mirror of
https://github.com/elastic/kibana.git
synced 2025-04-23 09:19:04 -04:00
# Backport This will backport the following commits from `main` to `8.x`: - [[HTTP/OAS] Include Security Solution domain OAS to production docs (#194132)](https://github.com/elastic/kibana/pull/194132) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2024-10-04T19:34:25Z","message":"[HTTP/OAS] Include Security Solution domain OAS to production docs (#194132)\n\n*Epic:** https://github.com/elastic/security-team/issues/9401 (internal)\r\n\r\n## Summary\r\n\r\nThis PR includes Security Solution OpenAPI domain bundles into the production OpenAPI Kibana bundle. The result Kibana bundler is expected to be published to Bump.sh manually by @lcawl.","sha":"102297ca151d56c8a7da36c14c72386b4cd225ca","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","docs","Team: SecuritySolution","backport:prev-minor","Feature:OAS","v8.16.0"],"number":194132,"url":"https://github.com/elastic/kibana/pull/194132","mergeCommit":{"message":"[HTTP/OAS] Include Security Solution domain OAS to production docs (#194132)\n\n*Epic:** https://github.com/elastic/security-team/issues/9401 (internal)\r\n\r\n## Summary\r\n\r\nThis PR includes Security Solution OpenAPI domain bundles into the production OpenAPI Kibana bundle. The result Kibana bundler is expected to be published to Bump.sh manually by @lcawl.","sha":"102297ca151d56c8a7da36c14c72386b4cd225ca"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194132","number":194132,"mergeCommit":{"message":"[HTTP/OAS] Include Security Solution domain OAS to production docs (#194132)\n\n*Epic:** https://github.com/elastic/security-team/issues/9401 (internal)\r\n\r\n## Summary\r\n\r\nThis PR includes Security Solution OpenAPI domain bundles into the production OpenAPI Kibana bundle. The result Kibana bundler is expected to be published to Bump.sh manually by @lcawl.","sha":"102297ca151d56c8a7da36c14c72386b4cd225ca"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
This commit is contained in:
Maxim Palenov
GitHub
parent
4ea700382e
commit
d120e66c4b
41 changed files with 34639 additions and 184 deletions
|
|
@ -33163,33 +33163,42 @@ tags:
|
|||
x-displayName: Saved objects
|
||||
- description: Manage and interact with Security Assistant resources.
|
||||
name: Security AI Assistant API
|
||||
x-displayName: Security AI assistant
|
||||
- description: >-
|
||||
You can create rules that automatically turn events and external alerts
|
||||
sent to Elastic Security into detection alerts. These alerts are displayed
|
||||
on the Detections page.
|
||||
name: Security Detections API
|
||||
x-displayName: Security detections
|
||||
- description: >-
|
||||
Endpoint Exceptions API allows you to manage detection rule endpoint
|
||||
exceptions to prevent a rule from generating an alert from incoming events
|
||||
even when the rule's other criteria are met.
|
||||
name: Security Endpoint Exceptions API
|
||||
x-displayName: Security endpoint exceptions
|
||||
- description: Interact with and manage endpoints running the Elastic Defend integration.
|
||||
name: Security Endpoint Management API
|
||||
x-displayName: Security endpoint management
|
||||
- description: ''
|
||||
name: Security Entity Analytics API
|
||||
x-displayName: Security entity analytics
|
||||
- description: >-
|
||||
Exceptions API allows you to manage detection rule exceptions to prevent a
|
||||
rule from generating an alert from incoming events even when the rule's
|
||||
other criteria are met.
|
||||
name: Security Exceptions API
|
||||
x-displayName: Security exceptions
|
||||
- description: 'Lists API allows you to manage lists of keywords, IPs or IP ranges items.'
|
||||
name: Security Lists API
|
||||
x-displayName: Security lists
|
||||
- description: 'Run live queries, manage packs and saved queries.'
|
||||
name: Security Osquery API
|
||||
x-displayName: Security Osquery
|
||||
- description: >-
|
||||
You can create Timelines and Timeline templates via the API, as well as
|
||||
import new Timelines from an ndjson file.
