: endpoint
sequence: 5159
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: "17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5"
ip:
- "10.0.2.15"
- "fe80::21a6:63d3:d70e:e3ad"
- "127.0.0.1"
- "::1"
mac:
- "08:00:27:b1:1d:5a"
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: "20H2 (10.0.19042.906)"
name: Windows
platform: windows
type: windows
version: "20H2 (10.0.19042.906)"
message: Endpoint metadata
policy_info:
agent:
applied:
id: "ed7e3720-4bad-11ec-a2a8-fb22e62a5753"
revision: 0
configured:
id: "ed7e3720-4bad-11ec-a2a8-fb22e62a5753"
revision: 3
endpoint:
id: "d5371dcd-93b7-4627-af88-4084f7d6aa3e"
revision: 2
total: 2
page: 0
pageSize: 10
sortField: enrolled_at
sortDirection: desc

40
x-pack/solutions/security/plugins/security_solution/common/api/endpoint/model/schema/common.gen.ts
View file

@ -54,6 +54,46 @@ export const EndDate = z.string();
export type AgentId = z.infer<typeof AgentId>;
export const AgentId = z.string();
/**
* A KQL string.
*/
export type Kuery = z.infer<typeof Kuery>;
export const Kuery = z.string();
/**
* A set of agent health statuses to filter by.
*/
export type HostStatuses = z.infer<typeof HostStatuses>;
export const HostStatuses = z.array(
z.enum(['healthy', 'offline', 'updating', 'inactive', 'unenrolled'])
);
/**
* Determines the sort order.
*/
export type SortDirection = z.infer<typeof SortDirection>;
export const SortDirection = z.enum(['asc', 'desc']);
export type SortDirectionEnum = typeof SortDirection.enum;
export const SortDirectionEnum = SortDirection.enum;
/**
* Determines which field is used to sort the results.
*/
export type SortField = z.infer<typeof SortField>;
export const SortField = z.enum([
'enrolled_at',
'metadata.host.hostname',
'host_status',
'metadata.Endpoint.policy.applied.name',
'metadata.Endpoint.policy.applied.status',
'metadata.host.os.name',
'metadata.host.ip',
'metadata.agent.version',
'last_checkin',
]);
export type SortFieldEnum = typeof SortField.enum;
export const SortFieldEnum = SortField.enum;
export type AgentIds = z.infer<typeof AgentIds>;
export const AgentIds = z.union([z.array(z.string().min(1)).min(1).max(50), z.string().min(1)]);

39
x-pack/solutions/security/plugins/security_solution/common/api/endpoint/model/schema/common.schema.yaml
View file

@ -15,12 +15,14 @@ components:
default: 1
minimum: 1
description: Page number
example: 1
PageSize:
type: integer
default: 10
minimum: 1
maximum: 100
description: Number of items per page
example: 10
StartDate:
type: string
description: Start date
@ -30,6 +32,43 @@ components:
AgentId:
type: string
description: Agent ID
Kuery:
type: string
description: A KQL string.
example: "united.endpoint.host.os.name : 'Windows'"
HostStatuses:
type: array
description: A set of agent health statuses to filter by.
example: [ "healthy", "updating" ]
items:
type: string
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
SortDirection:
type: string
description: Determines the sort order.
example: desc
enum:
- asc
- desc
SortField:
type: string
description: Determines which field is used to sort the results.
example: enrolled_at
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
AgentIds:
oneOf:

