github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Create open API specification for find rules (#147061)

Browse source
This commit is contained in:
Lisa Cawley 2022-12-12 11:36:44 -08:00 committed by GitHub
parent 4f1552e338
commit d862f46c2a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 1695 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

3
docs/api-generated/README.md
View file

@ -14,6 +14,8 @@ or a similar tool that can generate HTML output from OAS.
. Generate HTML output. For example:
```
openapi-generator-cli generate -g html -i $GIT_HOME/kibana/x-pack/plugins/alerting/docs/openapi/bundled.yaml -o $GIT_HOME/kibana/docs/api-generated/rules -t $GIT_HOME/kibana/docs/api-generated/template
openapi-generator-cli generate -g html -i $GIT_HOME/kibana/x-pack/plugins/cases/docs/openapi/bundled.yaml -o $GIT_HOME/kibana/docs/api-generated/cases -t $GIT_HOME/kibana/docs/api-generated/template
openapi-generator-cli generate -g html -i $GIT_HOME/kibana/x-pack/plugins/actions/docs/openapi/bundled.yaml -o $GIT_HOME/kibana/docs/api-generated/connectors -t $GIT_HOME/kibana/docs/api-generated/template
@ -23,6 +25,7 @@ or a similar tool that can generate HTML output from OAS.
. Rename the output files. For example:
```
mv $GIT_HOME/kibana/docs/api-generated/rules/index.html $GIT_HOME/kibana/docs/api-generated/rules/rule-apis-passthru.asciidoc
mv $GIT_HOME/kibana/docs/api-generated/cases/index.html $GIT_HOME/kibana/docs/api-generated/cases/case-apis-passthru.asciidoc
mv $GIT_HOME/kibana/docs/api-generated/connectors/index.html $GIT_HOME/kibana/docs/api-generated/connectors/connector-apis-passthru.asciidoc
mv $GIT_HOME/kibana/docs/api-generated/machine-learning/index.html $GIT_HOME/kibana/docs/api-generated/machine-learning/ml-apis-passthru.adoc