|
||||
name: Security Timeline API
|
||||
x-displayName: Security timeline
|
||||
- description: 'SLO APIs enable you to define, manage and track service-level objectives'
|
||||
name: slo
|
||||
- name: system
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -41165,33 +41165,42 @@ tags:
|
|||
x-displayName: Saved objects
|
||||
- description: Manage and interact with Security Assistant resources.
|
||||
name: Security AI Assistant API
|
||||
x-displayName: Security AI assistant
|
||||
- description: >-
|
||||
You can create rules that automatically turn events and external alerts
|
||||
sent to Elastic Security into detection alerts. These alerts are displayed
|
||||
on the Detections page.
|
||||
name: Security Detections API
|
||||
x-displayName: Security detections
|
||||
- description: >-
|
||||
Endpoint Exceptions API allows you to manage detection rule endpoint
|
||||
exceptions to prevent a rule from generating an alert from incoming events
|
||||
even when the rule's other criteria are met.
|
||||
name: Security Endpoint Exceptions API
|
||||
x-displayName: Security endpoint exceptions
|
||||
- description: Interact with and manage endpoints running the Elastic Defend integration.
|
||||
name: Security Endpoint Management API
|
||||
x-displayName: Security endpoint management
|
||||
- description: ''
|
||||
name: Security Entity Analytics API
|
||||
x-displayName: Security entity analytics
|
||||
- description: >-
|
||||
Exceptions API allows you to manage detection rule exceptions to prevent a
|
||||
rule from generating an alert from incoming events even when the rule's
|
||||
other criteria are met.
|
||||
name: Security Exceptions API
|
||||
x-displayName: Security exceptions
|
||||
- description: 'Lists API allows you to manage lists of keywords, IPs or IP ranges items.'
|
||||
name: Security Lists API
|
||||
x-displayName: Security lists
|
||||
- description: 'Run live queries, manage packs and saved queries.'
|
||||
name: Security Osquery API
|
||||
x-displayName: Security Osquery
|
||||
- description: >-
|
||||
You can create Timelines and Timeline templates via the API, as well as
|
||||
import new Timelines from an ndjson file.
|
||||
name: Security Timeline API
|
||||
x-displayName: Security timeline
|
||||
- description: 'SLO APIs enable you to define, manage and track service-level objectives'
|
||||
name: slo
|
||||
- name: system
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -55,8 +55,12 @@ actions:
|
|||
update:
|
||||
x-displayName: "Service level objectives"
|
||||
- target: '$.tags[?(@.name=="system")]'
|
||||
description: Change displayName
|
||||
description: Change displayName and description
|
||||
update:
|
||||
x-displayName: "System"
|
||||
description: >
|
||||
Get information about the system status, resource usage, and installed plugins.
|
||||
Get information about the system status, resource usage, and installed plugins.
|
||||
# Remove extra tags from operations
|
||||
- target: "$.paths[*][*].tags[1:]"
|
||||
description: Remove all but first tag from operations
|
||||
remove: true
|
||||
|
|
@ -70,8 +70,12 @@ actions:
|
|||
update:
|
||||
x-displayName: "Service level objectives"
|
||||
- target: '$.tags[?(@.name=="system")]'
|
||||
description: Change displayName
|
||||
description: Change displayName and description
|
||||
update:
|
||||
x-displayName: "System"
|
||||
description: >
|
||||
Get information about the system status, resource usage, and installed plugins.
