github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Cases] Improve README (#133363)

Browse source 
Co-authored-by: Esteban Beltran <academo@users.noreply.github.com>
This commit is contained in:
Christos Nasikas 2022-06-02 18:19:26 +03:00 committed by GitHub
parent 1e39a2c67e
commit db3b271efb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 73 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

81
x-pack/plugins/cases/README.md
View file

@ -16,17 +16,12 @@ This plugin provides cases management in Kibana
## Table of Contents ## Table of Contents
- [Cases API](#cases-api) - [Cases API](#cases-api)
- [Cases Client API](#cases-client-api)
- [Cases UI](#cases-ui) - [Cases UI](#cases-ui)
## Cases API ## Cases API
[**Explore the API docs »**](https://www.elastic.co/guide/en/security/current/cases-api-overview.html) [**Explore the API docs »**](https://www.elastic.co/guide/en/security/current/cases-api-overview.html)
## Cases Client API
[**Cases Client API docs**][cases-client-api-docs]
## Cases UI ## Cases UI
### Embed Cases UI components in any Kibana plugin ### Embed Cases UI components in any Kibana plugin
@ -133,9 +128,79 @@ An array of:
| id | The ID of the case | string | | id | The ID of the case | string |
| title | The title of the case | string | | title | The title of the case | string |
### ui #### `find`
#### `getCases` Retrieves a paginated subset of cases.
Arguments
| Property | Description | Type |
| -------- | ---------------------- | --------------------- |
| query | The request parameters | object |
| signal | The abort signal | Optional, AbortSignal |
`query`
| Property | Description | Type |
| --------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------ |
| defaultSearchOperator | The default operator to use for the `simple_query_string`. Defaults to `OR`. | Optional, string |
| fields | The fields in the entity to return in the response. | Optional, array of strings |
| from | Returns only cases that were created after a specific date. The date must be specified as a KQL data range or date match expression. | Optional, string |
| owner | A filter to limit the retrieved cases to a specific set of applications. Valid values are: `cases`, `observability`, and `securitySolution`. If this parameter is omitted, the response contains all cases that the user has access to read. |
| page | The page number to return. Defaults to `1` . | Optional, integer |
| perPage | The number of rules to return per page. Defaults to `20` . | Optional, integer |
| reporters | Filters the returned cases by the reporter's `username. | Optional, string or array of strings |
| search | `simple_query_string` query that filters the objects in the response. | Optional, string |
| searchFields | The fields to perform the `simple_query_string` parsed query against. | Optional, string or array of strings |
| severity | The severity of the case. Valid values are: `critical`, `high`, `low`, and `medium`. | Optional, string |
| sortField | Determines which field is used to sort the results,`createdAt` or `updatedAt`. Defaults to `createdAt`. | Optional, string |
| sortOrder | Determines the sort order, which can be `desc` or `asc`. Defaults to `desc`. | Optional, string |
| status | Filters the returned cases by state, which can be `open`, `in-progress`, or `closed`. | Optional, string |
| tags | Filters the returned cases by tags. | Optional, string or array of strings |
| to | Returns only cases that were created before a specific date. The date must be specified as a KQL data range or date match expression. | Optional, string |
#### `getCasesStatus`
Returns the number of cases that are open, closed, and in progress.
Arguments
| Property | Description | Type |
| -------- | ---------------------- | --------------------- |
| query | The request parameters | object |
| signal | The abort signal | Optional, AbortSignal |
`query`
| Property | Description | Type |
| -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
| from | Returns only cases that were created after a specific date. The date must be specified as a KQL data range or date match expression. | Optional, string |
| owner | A filter to limit the retrieved cases to a specific set of applications. Valid values are: `cases`, `observability`, and `securitySolution`. If this parameter is omitted, the response contains all cases that the user has access to read. |
| to | Returns only cases that were created before a specific date. The date must be specified as a KQL data range or date match expression. | Optional, string |
#### `getCasesMetrics`
Returns the number of cases that are open, closed, and in progress.
Arguments
| Property | Description | Type |
| -------- | ---------------------- | --------------------- |
| query | The request parameters | object |
| signal | The abort signal | Optional, AbortSignal |
`query`
| Property | Description | Type |
| -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| features | The metrics to retrieve. | Optional, array of strings |
| from | Returns only cases that were created after a specific date. The date must be specified as a KQL data range or date match expression. | Optional, string |
| owner | A filter to limit the retrieved cases to a specific set of applications. Valid values are: `cases`, `observability`, and `securitySolution`. If this parameter is omitted, the response contains all cases that the user has access to read. |
| to | Returns only cases that were created before a specific date. The date must be specified as a KQL data range or date match expression. | Optional, string |
### ui
Arguments: Arguments:
@ -160,6 +225,7 @@ Arguments:
| timelineIntegration?.hooks.useInsertTimeline | `(value: string, onChange: (newValue: string) => void): UseInsertTimelineReturn` | | timelineIntegration?.hooks.useInsertTimeline | `(value: string, onChange: (newValue: string) => void): UseInsertTimelineReturn` |
| timelineIntegration?.ui?.renderInvestigateInTimelineActionComponent? | `(alertIds: string[]) => JSX.Element;` space to render `InvestigateInTimelineActionComponent` | | timelineIntegration?.ui?.renderInvestigateInTimelineActionComponent? | `(alertIds: string[]) => JSX.Element;` space to render `InvestigateInTimelineActionComponent` |
| timelineIntegration?.ui?renderTimelineDetailsPanel? | `() => JSX.Element;` space to render `TimelineDetailsPanel` | | timelineIntegration?.ui?renderTimelineDetailsPanel? | `() => JSX.Element;` space to render `TimelineDetailsPanel` |
#### `getCases`
UI component: UI component:
![All Cases Component][all-cases-img] ![All Cases Component][all-cases-img]
@ -284,4 +350,3 @@ Arguments:
[all-cases-modal-img]: images/all_cases_selector_modal.png [all-cases-modal-img]: images/all_cases_selector_modal.png
[recent-cases-img]: images/recent_cases.png [recent-cases-img]: images/recent_cases.png
[case-view-img]: images/case_view.png [case-view-img]: images/case_view.png
[cases-client-api-docs]: docs/cases_client/README.md