321
docs/api-generated/rules/rule-apis-passthru.asciidoc Normal file
View file

@ -0,0 +1,321 @@
////
This content is generated from the open API specification.
Any modifications made to this file will be overwritten.
////
++++
<div class="openapi">
<h2>Access</h2>
<ol>
<li>APIKey KeyParamName:ApiKey KeyInQuery:false KeyInHeader:true</li>
<li>HTTP Basic Authentication</li>
</ol>
<h2><a name="__Methods">Methods</a></h2>
[ Jump to <a href="#__Models">Models</a> ]
<h3>Table of Contents </h3>
<div class="method-summary"></div>
<h4><a href="#Alerting">Alerting</a></h4>
<ul>
<li><a href="#findRules"><code><span class="http-method">get</span> /s/{spaceId}/api/alerting/rules/_find</code></a></li>
</ul>
<h1><a name="Alerting">Alerting</a></h1>
<div class="method"><a name="findRules"/>
<div class="method-path">
<a class="up" href="#__Methods">Up</a>
<pre class="get"><code class="huge"><span class="http-method">get</span> /s/{spaceId}/api/alerting/rules/_find</code></pre></div>
<div class="method-summary">Retrieves information about rules. (<span class="nickname">findRules</span>)</div>
<div class="method-notes">You must have <code>read</code> privileges for the appropriate Kibana features, depending on the <code>consumer</code> and <code>rule_type_id</code> of the rules you're seeking. For example, you must have privileges for the <strong>Management &gt; Stack rules</strong> feature, <strong>Analytics &gt; Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong> features, or <strong>Security</strong> features. To find rules associated with the <strong>Stack Monitoring</strong> feature, use the <code>monitoring_user</code> built-in role.</div>
<h3 class="field-label">Path parameters</h3>
<div class="field-items">
<div class="param">spaceId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Query parameters</h3>
<div class="field-items">
<div class="param">default_search_operator (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; The default operator to use for the simple_query_string. default: OR </div><div class="param">fields (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; The fields to return in the <code>attributes</code> key of the response. default: null </div><div class="param">filter (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; A KQL string that you filter with an attribute from your saved object. It should look like <code>savedObjectType.attributes.title: &quot;myTitle&quot;</code>. However, if you used a direct attribute of a saved object, such as <code>updatedAt</code>, you must define your filter, for example, <code>savedObjectType.updatedAt &gt; 2018-12-22</code>. default: null </div><div class="param">has_reference (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; Filters the rules that have a relation with the reference objects with a specific type and identifier. default: null </div><div class="param">page (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; The page number to return. default: 1 </div><div class="param">per_page (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; The number of rules to return per page. default: 20 </div><div class="param">search (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; An Elasticsearch simple_query_string query that filters the objects in the response. default: null </div><div class="param">search_fields (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; The fields to perform the simple_query_string parsed query against. default: null </div><div class="param">sort_field (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; Determines which field is used to sort the results. The field must exist in the <code>attributes</code> key of the response. default: null </div><div class="param">sort_order (optional)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; Determines the sort order. default: desc </div>
</div> <!-- field-items -->
<h3 class="field-label">Return type</h3>
<div class="return-type">
<a href="#findRules_200_response">findRules_200_response</a>
</div>
<!--Todo: process Response Object and its headers, schema, examples -->
<h3 class="field-label">Example data</h3>
<div class="example-data-content-type">Content-Type: application/json</div>
<pre class="example"><code>{
"per_page" : 2,
"total" : 7,
"data" : [ {
"throttle" : "10m",
"created_at" : "2022-12-05T23:36:58.284Z",
"last_run" : {
"alerts_count" : {
"new" : 0,
"ignored" : 6,
"recovered" : 1,
"active" : 5
},
"outcome_msg" : "outcome_msg",
"warning" : "warning",
"outcome" : "succeeded"
},
"params" : {
"key" : ""
},
"created_by" : "elastic",
"enabled" : true,
"muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
"rule_type_id" : "monitoring_alert_cluster_health",
"tags" : [ "tags", "tags" ],
"api_key_owner" : "elastic",
"schedule" : {
"interval" : "1m"
},
"notify_when" : "onActiveAlert",
"next_run" : "2022-12-06T00:14:43.818Z",
"updated_at" : "2022-12-05T23:36:58.284Z",
"execution_status" : {
"last_execution_date" : "2022-12-06T00:13:43.89Z",
"last_duration" : 55,
"status" : "ok"
},
"name" : "cluster_health_rule",
"updated_by" : "elastic",
"scheduled_task_id" : "b530fed0-74f5-11ed-9801-35303b735aef",
"id" : "b530fed0-74f5-11ed-9801-35303b735aef",
"mute_all" : false,
"actions" : [ {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"group" : "default"
}, {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"group" : "default"
} ],
"consumer" : "alerts"
}, {
"throttle" : "10m",
"created_at" : "2022-12-05T23:36:58.284Z",
"last_run" : {
"alerts_count" : {
"new" : 0,
"ignored" : 6,
"recovered" : 1,
"active" : 5
},
"outcome_msg" : "outcome_msg",
"warning" : "warning",
"outcome" : "succeeded"
},
"params" : {
"key" : ""
},
"created_by" : "elastic",
"enabled" : true,
"muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
"rule_type_id" : "monitoring_alert_cluster_health",
"tags" : [ "tags", "tags" ],
"api_key_owner" : "elastic",
"schedule" : {
"interval" : "1m"
},
"notify_when" : "onActiveAlert",
"next_run" : "2022-12-06T00:14:43.818Z",
"updated_at" : "2022-12-05T23:36:58.284Z",
"execution_status" : {
"last_execution_date" : "2022-12-06T00:13:43.89Z",
"last_duration" : 55,
"status" : "ok"
},
"name" : "cluster_health_rule",
"updated_by" : "elastic",
"scheduled_task_id" : "b530fed0-74f5-11ed-9801-35303b735aef",
"id" : "b530fed0-74f5-11ed-9801-35303b735aef",
"mute_all" : false,
"actions" : [ {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"group" : "default"
}, {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"group" : "default"
} ],
"consumer" : "alerts"
} ],
"page" : 5
}</code></pre>
<h3 class="field-label">Produces</h3>
This API call produces the following media types according to the <span class="header">Accept</span> request header;
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Responses</h3>
<h4 class="field-label">200</h4>
Indicates a successful call.
<a href="#findRules_200_response">findRules_200_response</a>
</div> <!-- method -->
<hr/>
<h2><a name="__Models">Models</a></h2>
[ Jump to <a href="#__Methods">Methods</a> ]
<h3>Table of Contents</h3>
<ol>
<li><a href="#findRules_200_response"><code>findRules_200_response</code> - </a></li>
<li><a href="#findRules_200_response_data_inner"><code>findRules_200_response_data_inner</code> - </a></li>
<li><a href="#findRules_200_response_data_inner_actions_inner"><code>findRules_200_response_data_inner_actions_inner</code> - </a></li>
<li><a href="#findRules_200_response_data_inner_execution_status"><code>findRules_200_response_data_inner_execution_status</code> - </a></li>
<li><a href="#findRules_200_response_data_inner_last_run"><code>findRules_200_response_data_inner_last_run</code> - </a></li>
<li><a href="#findRules_200_response_data_inner_last_run_alerts_count"><code>findRules_200_response_data_inner_last_run_alerts_count</code> - </a></li>
<li><a href="#findRules_200_response_data_inner_schedule"><code>findRules_200_response_data_inner_schedule</code> - </a></li>
<li><a href="#findRules_has_reference_parameter"><code>findRules_has_reference_parameter</code> - </a></li>
<li><a href="#findRules_search_fields_parameter"><code>findRules_search_fields_parameter</code> - </a></li>
</ol>
<div class="model">
<h3><a name="findRules_200_response"><code>findRules_200_response</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">data (optional)</div><div class="param-desc"><span class="param-type"><a href="#findRules_200_response_data_inner">array[findRules_200_response_data_inner]</a></span> </div>
<div class="param">page (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
<div class="param">per_page (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
<div class="param">total (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="findRules_200_response_data_inner"><code>findRules_200_response_data_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">actions (optional)</div><div class="param-desc"><span class="param-type"><a href="#findRules_200_response_data_inner_actions_inner">array[findRules_200_response_data_inner_actions_inner]</a></span> </div>
<div class="param">api_key_owner (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">consumer (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The application or feature that owns the rule. For example, <code>alerts</code>, <code>apm</code>, <code>discover</code>, <code>infrastructure</code>, <code>logs</code>, <code>metrics</code>, <code>ml</code>, <code>monitoring</code>, <code>securitySolution</code>, <code>siem</code>, <code>stackAlerts</code>, or <code>uptime</code>. </div>
<div class="param">created_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> The date and time that the rule as created. format: date-time</div>
<div class="param">created_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the user that created the rule. </div>
<div class="param">enabled (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether the rule is currently enabled. </div>
<div class="param">execution_status (optional)</div><div class="param-desc"><span class="param-type"><a href="#findRules_200_response_data_inner_execution_status">findRules_200_response_data_inner_execution_status</a></span> </div>
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the rule. </div>
<div class="param">last_run (optional)</div><div class="param-desc"><span class="param-type"><a href="#findRules_200_response_data_inner_last_run">findRules_200_response_data_inner_last_run</a></span> </div>
<div class="param">muted_alert_ids (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">array[String]</a></span> </div>
<div class="param">mute_all (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> </div>
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the rule. </div>
<div class="param">next_run (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">notify_when (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> Indicates how often alerts generate actions. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">onActionGroupChange</div><div class="param-enum">onActiveAlert</div><div class="param-enum">onThrottleInterval</div>
<div class="param">params (optional)</div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> The parameters for the rule. </div>
<div class="param">rule_type_id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the type of rule. For example, <code>.es-query</code>, <code>.index-threshold</code>, <code>logs.alert.document.count</code>, <code>monitoring_alert_cluster_health</code>, <code>siem.thresholdRule</code>, or <code>xpack.ml.anomaly_detection_alert</code>. </div>
<div class="param">schedule (optional)</div><div class="param-desc"><span class="param-type"><a href="#findRules_200_response_data_inner_schedule">findRules_200_response_data_inner_schedule</a></span> </div>
<div class="param">scheduled_task_id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">tags (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">array[String]</a></span> The tags for the rule. </div>
<div class="param">throttle (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if <code>notify_when</code> is set to <code>onThrottleInterval</code>. It is specified in seconds, minutes, hours, or days. </div>
<div class="param">updated_at (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The date and time that the rule was updated most recently. </div>
<div class="param">updated_by (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the user that updated this rule most recently. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="findRules_200_response_data_inner_actions_inner"><code>findRules_200_response_data_inner_actions_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">group (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The group name for the actions. </div>
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector saved object. </div>
<div class="param">params (optional)</div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> The parameters for the action, which are sent to the connector. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="findRules_200_response_data_inner_execution_status"><code>findRules_200_response_data_inner_execution_status</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">status (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">last_execution_date (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">last_duration (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="findRules_200_response_data_inner_last_run"><code>findRules_200_response_data_inner_last_run</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">alerts_count (optional)</div><div class="param-desc"><span class="param-type"><a href="#findRules_200_response_data_inner_last_run_alerts_count">findRules_200_response_data_inner_last_run_alerts_count</a></span> </div>
<div class="param">outcome_msg (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">warning (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">outcome (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="findRules_200_response_data_inner_last_run_alerts_count"><code>findRules_200_response_data_inner_last_run_alerts_count</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">new (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
<div class="param">ignored (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
<div class="param">recovered (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
<div class="param">active (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="findRules_200_response_data_inner_schedule"><code>findRules_200_response_data_inner_schedule</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days.</div>
<div class="field-items">
<div class="param">interval (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="findRules_has_reference_parameter"><code>findRules_has_reference_parameter</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">type (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="findRules_search_fields_parameter"><code>findRules_search_fields_parameter</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
</div> <!-- field-items -->
</div>
</div>
++++