|
||||
# Remove extra tags from operations
|
||||
- target: "$.paths[*][*].tags[1:]"
|
||||
description: Remove all but first tag from operations
|
||||
remove: true
|
||||
|
|
@ -27,6 +27,12 @@ const { REPO_ROOT } = require('@kbn/repo-info');
|
|||
`${REPO_ROOT}/x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml`,
|
||||
|
||||
// Security solution
|
||||
`${REPO_ROOT}/x-pack/plugins/security_solution/docs/openapi/ess/*.schema.yaml`,
|
||||
`${REPO_ROOT}/packages/kbn-securitysolution-lists-common/docs/openapi/ess/*.schema.yaml`,
|
||||
`${REPO_ROOT}/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/*.schema.yaml`,
|
||||
`${REPO_ROOT}/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/*.schema.yaml`,
|
||||
`${REPO_ROOT}/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/ess/*.schema.yaml`,
|
||||
`${REPO_ROOT}/x-pack/plugins/osquery/docs/openapi/ess/*.schema.yaml`,
|
||||
],
|
||||
outputFilePath: `${REPO_ROOT}/oas_docs/output/kibana.yaml`,
|
||||
options: {
|
||||
|
|
|
|||
|
|
@ -25,6 +25,12 @@ const { REPO_ROOT } = require('@kbn/repo-info');
|
|||
`${REPO_ROOT}/x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml`,
|
||||
|
||||
// Security solution
|
||||
`${REPO_ROOT}/x-pack/plugins/security_solution/docs/openapi/serverless/*.schema.yaml`,
|
||||
`${REPO_ROOT}/packages/kbn-securitysolution-lists-common/docs/openapi/serverless/*.schema.yaml`,
|
||||
`${REPO_ROOT}/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/*.schema.yaml`,
|
||||
`${REPO_ROOT}/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/*.schema.yaml`,
|
||||
`${REPO_ROOT}/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/serverless/*.schema.yaml`,
|
||||
`${REPO_ROOT}/x-pack/plugins/osquery/docs/openapi/serverless/*.schema.yaml`,
|
||||
],
|
||||
outputFilePath: `${REPO_ROOT}/oas_docs/output/kibana.serverless.yaml`,
|
||||
options: {
|
||||
|
|
|
|||
|
|
@ -869,3 +869,4 @@ tags:
|
|||
exceptions to prevent a rule from generating an alert from incoming events
|
||||
even when the rule's other criteria are met.
|
||||
name: Security Endpoint Exceptions API
|
||||
x-displayName: Security endpoint exceptions
|
||||
|
|
|
|||
|
|
@ -869,3 +869,4 @@ tags:
|
|||
exceptions to prevent a rule from generating an alert from incoming events
|
||||
even when the rule's other criteria are met.
|
||||
name: Security Endpoint Exceptions API
|
||||
x-displayName: Security endpoint exceptions
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@ const ROOT = resolve(__dirname, '..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Endpoint Exceptions API',
|
||||
'x-displayName': 'Security endpoint exceptions',
|
||||
description:
|
||||
"Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.",
|
||||
},
|
||||
|
|
@ -54,6 +55,7 @@ const ROOT = resolve(__dirname, '..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Endpoint Exceptions API',
|
||||
'x-displayName': 'Security endpoint exceptions',
|
||||
description:
|
||||
"Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -1858,3 +1858,4 @@ tags:
|
|||
rule from generating an alert from incoming events even when the rule's
|
||||
other criteria are met.
|
||||
name: Security Exceptions API
|
||||
x-displayName: Security exceptions
|
||||
|
|
|
|||
|
|
@ -1858,3 +1858,4 @@ tags:
|
|||
rule from generating an alert from incoming events even when the rule's
|
||||
other criteria are met.
|
||||
name: Security Exceptions API
|
||||
x-displayName: Security exceptions
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ const ROOT = resolve(__dirname, '..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Exceptions API',
|
||||
'x-displayName': 'Security exceptions',
|
||||
description:
|
||||
"Exceptions API allows you to manage detection rule exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.",
|
||||
},
|
||||
|
|
@ -56,6 +57,7 @@ const ROOT = resolve(__dirname, '..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Exceptions API',
|
||||
'x-displayName': 'Security exceptions',
|
||||
description:
|
||||
"Exceptions API allows you to manage detection rule exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -1523,3 +1523,4 @@ security:
|
|||
tags:
|
||||
- description: 'Lists API allows you to manage lists of keywords, IPs or IP ranges items.'
|
||||
name: Security Lists API
|
||||
x-displayName: Security lists
|
||||
|
|
|
|||
|
|
@ -1523,3 +1523,4 @@ security:
|
|||
tags:
|
||||
- description: 'Lists API allows you to manage lists of keywords, IPs or IP ranges items.'