388
x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml
View file

@ -423,16 +423,41 @@ paths:
operationId: GetEndpointMetadataList
parameters:
- in: query
name: query
name: page
required: false
schema:
$ref: '#/components/schemas/Page'
- in: query
name: pageSize
required: false
schema:
$ref: '#/components/schemas/PageSize'
- in: query
name: kuery
required: false
schema:
$ref: '#/components/schemas/Kuery'
- in: query
name: hostStatuses
required: true
schema:
$ref: '#/components/schemas/ListRequestQuery'
$ref: '#/components/schemas/HostStatuses'
- in: query
name: sortField
required: false
schema:
$ref: '#/components/schemas/SortField'
- in: query
name: sortDirection
required: false
schema:
$ref: '#/components/schemas/SortDirection'
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SuccessResponse'
$ref: '#/components/schemas/MetadataListResponse'
description: OK
summary: Get a metadata list
tags:
@ -445,13 +470,14 @@ paths:
name: id
required: true
schema:
example: ed518850-681a-4d60-bb98-e22640cae2a8
type: string
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SuccessResponse'
$ref: '#/components/schemas/EndpointMetadataResponse'
description: OK
summary: Get metadata
tags:
@ -782,6 +808,94 @@ components:
type: string
minItems: 1
type: array
EndpointMetadataResponse:
example:
host_status: healthy
last_checkin: '2023-07-04T15:48:57.360Z'
metadata:
'@timestamp': '2023-07-04T15:48:57.3609346Z'
agent:
build:
original: >-
version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch:
7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab
id: abb8a826-6812-448c-a571-6d8269b51449
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: abb8a826-6812-448c-a571-6d8269b51449
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:48:57.3609346Z'
dataset: endpoint.metadata
id: MNtRc++KoKHXXwlj+++++OhZ
ingested: '2023-07-04T15:48:58Z'
kind: metric
module: endpoint
sequence: 43757
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: 17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5
ip:
- 10.0.2.15
- 'fe80::21a6:63d3:d70e:e3ad'
- 127.0.0.1
- '::1'
mac:
- '08:00:27:b1:1d:5a'
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: 20H2 (10.0.19042.906)
name: Windows
platform: windows
type: windows
version: 20H2 (10.0.19042.906)
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
type: object
properties: {}
EntityId:
type: object
properties:
@ -909,6 +1023,20 @@ components:
type: integer
required:
- hostPath
HostStatuses:
description: A set of agent health statuses to filter by.
example:
- healthy
- updating
items:
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
type: string
type: array
IsolateRouteRequestBody:
type: object
properties:
@ -958,53 +1086,190 @@ components:
type: string
required:
- parameters
ListRequestQuery:
Kuery:
description: A KQL string.
example: 'united.endpoint.host.os.name : ''Windows'''
type: string
MetadataListResponse:
example:
data:
- host_status: healthy
last_checkin: '2023-07-04T15:47:57.432Z'
metadata:
'@timestamp': '2023-07-04T15:47:57.432173535Z'
agent:
build:
original: >-
version: 7.16.0, compiled: Tue Nov 16 16:00:00 2021, branch:
7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab
id: 285297c6-3bff-4b83-9a07-f3e749801123
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: 285297c6-3bff-4b83-9a07-f3e749801123
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:47:57.432173535Z'
dataset: endpoint.metadata
id: MNtSXK/SkhEBnmgt++++++7S
ingested: '2023-07-04T15:47:58Z'
kind: metric
module: endpoint
sequence: 400
type:
- info
host:
architecture: x86_64
hostname: david-Xubuntu
id: 0cfead88e2024bd8a27476352b5ab264
ip:
- 127.0.0.1
- '::1'
- 10.0.2.15
- 'fe80::2ac7:8e15:b957:2fa1'
mac:
- '08:00:27:e6:78:8b'
name: david-Xubuntu
os:
Ext:
variant: Ubuntu
family: ubuntu
full: Ubuntu 20.04.2
kernel: >-
5.8.0-59-generic #66~20.04.1-Ubuntu SMP Thu Jun 17 11:14:10
UTC 2021
name: Linux
platform: ubuntu
type: linux
version: 20.04.2
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 0
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
- host_status: healthy
last_checkin: '2023-07-04T15:44:31.491Z'
metadata:
'@timestamp': '2023-07-04T15:44:31.4917849Z'
agent:
build:
original: >-
version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch:
7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab
id: abb8a826-6812-448c-a571-6d8269b51449
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: abb8a826-6812-448c-a571-6d8269b51449
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:44:31.4917849Z'
dataset: endpoint.metadata
id: MNtRc++KoKHXXwlj+++++/N9
ingested: '2023-07-04T15:44:33Z'
kind: metric
module: endpoint
sequence: 5159
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: 17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5
ip:
- 10.0.2.15
- 'fe80::21a6:63d3:d70e:e3ad'
- 127.0.0.1
- '::1'
mac:
- '08:00:27:b1:1d:5a'
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: 20H2 (10.0.19042.906)
name: Windows
platform: windows
type: windows
version: 20H2 (10.0.19042.906)
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 0
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
page: 0
pageSize: 10
sortDirection: desc
sortField: enrolled_at
total: 2
type: object
properties:
hostStatuses:
items:
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
type: string
type: array
kuery:
nullable: true
type: string
page:
default: 0
description: Page number
minimum: 0
type: integer
pageSize:
default: 10
description: Number of items per page
maximum: 10000
minimum: 1
type: integer
sortDirection:
enum:
- asc
- desc
nullable: true
type: string
sortField:
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
type: string
required:
- hostStatuses
properties: {}
NonEmptyString:
description: A string that does not contain only whitespace characters
format: nonempty
@ -1013,11 +1278,13 @@ components:
Page:
default: 1
description: Page number
example: 1
minimum: 1
type: integer
PageSize:
default: 10
description: Number of items per page
example: 10
maximum: 100
minimum: 1
type: integer
@ -1120,6 +1387,27 @@ components:
- path
required:
- parameters
SortDirection:
description: Determines the sort order.
enum:
- asc
- desc
example: desc
type: string
SortField:
description: Determines which field is used to sort the results.
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
example: enrolled_at
type: string
StartDate:
description: Start date
type: string