10
docs/api-generated/rules/rule-apis.asciidoc Normal file
View file

@ -0,0 +1,10 @@
[[rule-apis]]
== Alert and rule APIs
preview::[]
////
This file includes content that has been generated from https://github.com/elastic/kibana/tree/main/x-pack/plugins/alerting/docs/openapi. Any modifications required must be done in that open API specification.
////
include::rule-apis-passthru.asciidoc[]

77
docs/api/alerting/find_rules.asciidoc
View file

@ -6,6 +6,12 @@
Retrieve a paginated set of rules based on condition.
[NOTE]
====
For the most up-to-date API details, refer to the
{kib-repo}/tree/{branch}/x-pack/plugins/alerting/docs/openapi[open API specification]. For a preview, check out <<rule-apis>>.
====
[[find-rules-api-request]]
=== {api-request-title}
@ -105,40 +111,49 @@ The API returns the following:
--------------------------------------------------
{
"page": 1,
"per_page": 10,
"total": 1,
"data": [
{
"id": "0a037d60-6b62-11eb-9e0d-85d233e3ee35",
"notify_when": "onActionGroupChange",
"per_page": 10,
"data": [{
"id": "b530fed0-74f5-11ed-9801-35303b735aef",
"name": "cluster_health_rule",
"consumer": "alerts",
"enabled": true,
"tags": ["cluster","health"],
"throttle": null,
"schedule": {"interval":"1m"},
"params": {},
"rule_type_id": "monitoring_alert_cluster_health",
"created_by": "elastic",
"updated_by": "elastic",
"created_at": "2022-12-05T23:36:58.284Z",
"updated_at": "2022-12-05T23:36:58.284Z",
"api_key_owner": "elastic",
"notify_when": "onActiveAlert",
"mute_all": false,
"muted_alert_ids": [],
"scheduled_task_id": "b530fed0-74f5-11ed-9801-35303b735aef",
"execution_status": {
"status": "ok",
"last_execution_date": "2022-12-06T00:09:31.882Z",
"last_duration": 42
},
"actions": [{
"group": "default",
"id": "9dca3e00-74f5-11ed-9801-35303b735aef",
"params": {
"aggType": "avg",
"level": "info",
"message": "{{context.internalFullMessage}}"
},
"consumer": "alerts",
"rule_type_id": "test.rule.type",
"schedule": {
"interval": "1m"
},
"actions": [],
"tags": [],
"name": "my test rule",
"enabled": true,
"throttle": null,
"api_key_owner": "elastic",
"created_by": "elastic",
"updated_by": "elastic",
"mute_all": false,
"muted_alert_ids": [],
"updated_at": "2021-02-10T05:37:19.086Z",
"created_at": "2021-02-10T05:37:19.086Z",
"scheduled_task_id": "0b092d90-6b62-11eb-9e0d-85d233e3ee35",
"execution_status": {
"last_execution_date": "2021-02-10T17:55:14.262Z",
"status": "ok",
"last_duration": 384
}
}
]
"connector_type_id": ".server-log"
}],
"last_run":{
"alerts_count": {"new": 0,"ignored": 0,"recovered": 0,"active": 0},
"outcome_msg": null,
"warning": null,
"outcome": "succeeded"
},
"next_run": "2022-12-06T00:10:31.811Z"
}]
}
--------------------------------------------------