|
||||
name: Security Lists API
|
||||
x-displayName: Security lists
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@ const ROOT = resolve(__dirname, '..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Lists API',
|
||||
'x-displayName': 'Security lists',
|
||||
description:
|
||||
'Lists API allows you to manage lists of keywords, IPs or IP ranges items.',
|
||||
},
|
||||
|
|
@ -54,6 +55,7 @@ const ROOT = resolve(__dirname, '..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Lists API',
|
||||
'x-displayName': 'Security lists',
|
||||
description:
|
||||
'Lists API allows you to manage lists of keywords, IPs or IP ranges items.',
|
||||
},
|
||||
|
|
|
|||
|
|
@ -1237,3 +1237,4 @@ security:
|
|||
tags:
|
||||
- description: Manage and interact with Security Assistant resources.
|
||||
name: Security AI Assistant API
|
||||
x-displayName: Security AI assistant
|
||||
|
|
|
|||
|
|
@ -1237,3 +1237,4 @@ security:
|
|||
tags:
|
||||
- description: Manage and interact with Security Assistant resources.
|
||||
name: Security AI Assistant API
|
||||
x-displayName: Security AI assistant
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@ const ELASTIC_ASSISTANT_ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security AI Assistant API',
|
||||
'x-displayName': 'Security AI assistant',
|
||||
description: 'Manage and interact with Security Assistant resources.',
|
||||
},
|
||||
],
|
||||
|
|
@ -52,6 +53,7 @@ const ELASTIC_ASSISTANT_ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security AI Assistant API',
|
||||
'x-displayName': 'Security AI assistant',
|
||||
description: 'Manage and interact with Security Assistant resources.',
|
||||
},
|
||||
],
|
||||
|
|
|
|||
|
|
@ -639,3 +639,4 @@ security:
|
|||
tags:
|
||||
- description: 'Run live queries, manage packs and saved queries.'
|
||||
name: Security Osquery API
|
||||
x-displayName: Security Osquery
|
||||
|
|
|
|||
|
|
@ -639,3 +639,4 @@ security:
|
|||
tags:
|
||||
- description: 'Run live queries, manage packs and saved queries.'
|
||||
name: Security Osquery API
|
||||
x-displayName: Security Osquery
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ const ELASTIC_ASSISTANT_ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Osquery API',
|
||||
'x-displayName': 'Security Osquery',
|
||||
description: 'Run live queries, manage packs and saved queries.',
|
||||
},
|
||||
],
|
||||
|
|
@ -49,6 +50,7 @@ const ELASTIC_ASSISTANT_ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Osquery API',
|
||||
'x-displayName': 'Security Osquery',
|
||||
description: 'Run live queries, manage packs and saved queries.',
|
||||
},
|
||||
],
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
*
|
||||
* info:
|
||||
* title: Risk Scoring API
|
||||
* version: 1
|
||||
* version: 2023-10-31
|
||||
*/
|
||||
|
||||
import { z } from '@kbn/zod';
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
openapi: 3.0.0
|
||||
info:
|
||||
version: '1'
|
||||
version: '2023-10-31'
|
||||
title: Risk Scoring API
|
||||
description: These APIs allow the consumer to manage Entity Risk Scores within Entity Analytics.
|
||||
paths:
|
||||
|
|
@ -57,4 +57,3 @@ components:
|
|||
type: integer
|
||||
error:
|
||||
type: string
|
||||
|
||||
|
|
|
|||
|
|
@ -549,7 +549,7 @@ after 30 days. It also deletes other artifacts specific to the migration impleme
|
|||
.request<CleanUpRiskEngineResponse>({
|
||||
path: '/api/risk_score/engine/dangerously_delete_data',
|
||||
headers: {
|
||||
[ELASTIC_HTTP_VERSION_HEADER]: '1',
|
||||
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
|
||||
},
|
||||
method: 'DELETE',
|
||||
})
|
||||
|
|
|
|||
|
|
@ -7000,3 +7000,4 @@ tags:
|
|||
sent to Elastic Security into detection alerts. These alerts are displayed
|
||||
on the Detections page.
|
||||
name: Security Detections API
|
||||
x-displayName: Security detections
|
||||
|
|
|
|||
|
|
@ -1136,3 +1136,4 @@ security:
|
|||
tags:
|
||||
- description: Interact with and manage endpoints running the Elastic Defend integration.