388
x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml
View file

@ -373,16 +373,41 @@ paths:
operationId: GetEndpointMetadataList
parameters:
- in: query
name: query
name: page
required: false
schema:
$ref: '#/components/schemas/Page'
- in: query
name: pageSize
required: false
schema:
$ref: '#/components/schemas/PageSize'
- in: query
name: kuery
required: false
schema:
$ref: '#/components/schemas/Kuery'
- in: query
name: hostStatuses
required: true
schema:
$ref: '#/components/schemas/ListRequestQuery'
$ref: '#/components/schemas/HostStatuses'
- in: query
name: sortField
required: false
schema:
$ref: '#/components/schemas/SortField'
- in: query
name: sortDirection
required: false
schema:
$ref: '#/components/schemas/SortDirection'
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SuccessResponse'
$ref: '#/components/schemas/MetadataListResponse'
description: OK
summary: Get a metadata list
tags:
@ -395,13 +420,14 @@ paths:
name: id
required: true
schema:
example: ed518850-681a-4d60-bb98-e22640cae2a8
type: string
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SuccessResponse'
$ref: '#/components/schemas/EndpointMetadataResponse'
description: OK
summary: Get metadata
tags:
@ -682,6 +708,94 @@ components:
type: string
minItems: 1
type: array
EndpointMetadataResponse:
example:
host_status: healthy
last_checkin: '2023-07-04T15:48:57.360Z'
metadata:
'@timestamp': '2023-07-04T15:48:57.3609346Z'
agent:
build:
original: >-
version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch:
7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab
id: abb8a826-6812-448c-a571-6d8269b51449
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: abb8a826-6812-448c-a571-6d8269b51449
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:48:57.3609346Z'
dataset: endpoint.metadata
id: MNtRc++KoKHXXwlj+++++OhZ
ingested: '2023-07-04T15:48:58Z'
kind: metric
module: endpoint
sequence: 43757
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: 17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5
ip:
- 10.0.2.15
- 'fe80::21a6:63d3:d70e:e3ad'
- 127.0.0.1
- '::1'
mac:
- '08:00:27:b1:1d:5a'
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: 20H2 (10.0.19042.906)
name: Windows
platform: windows
type: windows
version: 20H2 (10.0.19042.906)
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
type: object
properties: {}
EntityId:
type: object
properties:
@ -809,6 +923,20 @@ components:
type: integer
required:
- hostPath
HostStatuses:
description: A set of agent health statuses to filter by.
example:
- healthy
- updating
items:
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
type: string
type: array
IsolateRouteRequestBody:
type: object
properties:
@ -858,53 +986,190 @@ components:
type: string
required:
- parameters
ListRequestQuery:
Kuery:
description: A KQL string.
example: 'united.endpoint.host.os.name : ''Windows'''
type: string
MetadataListResponse:
example:
data:
- host_status: healthy
last_checkin: '2023-07-04T15:47:57.432Z'
metadata:
'@timestamp': '2023-07-04T15:47:57.432173535Z'
agent:
build:
original: >-
version: 7.16.0, compiled: Tue Nov 16 16:00:00 2021, branch:
7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab
id: 285297c6-3bff-4b83-9a07-f3e749801123
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: 285297c6-3bff-4b83-9a07-f3e749801123
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:47:57.432173535Z'
dataset: endpoint.metadata
id: MNtSXK/SkhEBnmgt++++++7S
ingested: '2023-07-04T15:47:58Z'
kind: metric
module: endpoint
sequence: 400
type:
- info
host:
architecture: x86_64
hostname: david-Xubuntu