3
docs/apis.asciidoc
View file

@ -13,4 +13,5 @@ version of the specification is 3.0. For more information, go to https://openapi
include::api-generated/cases/case-apis.asciidoc[]
include::api-generated/connectors/connector-apis.asciidoc[]
include::api-generated/machine-learning/ml-apis.asciidoc[]
include::api-generated/machine-learning/ml-apis.asciidoc[]
include::api-generated/rules/rule-apis.asciidoc[]

34
x-pack/plugins/alerting/docs/openapi/README.md Normal file
View file

@ -0,0 +1,34 @@
# OpenAPI (Experimental)
The current self-contained spec file is [as JSON](https://raw.githubusercontent.com/elastic/kibana/master/x-pack/plugins/cases/common/openapi/bundled.json) or [as YAML](https://raw.githubusercontent.com/elastic/kibana/master/x-pack/plugins/cases/common/openapi/bundled.yaml) and can be used for online tools like those found at https://openapi.tools/.
This spec is experimental and may be incomplete or change later.
A guide about the openApi specification can be found at [https://swagger.io/docs/specification/about/](https://swagger.io/docs/specification/about/).
## The `openapi` folder
* `entrypoint.yaml` is the overview file which pulls together all the paths and components.
* [Paths](paths/README.md): this defines each endpoint. A path can have one operation per http method.
* [Components](components/README.md): Reusable components
## Tools
It is possible to validate the docs before bundling them with the following
command in the `x-pack/plugins/alerting/docs/openapi/` folder:
```
npx swagger-cli validate entrypoint.yaml
```
Then you can generate the `bundled` files by running the following commands:
```
npx @redocly/cli bundle entrypoint.yaml --output bundled.yaml --ext yaml
npx @redocly/cli bundle entrypoint.yaml --output bundled.json --ext json
```
You can run additional linting with the following command:
```
npx @redocly/cli lint bundled.json
```

508
x-pack/plugins/alerting/docs/openapi/bundled.json Normal file
View file

@ -0,0 +1,508 @@
{
"openapi": "3.0.1",
"info": {
"title": "Alerting",
"description": "OpenAPI schema for alerting endpoints",
"version": "0.1",
"contact": {
"name": "Alerting Team"
},
"license": {
"name": "Elastic License 2.0",
"url": "https://www.elastic.co/licensing/elastic-license"
}
},
"tags": [
{
"name": "alerting",
"description": "Alerting APIs enable you to create and manage rules and alerts."
}
],
"servers": [
{
"url": "http://localhost:5601",
"description": "local"
}
],
"paths": {
"/s/{spaceId}/api/alerting/rules/_find": {
"get": {
"summary": "Retrieves information about rules.",
"operationId": "findRules",
"description": "You must have `read` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rules you're seeking. For example, you must have privileges for the **Management > Stack rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, or **Security** features. To find rules associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.\n",
"tags": [
"alerting"
],
"parameters": [
{
"$ref": "#/components/parameters/space_id"
},
{
"name": "default_search_operator",
"in": "query",
"description": "The default operator to use for the simple_query_string.",
"schema": {
"type": "string",
"default": "OR"
},
"example": "OR"
},
{
"name": "fields",
"in": "query",
"description": "The fields to return in the `attributes` key of the response.",
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
},
{
"name": "filter",
"in": "query",
"description": "A KQL string that you filter with an attribute from your saved object. It should look like `savedObjectType.attributes.title: \"myTitle\"`. However, if you used a direct attribute of a saved object, such as `updatedAt`, you must define your filter, for example, `savedObjectType.updatedAt > 2018-12-22`.\n",
"schema": {
"type": "string"
}
},
{
"name": "has_reference",
"in": "query",
"description": "Filters the rules that have a relation with the reference objects with a specific type and identifier.",
"schema": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"type": {
"type": "string"
}
}
}
},
{
"name": "page",
"in": "query",
"description": "The page number to return.",
"schema": {
"type": "integer",
"default": 1
},
"example": 1
},
{
"name": "per_page",
"in": "query",
"description": "The number of rules to return per page.",
"schema": {
"type": "integer",
"default": 20
},
"example": 20
},
{
"name": "search",
"in": "query",
"description": "An Elasticsearch simple_query_string query that filters the objects in the response.",
"schema": {
"type": "string"
}
},
{
"name": "search_fields",
"in": "query",
"description": "The fields to perform the simple_query_string parsed query against.",
"schema": {
"oneOf": [
{
"type": "string"
},
{
"type": "array",
"items": {
"type": "string"
}
}
]
}
},
{
"name": "sort_field",
"in": "query",
"description": "Determines which field is used to sort the results. The field must exist in the `attributes` key of the response.\n",
"schema": {
"type": "string"
}
},
{
"name": "sort_order",
"in": "query",
"description": "Determines the sort order.",
"schema": {
"type": "string",
"enum": [
"asc",
"desc"
],
"default": "desc"
},
"example": "asc"
}
],
"responses": {
"200": {
"description": "Indicates a successful call.",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"data": {
"type": "array",
"items": {
"type": "object",
"properties": {
"actions": {
"type": "array",
"items": {
"type": "object",
"properties": {
"group": {
"type": "string",
"description": "The group name for the actions.",
"example": "default"
},
"id": {
"type": "string",
"description": "The identifier for the connector saved object.",
"example": "9dca3e00-74f5-11ed-9801-35303b735aef"
},
"params": {
"type": "object",
"description": "The parameters for the action, which are sent to the connector.",
"additionalProperties": true
}
}
}
},
"api_key_owner": {
"type": "string",
"nullable": true,
"example": "elastic"
},
"consumer": {
"type": "string",
"description": "The application or feature that owns the rule. For example, `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or `uptime`.",
"example": "alerts"
},
"created_at": {
"type": "string",
"description": "The date and time that the rule as created.",
"format": "date-time",
"example": "2022-12-05T23:36:58.284Z"
},
"created_by": {
"type": "string",
"description": "The identifier for the user that created the rule.",
"nullable": true,
"example": "elastic"
},
"enabled": {
"type": "boolean",
"description": "Indicates whether the rule is currently enabled.",
"example": true
},
"execution_status": {
"type": "object",
"properties": {
"status": {
"type": "string",
"example": "ok"
},
"last_execution_date": {
"type": "string",
"format": "date-time",
"example": "2022-12-06T00:13:43.890Z"
},
"last_duration": {
"type": "integer",
"example": 55
}
}
},
"id": {
"type": "string",
"description": "The identifier for the rule.",
"example": "b530fed0-74f5-11ed-9801-35303b735aef"
},
"last_run": {
"type": "object",
"properties": {
"alerts_count": {
"type": "object",
"properties": {
"new": {
"type": "integer",
"nullable": true
},
"ignored": {
"type": "integer",
"nullable": true
},
"recovered": {
"type": "integer",
"nullable": true
},
"active": {
"type": "integer",
"nullable": true
}
}
},
"outcome_msg": {
"type": "string",
"nullable": true,
"example": null
},
"warning": {
"type": "string",
"nullable": true,
"example": null
},
"outcome": {
"type": "string",
"example": "succeeded"
}
}
},
"muted_alert_ids": {
"type": "array",
"items": {
"type": "string"
}
},
"mute_all": {
"type": "boolean",
"example": false
},
"name": {
"type": "string",
"description": "The name of the rule.",
"example": "cluster_health_rule"
},
"next_run": {
"type": "string",
"format": "date-time",
"nullable": true,
"example": "2022-12-06T00:14:43.818Z"
},
"notify_when": {
"type": "string",
"description": "Indicates how often alerts generate actions.",
"enum": [
"onActionGroupChange",
"onActiveAlert",
"onThrottleInterval"
],
"example": "onActiveAlert"
},
"params": {
"type": "object",
"description": "The parameters for the rule.",
"additionalProperties": true
},
"rule_type_id": {
"type": "string",
"description": "The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`.",
"example": "monitoring_alert_cluster_health"
},
"schedule": {
"type": "object",
"description": "The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days.",
"properties": {
"interval": {
"type": "string",
"example": "1m"
}
}
},
"scheduled_task_id": {
"type": "string",
"example": "b530fed0-74f5-11ed-9801-35303b735aef"
},
"tags": {
"type": "array",
"description": "The tags for the rule.",
"items": {
"type": "string"
}
},
"throttle": {
"type": "string",
"description": "The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days.",
"nullable": true,
"example": "10m"
},
"updated_at": {
"type": "string",
"description": "The date and time that the rule was updated most recently.",
"example": "2022-12-05T23:36:58.284Z"
},
"updated_by": {
"type": "string",
"description": "The identifier for the user that updated this rule most recently.",
"nullable": true,
"example": "elastic"
}
}
}
},
"page": {
"type": "integer"
},
"per_page": {
"type": "integer"
},
"total": {
"type": "integer"
}
}
},
"examples": {
"findRulesResponse": {
"$ref": "#/components/examples/find_rules_response"
}
}
}
}
}
},
"servers": [
{
"url": "https://localhost:5601"
}
]
},
"servers": [
{
"url": "https://localhost:5601"
}
]
}
},
"components": {
"securitySchemes": {
"basicAuth": {
"type": "http",
"scheme": "basic"
},
"apiKeyAuth": {
"type": "apiKey",
"in": "header",
"name": "ApiKey"
}
},
"parameters": {
"space_id": {
"in": "path",
"name": "spaceId",
"description": "An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used.",
"required": true,
"schema": {
"type": "string",
"example": "default"
}
}
},
"examples": {
"find_rules_response": {
"summary": "Retrieve information about a rule.",
"value": {
"page": 1,
"total": 1,
"per_page": 10,
"data": [
{
"id": "3583a470-74f6-11ed-9801-35303b735aef",
"consumer": "alerts",
"tags": [
"cpu"
],
"name": "my alert",
"enabled": true,
"throttle": null,
"schedule": {
"interval": "1m"
},
"params": {
"aggType": "avg",
"termSize": 6,
"thresholdComparator": ">",
"timeWindowSize": 5,
"timeWindowUnit": "m",
"groupBy": "top",
"threshold": [
1000
],
"index": [
"test-index"
],
"timeField": "@timestamp",
"aggField": "sheet.version",
"termField": "name.keyword"
},
"rule_type_id": ".index-threshold",
"created_by": "elastic",
"updated_by": "elastic",
"created_at": "2022-12-05T23:40:33.132Z",
"updated_at": "2022-12-05T23:40:33.132Z",
"api_key_owner": "elastic",
"notify_when": "onActionGroupChange",
"mute_all": false,
"muted_alert_ids": [],
"scheduled_task_id": "3583a470-74f6-11ed-9801-35303b735aef",
"execution_status": {
"status": "ok",
"last_execution_date": "2022-12-06T01:44:23.983Z",
"last_duration": 48
},
"actions": [
{
"id": "9dca3e00-74f5-11ed-9801-35303b735aef",
"group": "threshold met",
"params": {
"level": "info",
"message": "alert {{alertName}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}",
"connector_type_id": ".server-log"
}
}
],
"last_run": {
"alerts_count": {
"new": 0,
"ignored": 0,
"recovered": 0,
"active": 0
},
"outcome_msg": null,
"warning": null,
"outcome": "succeeded"
},
"next_run": "2022-12-06T01:45:23.912Z"
}
]
}
}
}
},
"security": [
{
"basicAuth": []
},
{
"apiKeyAuth": []
}
]
}