|
||||
name: Security Endpoint Management API
|
||||
x-displayName: Security endpoint management
|
||||
|
|
|
|||
|
|
@ -1,88 +0,0 @@
|
|||
openapi: 3.0.3
|
||||
info:
|
||||
description: ''
|
||||
title: Security Entity Analytics API (Elastic Cloud and self-hosted)
|
||||
version: '1'
|
||||
servers:
|
||||
- url: 'http://{kibana_host}:{port}'
|
||||
variables:
|
||||
kibana_host:
|
||||
default: localhost
|
||||
port:
|
||||
default: '5601'
|
||||
paths:
|
||||
/api/risk_score/engine/dangerously_delete_data:
|
||||
delete:
|
||||
description: >-
|
||||
Cleaning up the the Risk Engine by removing the indices, mapping and
|
||||
transforms
|
||||
operationId: CleanUpRiskEngine
|
||||
responses:
|
||||
'200':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
cleanup_successful:
|
||||
type: boolean
|
||||
description: Successful response
|
||||
'400':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/TaskManagerUnavailableResponse'
|
||||
description: Task manager is unavailable
|
||||
default:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/CleanUpRiskEngineErrorResponse'
|
||||
description: Unexpected error
|
||||
summary: Cleanup the Risk Engine
|
||||
tags:
|
||||
- Security Entity Analytics API
|
||||
components:
|
||||
schemas:
|
||||
CleanUpRiskEngineErrorResponse:
|
||||
type: object
|
||||
properties:
|
||||
cleanup_successful:
|
||||
example: false
|
||||
type: boolean
|
||||
errors:
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
error:
|
||||
type: string
|
||||
seq:
|
||||
type: integer
|
||||
required:
|
||||
- seq
|
||||
- error
|
||||
type: array
|
||||
required:
|
||||
- cleanup_successful
|
||||
- errors
|
||||
TaskManagerUnavailableResponse:
|
||||
description: Task manager is unavailable
|
||||
type: object
|
||||
properties:
|
||||
message:
|
||||
type: string
|
||||
status_code:
|
||||
minimum: 400
|
||||
type: integer
|
||||
required:
|
||||
- status_code
|
||||
- message
|
||||
securitySchemes:
|
||||
BasicAuth:
|
||||
scheme: basic
|
||||
type: http
|
||||
security:
|
||||
- BasicAuth: []
|
||||
tags:
|
||||
- description: ''
|
||||
name: Security Entity Analytics API
|
||||
|
|
@ -513,6 +513,37 @@ paths:
|
|||
summary: List Entity Store Entities
|
||||
tags:
|
||||
- Security Entity Analytics API
|
||||
/api/risk_score/engine/dangerously_delete_data:
|
||||
delete:
|
||||
description: >-
|
||||
Cleaning up the the Risk Engine by removing the indices, mapping and
|
||||
transforms
|
||||
operationId: CleanUpRiskEngine
|
||||
responses:
|
||||
'200':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
cleanup_successful:
|
||||
type: boolean
|
||||
description: Successful response
|
||||
'400':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/TaskManagerUnavailableResponse'
|
||||
description: Task manager is unavailable
|
||||
default:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/CleanUpRiskEngineErrorResponse'
|
||||
description: Unexpected error
|
||||
summary: Cleanup the Risk Engine
|
||||
tags:
|
||||
- Security Entity Analytics API
|
||||
/api/risk_score/engine/schedule_now:
|
||||
post:
|
||||
operationId: ScheduleRiskEngineNow
|
||||
|
|
@ -640,6 +671,27 @@ components:
|
|||
required:
|
||||
- id_value
|
||||
- id_field
|
||||
CleanUpRiskEngineErrorResponse:
|
||||
type: object
|
||||
properties:
|
||||
cleanup_successful:
|
||||
example: false
|
||||
type: boolean
|
||||
errors:
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
error:
|
||||
type: string
|
||||
seq:
|
||||
type: integer
|
||||
required:
|
||||
- seq
|
||||
- error
|
||||
type: array
|
||||
required:
|
||||
- cleanup_successful
|
||||
- errors
|
||||
CreateAssetCriticalityRecord:
|
||||
allOf:
|
||||
- $ref: '#/components/schemas/AssetCriticalityRecordIdParts'
|
||||
|
|
@ -1028,3 +1080,4 @@ security:
|
|||
tags:
|
||||
- description: ''
|
||||
name: Security Entity Analytics API
|
||||
x-displayName: Security entity analytics
|
||||
|
|
|
|||
|
|
@ -1647,3 +1647,4 @@ tags:
|
|||
You can create Timelines and Timeline templates via the API, as well as
|
||||
import new Timelines from an ndjson file.