id: 0cfead88e2024bd8a27476352b5ab264
ip:
- 127.0.0.1
- '::1'
- 10.0.2.15
- 'fe80::2ac7:8e15:b957:2fa1'
mac:
- '08:00:27:e6:78:8b'
name: david-Xubuntu
os:
Ext:
variant: Ubuntu
family: ubuntu
full: Ubuntu 20.04.2
kernel: >-
5.8.0-59-generic #66~20.04.1-Ubuntu SMP Thu Jun 17 11:14:10
UTC 2021
name: Linux
platform: ubuntu
type: linux
version: 20.04.2
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 0
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
- host_status: healthy
last_checkin: '2023-07-04T15:44:31.491Z'
metadata:
'@timestamp': '2023-07-04T15:44:31.4917849Z'
agent:
build:
original: >-
version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch:
7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab
id: abb8a826-6812-448c-a571-6d8269b51449
type: endpoint
version: 7.16.0
data_stream:
dataset: endpoint.metadata
namespace: default
type: metrics
ecs:
version: 1.11.0
elastic:
agent:
id: abb8a826-6812-448c-a571-6d8269b51449
Endpoint:
capabilities:
- isolation
configuration:
isolation: false
policy:
applied:
endpoint_policy_version: '2'
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
name: test
status: success
version: '3'
state:
isolation: false
status: enrolled
event:
action: endpoint_metadata
agent_id_status: verified
category:
- host
created: '2023-07-04T15:44:31.4917849Z'
dataset: endpoint.metadata
id: MNtRc++KoKHXXwlj+++++/N9
ingested: '2023-07-04T15:44:33Z'
kind: metric
module: endpoint
sequence: 5159
type:
- info
host:
architecture: x86_64
hostname: WinDev2104Eval
id: 17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5
ip:
- 10.0.2.15
- 'fe80::21a6:63d3:d70e:e3ad'
- 127.0.0.1
- '::1'
mac:
- '08:00:27:b1:1d:5a'
name: WinDev2104Eval
os:
Ext:
variant: Windows 10 Enterprise Evaluation
family: windows
full: Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)
kernel: 20H2 (10.0.19042.906)
name: Windows
platform: windows
type: windows
version: 20H2 (10.0.19042.906)
message: Endpoint metadata
policy_info:
agent:
applied:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 0
configured:
id: ed7e3720-4bad-11ec-a2a8-fb22e62a5753
revision: 3
endpoint:
id: d5371dcd-93b7-4627-af88-4084f7d6aa3e
revision: 2
page: 0
pageSize: 10
sortDirection: desc
sortField: enrolled_at
total: 2
type: object
properties:
hostStatuses:
items:
enum:
- healthy
- offline
- updating
- inactive
- unenrolled
type: string
type: array
kuery:
nullable: true
type: string
page:
default: 0
description: Page number
minimum: 0
type: integer
pageSize:
default: 10
description: Number of items per page
maximum: 10000
minimum: 1
type: integer
sortDirection:
enum:
- asc
- desc
nullable: true
type: string
sortField:
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
type: string
required:
- hostStatuses
properties: {}
NonEmptyString:
description: A string that does not contain only whitespace characters
format: nonempty
@ -913,11 +1178,13 @@ components:
Page:
default: 1
description: Page number
example: 1
minimum: 1
type: integer
PageSize:
default: 10
description: Number of items per page
example: 10
maximum: 100
minimum: 1
type: integer
@ -1020,6 +1287,27 @@ components:
- path
required:
- parameters
SortDirection:
description: Determines the sort order.
enum:
- asc
- desc
example: desc
type: string
SortField:
description: Determines which field is used to sort the results.
enum:
- enrolled_at
- metadata.host.hostname
- host_status
- metadata.Endpoint.policy.applied.name
- metadata.Endpoint.policy.applied.status
- metadata.host.os.name
- metadata.host.ip
- metadata.agent.version
- last_checkin
example: enrolled_at
type: string
StartDate:
description: Start date
type: string