361
x-pack/plugins/alerting/docs/openapi/bundled.yaml Normal file
View file

@ -0,0 +1,361 @@
openapi: 3.0.1
info:
title: Alerting
description: OpenAPI schema for alerting endpoints
version: '0.1'
contact:
name: Alerting Team
license:
name: Elastic License 2.0
url: https://www.elastic.co/licensing/elastic-license
tags:
- name: alerting
description: Alerting APIs enable you to create and manage rules and alerts.
servers:
- url: http://localhost:5601
description: local
paths:
/s/{spaceId}/api/alerting/rules/_find:
get:
summary: Retrieves information about rules.
operationId: findRules
description: |
You must have `read` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rules you're seeking. For example, you must have privileges for the **Management > Stack rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, or **Security** features. To find rules associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.
tags:
- alerting
parameters:
- $ref: '#/components/parameters/space_id'
- name: default_search_operator
in: query
description: The default operator to use for the simple_query_string.
schema:
type: string
default: OR
example: OR
- name: fields
in: query
description: The fields to return in the `attributes` key of the response.
schema:
type: array
items:
type: string
- name: filter
in: query
description: |
A KQL string that you filter with an attribute from your saved object. It should look like `savedObjectType.attributes.title: "myTitle"`. However, if you used a direct attribute of a saved object, such as `updatedAt`, you must define your filter, for example, `savedObjectType.updatedAt > 2018-12-22`.
schema:
type: string
- name: has_reference
in: query
description: Filters the rules that have a relation with the reference objects with a specific type and identifier.
schema:
type: object
properties:
id:
type: string
type:
type: string
- name: page
in: query
description: The page number to return.
schema:
type: integer
default: 1
example: 1
- name: per_page
in: query
description: The number of rules to return per page.
schema:
type: integer
default: 20
example: 20
- name: search
in: query
description: An Elasticsearch simple_query_string query that filters the objects in the response.
schema:
type: string
- name: search_fields
in: query
description: The fields to perform the simple_query_string parsed query against.
schema:
oneOf:
- type: string
- type: array
items:
type: string
- name: sort_field
in: query
description: |
Determines which field is used to sort the results. The field must exist in the `attributes` key of the response.
schema:
type: string
- name: sort_order
in: query
description: Determines the sort order.
schema:
type: string
enum:
- asc
- desc
default: desc
example: asc
responses:
'200':
description: Indicates a successful call.
content:
application/json:
schema:
type: object
properties:
data:
type: array
items:
type: object
properties:
actions:
type: array
items:
type: object
properties:
group:
type: string
description: The group name for the actions.
example: default
id:
type: string
description: The identifier for the connector saved object.
example: 9dca3e00-74f5-11ed-9801-35303b735aef
params:
type: object
description: The parameters for the action, which are sent to the connector.
additionalProperties: true
api_key_owner:
type: string
nullable: true
example: elastic
consumer:
type: string
description: The application or feature that owns the rule. For example, `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or `uptime`.
example: alerts
created_at:
type: string
description: The date and time that the rule as created.
format: date-time
example: '2022-12-05T23:36:58.284Z'
created_by:
type: string
description: The identifier for the user that created the rule.
nullable: true
example: elastic
enabled:
type: boolean
description: Indicates whether the rule is currently enabled.
example: true
execution_status:
type: object
properties:
status:
type: string
example: ok
last_execution_date:
type: string
format: date-time
example: '2022-12-06T00:13:43.890Z'
last_duration:
type: integer
example: 55
id:
type: string
description: The identifier for the rule.
example: b530fed0-74f5-11ed-9801-35303b735aef
last_run:
type: object
properties:
alerts_count:
type: object
properties:
new:
type: integer
nullable: true
ignored:
type: integer
nullable: true
recovered:
type: integer
nullable: true
active:
type: integer
nullable: true
outcome_msg:
type: string
nullable: true
example: null
warning:
type: string
nullable: true
example: null
outcome:
type: string
example: succeeded
muted_alert_ids:
type: array
items:
type: string
mute_all:
type: boolean
example: false
name:
type: string
description: The name of the rule.
example: cluster_health_rule
next_run:
type: string
format: date-time
nullable: true
example: '2022-12-06T00:14:43.818Z'
notify_when:
type: string
description: Indicates how often alerts generate actions.
enum:
- onActionGroupChange
- onActiveAlert
- onThrottleInterval
example: onActiveAlert
params:
type: object
description: The parameters for the rule.
additionalProperties: true
rule_type_id:
type: string
description: The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`.
example: monitoring_alert_cluster_health
schedule:
type: object
description: The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days.
properties:
interval:
type: string
example: 1m
scheduled_task_id:
type: string
example: b530fed0-74f5-11ed-9801-35303b735aef
tags:
type: array
description: The tags for the rule.
items:
type: string
throttle:
type: string
description: The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days.
nullable: true
example: 10m
updated_at:
type: string
description: The date and time that the rule was updated most recently.
example: '2022-12-05T23:36:58.284Z'
updated_by:
type: string
description: The identifier for the user that updated this rule most recently.
nullable: true
example: elastic
page:
type: integer
per_page:
type: integer
total:
type: integer
examples:
findRulesResponse:
$ref: '#/components/examples/find_rules_response'
servers:
- url: https://localhost:5601
servers:
- url: https://localhost:5601
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
apiKeyAuth:
type: apiKey
in: header
name: ApiKey
parameters:
space_id:
in: path
name: spaceId
description: An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used.
required: true
schema:
type: string
example: default
examples:
find_rules_response:
summary: Retrieve information about a rule.
value:
page: 1
total: 1
per_page: 10
data:
- id: 3583a470-74f6-11ed-9801-35303b735aef
consumer: alerts
tags:
- cpu
name: my alert
enabled: true
throttle: null
schedule:
interval: 1m
params:
aggType: avg
termSize: 6
thresholdComparator: '>'
timeWindowSize: 5
timeWindowUnit: m
groupBy: top
threshold:
- 1000
index:
- test-index
timeField: '@timestamp'
aggField: sheet.version
termField: name.keyword
rule_type_id: .index-threshold
created_by: elastic
updated_by: elastic
created_at: '2022-12-05T23:40:33.132Z'
updated_at: '2022-12-05T23:40:33.132Z'
api_key_owner: elastic
notify_when: onActionGroupChange
mute_all: false
muted_alert_ids: []
scheduled_task_id: 3583a470-74f6-11ed-9801-35303b735aef
execution_status:
status: ok
last_execution_date: '2022-12-06T01:44:23.983Z'
last_duration: 48
actions:
- id: 9dca3e00-74f5-11ed-9801-35303b735aef
group: threshold met
params:
level: info
message: |-
alert {{alertName}} is active for group {{context.group}}:
- Value: {{context.value}}
- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}
- Timestamp: {{context.date}}
connector_type_id: .server-log
last_run:
alerts_count:
new: 0
ignored: 0
recovered: 0
active: 0
outcome_msg: null
warning: null
outcome: succeeded
next_run: '2022-12-06T01:45:23.912Z'
security:
- basicAuth: []
- apiKeyAuth: []

60
x-pack/plugins/alerting/docs/openapi/components/examples/find_rules_response.yaml Normal file
View file

@ -0,0 +1,60 @@
summary: Retrieve information about a rule.
value:
page: 1
total: 1
per_page: 10
data:
- id: 3583a470-74f6-11ed-9801-35303b735aef
consumer: alerts
tags:
- cpu
name: my alert
enabled: true
throttle: null
schedule:
interval: 1m
params:
aggType: avg
termSize: 6
thresholdComparator: ">"
timeWindowSize: 5
timeWindowUnit: m
groupBy: top
threshold:
- 1000
index:
- test-index
timeField: "@timestamp"
aggField: sheet.version
termField: name.keyword
rule_type_id: .index-threshold
created_by: elastic
updated_by: elastic
created_at: '2022-12-05T23:40:33.132Z'
updated_at: '2022-12-05T23:40:33.132Z'
api_key_owner: elastic
notify_when: onActionGroupChange
mute_all: false
muted_alert_ids: []
scheduled_task_id: 3583a470-74f6-11ed-9801-35303b735aef
execution_status:
status: ok
last_execution_date: '2022-12-06T01:44:23.983Z'
last_duration: 48
actions:
- id: 9dca3e00-74f5-11ed-9801-35303b735aef
group: threshold met
params:
level: info
message: "alert {{alertName}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}"
connector_type_id: .server-log
last_run:
alerts_count:
new: 0
ignored: 0
recovered: 0
active: 0
outcome_msg: null
warning: null
outcome: succeeded
next_run: '2022-12-06T01:45:23.912Z'

5
x-pack/plugins/alerting/docs/openapi/components/headers/kbn_xsrf.yaml Normal file
View file

@ -0,0 +1,5 @@
schema:
type: string
in: header
name: kbn-xsrf
required: true

7
x-pack/plugins/alerting/docs/openapi/components/parameters/space_id.yaml Normal file
View file

@ -0,0 +1,7 @@
in: path
name: spaceId
description: An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used.
required: true
schema:
type: string
example: default

72
x-pack/plugins/alerting/docs/openapi/entrypoint.yaml Normal file
View file

@ -0,0 +1,72 @@
openapi: 3.0.1
info:
title: Alerting
description: OpenAPI schema for alerting endpoints
version: '0.1'
contact:
name: Alerting Team
license:
name: Elastic License 2.0
url: https://www.elastic.co/licensing/elastic-license
tags:
- name: alerting
description: Alerting APIs enable you to create and manage rules and alerts.
servers:
- url: 'http://localhost:5601'
description: local
paths:
# '/s/{spaceId}/api/alerting/rule/{ruleId}':
# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}.yaml'
# '/s/{spaceId}/api/alerting/rule/{ruleId}/_disable':
# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@_disable.yaml'
# '/s/{spaceId}/api/alerting/rule/{ruleId}/_enable':
# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@_enable.yaml'
'/s/{spaceId}/api/alerting/rules/_find':
$ref: 'paths/s@{spaceid}@api@alerting@rules@_find.yaml'
# '/s/{spaceId}/api/alerting/_health':
# $ref: paths/s@{spaceid}@api@alerting@_health.yaml
# '/s/{spaceId}/api/alerting/rule_types':
# $ref: 'paths/s@{spaceid}@api@alerting@rule_types.yaml'
# '/s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all':
# $ref: 'paths/s@{spaceid}@api@rule@{ruleid}@_mute_all.yaml'
# '/s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all':
# $ref: 'paths/s@{spaceid}@api@rule@{ruleid}@_unmute_all.yaml'
# '/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute':
# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_mute.yaml'
# '/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute':
# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_unmute.yaml'
# Deprecated APIs
# '/s/{spaceId}/api/alerts/alert/{alertId}':
# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}.yaml'
# '/s/{spaceId}/api/alerts/alert/{alertId}/_disable':
# $ref: 'paths/s@{spaceid}@api@alertss@alert@{alertid}@_disable.yaml'
# '/s/{spaceId}/api/alerts/alert/{alertId}/_enable':
# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@_enable.yaml'
# '/s/{spaceId}/api/alerts/alert/{alertId}/_mute_all':
# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@_mute_all.yaml'
# '/s/{spaceId}/api/alerts/alert/{alertId}/_unmute_all':
# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@_unmute_all.yaml'
# '/s/{spaceId}/api/alerts/alerts/_find':
# $ref: 'paths/s@{spaceid}@api@alerts@_find.yaml'
# '/s/{spaceId}/api/alerts/alerts/_health':
# $ref: 'paths/s@{spaceid}@api@alerts@_health.yaml'
# '/s/{spaceId}/api/alerts/alerts/list_alert_types':
# $ref: 'paths/s@{spaceid}@api@alerts@list_alert_types.yaml'
# '/s/{spaceId}/api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute':
# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@alert_instance@{alertinstanceid}@_mute.yaml'
# '/s/{spaceId}/api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute':
# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@alert_instance@{alertinstanceid}@_unmute.yaml'
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
apiKeyAuth:
type: apiKey
in: header
name: ApiKey
security:
- basicAuth: []
- apiKeyAuth: []

266
x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rules@_find.yaml Normal file
View file

@ -0,0 +1,266 @@
get:
summary: Retrieves information about rules.
operationId: findRules
description: >
You must have `read` privileges for the appropriate Kibana features,
depending on the `consumer` and `rule_type_id` of the rules you're seeking.
For example, you must have privileges for the **Management > Stack rules**
feature, **Analytics > Discover** and **Machine Learning** features,
**Observability** features, or **Security** features. To find rules
associated with the **Stack Monitoring** feature, use the `monitoring_user`
built-in role.
tags:
- alerting
parameters:
- $ref: '../components/parameters/space_id.yaml'
- name: default_search_operator
in: query
description: The default operator to use for the simple_query_string.
schema:
type: string
default: OR
example: OR
- name: fields
in: query
description: The fields to return in the `attributes` key of the response.
schema:
type: array
items:
type: string
- name: filter
in: query
description: >
A KQL string that you filter with an attribute from your saved object.
It should look like `savedObjectType.attributes.title: "myTitle"`.
However, if you used a direct attribute of a saved object, such as
`updatedAt`, you must define your filter, for example,
`savedObjectType.updatedAt > 2018-12-22`.
schema:
type: string
- name: has_reference
in: query
description: Filters the rules that have a relation with the reference objects with a specific type and identifier.
schema:
type: object
properties:
id:
type: string
type:
type: string
- name: page
in: query
description: The page number to return.
schema:
type: integer
default: 1
example: 1
- name: per_page
in: query
description: The number of rules to return per page.
schema:
type: integer
default: 20
example: 20
- name: search
in: query
description: An Elasticsearch simple_query_string query that filters the objects in the response.
schema:
type: string
- name: search_fields
in: query
description: The fields to perform the simple_query_string parsed query against.
schema:
oneOf:
- type: string
- type: array
items:
type: string
- name: sort_field
in: query
description: >
Determines which field is used to sort the results. The field must exist
in the `attributes` key of the response.
schema:
type: string
- name: sort_order
in: query
description: Determines the sort order.
schema:
type: string
enum:
- asc
- desc
default: desc
example: asc
responses:
'200':
description: Indicates a successful call.
content:
application/json:
schema:
type: object
properties:
data:
type: array
items:
type: object
properties:
actions:
type: array
items:
type: object
properties:
group:
type: string
description: The group name for the actions.
example: default
id:
type: string
description: The identifier for the connector saved object.
example: 9dca3e00-74f5-11ed-9801-35303b735aef
params:
type: object
description: The parameters for the action, which are sent to the connector.
additionalProperties: true
api_key_owner:
type: string
nullable: true
example: elastic
consumer:
type: string
description: The application or feature that owns the rule. For example, `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or `uptime`.
example: alerts
created_at:
type: string
description: The date and time that the rule as created.
format: date-time
example: '2022-12-05T23:36:58.284Z'
created_by:
type: string
description: The identifier for the user that created the rule.
nullable: true
example: elastic
enabled:
type: boolean
description: Indicates whether the rule is currently enabled.
example: true
execution_status:
type: object
properties:
status:
type: string
example: ok
last_execution_date:
type: string
format: date-time
example: '2022-12-06T00:13:43.890Z'
last_duration:
type: integer
example: 55
id:
type: string
description: The identifier for the rule.
example: b530fed0-74f5-11ed-9801-35303b735aef
last_run:
type: object
properties:
alerts_count:
type: object
properties:
new:
type: integer
nullable: true
ignored:
type: integer
nullable: true
recovered:
type: integer
nullable: true
active:
type: integer
nullable: true
outcome_msg:
type: string
nullable: true
example: null
warning:
type: string
nullable: true
example: null
outcome:
type: string
example: succeeded
muted_alert_ids:
type: array
items:
type: string
mute_all:
type: boolean
example: false
name:
type: string
description: The name of the rule.
example: cluster_health_rule
next_run:
type: string
format: date-time
nullable: true
example: '2022-12-06T00:14:43.818Z'
notify_when:
type: string
description: Indicates how often alerts generate actions.
enum:
- onActionGroupChange
- onActiveAlert
- onThrottleInterval
example: onActiveAlert
params:
type: object
description: The parameters for the rule.
additionalProperties: true
rule_type_id:
type: string
description: The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`.
example: monitoring_alert_cluster_health
schedule:
type: object
description: The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days.
properties:
interval:
type: string
example: 1m
scheduled_task_id:
type: string
example: b530fed0-74f5-11ed-9801-35303b735aef
tags:
type: array
description: The tags for the rule.
items:
type: string
throttle:
type: string
description: The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days.
nullable: true
example: 10m
updated_at:
type: string
description: The date and time that the rule was updated most recently.
example: '2022-12-05T23:36:58.284Z'
updated_by:
type: string
description: The identifier for the user that updated this rule most recently.
nullable: true
example: elastic
page:
type: integer
per_page:
type: integer
total:
type: integer
examples:
findRulesResponse:
$ref: '../components/examples/find_rules_response.yaml'
servers:
- url: https://localhost:5601
servers:
- url: https://localhost:5601