|
||||
name: Security Timeline API
|
||||
x-displayName: Security timeline
|
||||
|
|
|
|||
|
|
@ -6146,3 +6146,4 @@ tags:
|
|||
sent to Elastic Security into detection alerts. These alerts are displayed
|
||||
on the Detections page.
|
||||
name: Security Detections API
|
||||
x-displayName: Security detections
|
||||
|
|
|
|||
|
|
@ -1036,3 +1036,4 @@ security:
|
|||
tags:
|
||||
- description: Interact with and manage endpoints running the Elastic Defend integration.
|
||||
name: Security Endpoint Management API
|
||||
x-displayName: Security endpoint management
|
||||
|
|
|
|||
|
|
@ -1,88 +0,0 @@
|
|||
openapi: 3.0.3
|
||||
info:
|
||||
description: ''
|
||||
title: Security Entity Analytics API (Elastic Cloud Serverless)
|
||||
version: '1'
|
||||
servers:
|
||||
- url: 'http://{kibana_host}:{port}'
|
||||
variables:
|
||||
kibana_host:
|
||||
default: localhost
|
||||
port:
|
||||
default: '5601'
|
||||
paths:
|
||||
/api/risk_score/engine/dangerously_delete_data:
|
||||
delete:
|
||||
description: >-
|
||||
Cleaning up the the Risk Engine by removing the indices, mapping and
|
||||
transforms
|
||||
operationId: CleanUpRiskEngine
|
||||
responses:
|
||||
'200':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
cleanup_successful:
|
||||
type: boolean
|
||||
description: Successful response
|
||||
'400':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/TaskManagerUnavailableResponse'
|
||||
description: Task manager is unavailable
|
||||
default:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/CleanUpRiskEngineErrorResponse'
|
||||
description: Unexpected error
|
||||
summary: Cleanup the Risk Engine
|
||||
tags:
|
||||
- Security Entity Analytics API
|
||||
components:
|
||||
schemas:
|
||||
CleanUpRiskEngineErrorResponse:
|
||||
type: object
|
||||
properties:
|
||||
cleanup_successful:
|
||||
example: false
|
||||
type: boolean
|
||||
errors:
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
error:
|
||||
type: string
|
||||
seq:
|
||||
type: integer
|
||||
required:
|
||||
- seq
|
||||
- error
|
||||
type: array
|
||||
required:
|
||||
- cleanup_successful
|
||||
- errors
|
||||
TaskManagerUnavailableResponse:
|
||||
description: Task manager is unavailable
|
||||
type: object
|
||||
properties:
|
||||
message:
|
||||
type: string
|
||||
status_code:
|
||||
minimum: 400
|
||||
type: integer
|
||||
required:
|
||||
- status_code
|
||||
- message
|
||||
securitySchemes:
|
||||
BasicAuth:
|
||||
scheme: basic
|
||||
type: http
|
||||
security:
|
||||
- BasicAuth: []
|
||||
tags:
|
||||
- description: ''
|
||||
name: Security Entity Analytics API
|
||||
|
|
@ -513,6 +513,37 @@ paths:
|
|||
summary: List Entity Store Entities
|
||||
tags:
|
||||
- Security Entity Analytics API
|
||||
/api/risk_score/engine/dangerously_delete_data:
|
||||
delete:
|
||||
description: >-
|
||||
Cleaning up the the Risk Engine by removing the indices, mapping and
|
||||
transforms
|
||||
operationId: CleanUpRiskEngine
|
||||
responses:
|
||||
'200':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
cleanup_successful:
|
||||
type: boolean
|
||||
description: Successful response
|
||||
'400':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/TaskManagerUnavailableResponse'
|
||||
description: Task manager is unavailable
|
||||
default:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/CleanUpRiskEngineErrorResponse'
|
||||
description: Unexpected error
|
||||
summary: Cleanup the Risk Engine
|
||||
tags:
|
||||
- Security Entity Analytics API
|
||||
/api/risk_score/engine/schedule_now:
|
||||
post:
|
||||
operationId: ScheduleRiskEngineNow
|
||||
|
|
@ -640,6 +671,27 @@ components:
|
|||
required:
|
||||
- id_value
|
||||
- id_field
|
||||
CleanUpRiskEngineErrorResponse:
|
||||
type: object
|
||||
properties:
|
||||
cleanup_successful:
|
||||
example: false
|
||||
type: boolean
|
||||
errors:
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
error:
|
||||
type: string
|
||||
seq:
|
||||
type: integer
|
||||
required:
|
||||
- seq
|
||||
- error
|
||||
type: array
|
||||
required:
|
||||
- cleanup_successful
|
||||
- errors
|
||||
CreateAssetCriticalityRecord:
|
||||
allOf:
|
||||
- $ref: '#/components/schemas/AssetCriticalityRecordIdParts'
|
||||
|
|
@ -1028,3 +1080,4 @@ security:
|
|||
tags:
|
||||
- description: ''
|
||||
name: Security Entity Analytics API
|
||||
x-displayName: Security entity analytics
|
||||
|
|
|
|||
|
|
@ -1647,3 +1647,4 @@ tags:
|
|||
You can create Timelines and Timeline templates via the API, as well as
|
||||
import new Timelines from an ndjson file.
|
||||
name: Security Timeline API
|
||||
x-displayName: Security timeline
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@ const ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Detections API',
|
||||
'x-displayName': 'Security detections',
|
||||
description:
|
||||
'You can create rules that automatically turn events and external alerts sent to Elastic Security into detection alerts. These alerts are displayed on the Detections page.',
|
||||
},
|
||||
|
|
@ -54,6 +55,7 @@ const ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Detections API',
|
||||
'x-displayName': 'Security detections',
|
||||
description:
|
||||
'You can create rules that automatically turn events and external alerts sent to Elastic Security into detection alerts. These alerts are displayed on the Detections page.',
|
||||
},
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ const ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Endpoint Management API',
|
||||
'x-displayName': 'Security endpoint management',
|
||||
description:
|
||||
'Interact with and manage endpoints running the Elastic Defend integration.',
|
||||
},
|
||||
|
|
@ -52,6 +53,7 @@ const ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Endpoint Management API',
|
||||
'x-displayName': 'Security endpoint management',
|
||||
description:
|
||||
'Interact with and manage endpoints running the Elastic Defend integration.',
|
||||
},
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ const ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Entity Analytics API',
|
||||
'x-displayName': 'Security entity analytics',
|
||||
description: '',
|
||||
},
|
||||
],
|
||||
|
|
@ -51,6 +52,7 @@ const ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Entity Analytics API',
|
||||
'x-displayName': 'Security entity analytics',
|
||||
description: '',
|
||||
},
|
||||
],
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@ const ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Timeline API',
|
||||
'x-displayName': 'Security timeline',
|
||||
description:
|
||||
'You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file.',
|
||||
},
|
||||
|
|
@ -54,6 +55,7 @@ const ROOT = resolve(__dirname, '../..');
|
|||
tags: [
|
||||
{
|
||||
name: 'Security Timeline API',
|
||||
'x-displayName': 'Security timeline',
|
||||
description:
|
||||
'You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file.',
|
||||
},
|
||||
|
|
|
|||
|
|
@ -265,7 +265,7 @@ after 30 days. It also deletes other artifacts specific to the migration impleme
|
|||
return supertest
|
||||
.delete(routeWithNamespace('/api/risk_score/engine/dangerously_delete_data', kibanaSpace))
|
||||
.set('kbn-xsrf', 'true')
|
||||
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
|
||||
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
|
||||
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');
|
||||
},
|
||||
/**
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue