github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Security Solution] Reapply Auto-bundle Timeline API OpenAPI specs (#189315)

Browse source 
**Addresses**: https://github.com/elastic/kibana/issues/184428
**Relates to:** https://github.com/elastic/kibana/pull/188844

## Summary

The original [PR](https://github.com/elastic/kibana/pull/188844) was
rolled back by @Ikuni17 due to CI failures in `main` branch. It turned
the problem was caused by a bug in `check_for_changed_files()` which is
fixed in https://github.com/elastic/kibana/pull/189316.

This PR reapplies https://github.com/elastic/kibana/pull/188844 and it
also includes changes to reduce CI reruns (has to be rerun manually in
draft PRs) caused by changes to generated files. It's achieved by
reducing a number of `check_for_changed_files()` invocations.

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Maxim Palenov 2024-07-31 18:48:44 +02:00 committed by GitHub
parent 3d352549e3
commit f5aec5de29
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
41 changed files with 4457 additions and 201 deletions
Download patch file Download diff file Expand all files Collapse all files

14
.buildkite/scripts/steps/code_generation/security_solution_codegen.sh
View file

@ -6,22 +6,16 @@ source .buildkite/scripts/common/util.sh
echo --- Security Solution OpenAPI Code Generation
echo -e "\n[Security Solution OpenAPI Code Generation] OpenAPI Common Package"
echo -e "\n[Security Solution OpenAPI Code Generation] OpenAPI Common Package\n"
(cd packages/kbn-openapi-common && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true
echo -e "\n[Security Solution OpenAPI Code Generation] Lists Common Package\n"
(cd packages/kbn-securitysolution-lists-common && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true
echo -e "\n[Security Solution OpenAPI Code Generation] Exceptions Common Package"
echo -e "\n[Security Solution OpenAPI Code Generation] Exceptions Common Package\n"
(cd packages/kbn-securitysolution-exceptions-common && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true
echo -e "\n[Security Solution OpenAPI Code Generation] Security Solution Plugin"
echo -e "\n[Security Solution OpenAPI Code Generation] Security Solution Plugin\n"
(cd x-pack/plugins/security_solution && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true

23
.buildkite/scripts/steps/openapi_bundling/security_solution_openapi_bundling.sh
View file

@ -7,36 +7,27 @@ source .buildkite/scripts/common/util.sh
echo --- Security Solution OpenAPI Bundling
echo -e "\n[Security Solution OpenAPI Bundling] Detections API\n"
(cd x-pack/plugins/security_solution && yarn openapi:bundle:detections)
check_for_changed_files "yarn openapi:bundle:detections" true
echo -e "\n[Security Solution OpenAPI Bundling] Timeline API\n"
(cd x-pack/plugins/security_solution && yarn openapi:bundle:timeline)
echo -e "\n[Security Solution OpenAPI Bundling] Entity Analytics API\n"
(cd x-pack/plugins/security_solution && yarn openapi:bundle:entity-analytics)
check_for_changed_files "yarn openapi:bundle:entity-analytics" true
echo -e "\n[Security Solution OpenAPI Bundling] Lists API\n"
echo -e "\n[Security Solution OpenAPI Bundling] Endpoint Management API\n"
(cd x-pack/plugins/security_solution && yarn openapi:bundle:endpoint-management)
check_for_changed_files "yarn openapi:bundle:endpoint-management" true
(cd packages/kbn-securitysolution-lists-common && yarn openapi:bundle)
check_for_changed_files "yarn openapi:bundle" true
echo -e "\n[Security Solution OpenAPI Bundling] Exceptions API\n"
(cd packages/kbn-securitysolution-exceptions-common && yarn openapi:bundle)
check_for_changed_files "yarn openapi:bundle" true
echo -e "\n[Security Solution OpenAPI Bundling] Endpoint Management API\n"
(cd x-pack/plugins/security_solution && yarn openapi:bundle:endpoint-management)
echo -e "\n[Security Solution OpenAPI Bundling] Elastic Assistant API\n"
(cd x-pack/packages/kbn-elastic-assistant-common && yarn openapi:bundle)
check_for_changed_files "yarn openapi:bundle" true
echo -e "\n[Security Solution OpenAPI Bundling] Osquery API\n"
(cd x-pack/plugins/osquery && yarn openapi:bundle)
check_for_changed_files "yarn openapi:bundle" true

34
x-pack/plugins/security_solution/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen.ts Normal file
View file

@ -0,0 +1,34 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Draft Timeline API
* version: 2023-10-31
*/
import { z } from 'zod';
import { TimelineType, TimelineResponse } from '../model/components.gen';
export type CleanDraftTimelinesRequestBody = z.infer<typeof CleanDraftTimelinesRequestBody>;
export const CleanDraftTimelinesRequestBody = z.object({
timelineType: TimelineType,
});
export type CleanDraftTimelinesRequestBodyInput = z.input<typeof CleanDraftTimelinesRequestBody>;
export type CleanDraftTimelinesResponse = z.infer<typeof CleanDraftTimelinesResponse>;
export const CleanDraftTimelinesResponse = z.object({
data: z.object({
persistTimeline: z.object({
timeline: TimelineResponse,
}),
}),
});

18
x-pack/plugins/security_solution/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Draft Timeline API
version: 8.9.0
version: '2023-10-31'
servers:
- url: 'http://{kibana_host}:{port}'
variables:
@ -12,7 +12,9 @@ servers:
paths:
/api/timeline/_draft:
post:
operationId: cleanDraftTimelines
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: CleanDraftTimelines
summary: Retrieves a draft timeline or timeline template.
description: |
Retrieves a clean draft timeline. If a draft timeline does not exist, it is created and returned.
@ -25,9 +27,10 @@ paths:
application/json:
schema:
type: object
required: [timelineType]
properties:
timelineType:
$ref: '../model/components.yaml#/components/schemas/TimelineType'
$ref: '../model/components.schema.yaml#/components/schemas/TimelineType'
responses:
'200':
description: Indicates that the draft timeline was successfully created. In the event the user already has a draft timeline, the existing draft timeline is cleared and returned.
@ -35,17 +38,18 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [persistTimeline]
properties:
persistTimeline:
type: object
required: [timeline]
properties:
timeline:
$ref: '../model/components.yaml#/components/schemas/TimelineResponse'
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/TimelineResponse'
'403':
description: Indicates that the user does not have the required permissions to create a draft timeline.
content:
@ -67,4 +71,4 @@ paths:
message:
type: string
status_code:
type: number
type: number

45
x-pack/plugins/security_solution/common/api/timeline/create_timelines/create_timelines_route.gen.ts Normal file
View file

@ -0,0 +1,45 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Create Timelines API
* version: 2023-10-31
*/
import { z } from 'zod';
import {
TimelineStatus,
TimelineType,
SavedTimeline,
TimelineResponse,
} from '../model/components.gen';
export type CreateTimelinesRequestBody = z.infer<typeof CreateTimelinesRequestBody>;
export const CreateTimelinesRequestBody = z.object({
status: TimelineStatus.nullable().optional(),
timelineId: z.string().nullable().optional(),
templateTimelineId: z.string().nullable().optional(),
templateTimelineVersion: z.number().nullable().optional(),
timelineType: TimelineType.nullable().optional(),
version: z.string().nullable().optional(),
timeline: SavedTimeline,
});
export type CreateTimelinesRequestBodyInput = z.input<typeof CreateTimelinesRequestBody>;
export type CreateTimelinesResponse = z.infer<typeof CreateTimelinesResponse>;
export const CreateTimelinesResponse = z.object({
data: z.object({
persistTimeline: z.object({
timeline: TimelineResponse.optional(),
}),
}),
});

26
x-pack/plugins/security_solution/common/api/timeline/create_timelines/create_timelines_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/create_timelines/create_timelines_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Create Timelines API
version: 8.9.0
version: '2023-10-31'
externalDocs:
url: https://www.elastic.co/guide/en/security/current/timeline-api-create.html
description: Documentation
@ -15,7 +15,9 @@ servers:
paths:
/api/timeline:
post:
operationId: createTimelines
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: CreateTimelines
summary: Creates a new timeline.
tags:
- access:securitySolution
@ -30,9 +32,8 @@ paths:
- timeline
properties:
status:
allOf:
- $ref: '../model/components.yaml#/components/schemas/TimelineStatus'
- nullable: true
$ref: '../model/components.schema.yaml#/components/schemas/TimelineStatus'
nullable: true
timelineId:
type: string
nullable: true
@ -43,14 +44,13 @@ paths:
type: number
nullable: true
timelineType:
allOf:
- $ref: '../model/components.yaml#/components/schemas/TimelineType'
- nullable: true
$ref: '../model/components.schema.yaml#/components/schemas/TimelineType'
nullable: true
version:
type: string
nullable: true
timeline:
$ref: '../model/components.yaml#/components/schemas/SavedTimeline'
$ref: '../model/components.schema.yaml#/components/schemas/SavedTimeline'
responses:
'200':
description: Indicates the timeline was successfully created.
@ -58,17 +58,17 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [persistTimeline]
properties:
persistTimeline:
type: object
properties:
timeline:
$ref: '../model/components.yaml#/components/schemas/TimelineResponse'
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/TimelineResponse'
'405':
description: Indicates that there was an error in the timeline creation.
content:
@ -79,4 +79,4 @@ paths:
body:
type: string
statusCode:
type: number
type: number

35
x-pack/plugins/security_solution/common/api/timeline/delete_note/delete_note_route.gen.ts Normal file
View file

@ -0,0 +1,35 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Notes API
* version: 2023-10-31
*/
import { z } from 'zod';
export type DeleteNoteRequestBody = z.infer<typeof DeleteNoteRequestBody>;
export const DeleteNoteRequestBody = z.union([
z
.object({
noteId: z.string(),
})
.nullable(),
z.object({
noteIds: z.array(z.string()).nullable(),
}),
]);
export type DeleteNoteRequestBodyInput = z.input<typeof DeleteNoteRequestBody>;
export type DeleteNoteResponse = z.infer<typeof DeleteNoteResponse>;
export const DeleteNoteResponse = z.object({
data: z.object({}).optional(),
});

32
x-pack/plugins/security_solution/common/api/timeline/delete_note/delete_note_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/delete_note/delete_note_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Notes API
version: 8.9.0
version: '2023-10-31'
servers:
- url: 'http://{kibana_host}:{port}'
variables:
@ -12,7 +12,9 @@ servers:
paths:
/api/note:
delete:
operationId: deleteNote
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: DeleteNote
summary: Deletes a note from a timeline.
tags:
- access:securitySolution
@ -23,18 +25,20 @@ paths:
application/json:
schema:
oneOf:
type: object
properties:
noteId:
type: string
nullable: true
type: object
properties:
noteIds:
type: array
items:
type: string
nullable: true
- type: object
required: [noteId]
nullable: true
properties:
noteId:
type: string
- type: object
required: [noteIds]
properties:
noteIds:
type: array
nullable: true
items:
type: string
responses:
'200':
description: Indicates the note was successfully deleted.

34
x-pack/plugins/security_solution/common/api/timeline/delete_timelines/delete_timelines_route.gen.ts Normal file
View file

@ -0,0 +1,34 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Delete Timelines API
* version: 2023-10-31
*/
import { z } from 'zod';
export type DeleteTimelinesRequestBody = z.infer<typeof DeleteTimelinesRequestBody>;
export const DeleteTimelinesRequestBody = z.object({
savedObjectIds: z.array(z.string()),
/**
* Saved search ids that should be deleted alongside the timelines
*/
searchIds: z.array(z.string()).optional(),
});
export type DeleteTimelinesRequestBodyInput = z.input<typeof DeleteTimelinesRequestBody>;
export type DeleteTimelinesResponse = z.infer<typeof DeleteTimelinesResponse>;
export const DeleteTimelinesResponse = z.object({
data: z.object({
deleteTimeline: z.boolean(),
}),
});

15
x-pack/plugins/security_solution/common/api/timeline/delete_timelines/delete_timelines_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/delete_timelines/delete_timelines_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Delete Timelines API
version: 8.9.0
version: '2023-10-31'
externalDocs:
url: https://www.elastic.co/guide/en/security/current/timeline-api-delete.html
description: Documentation
@ -15,7 +15,9 @@ servers:
paths:
/api/timeline:
delete:
operationId: deleteTimelines
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: DeleteTimelines
summary: Deletes one or more timelines or timeline templates.
tags:
- access:securitySolution
@ -26,8 +28,7 @@ paths:
application/json:
schema:
type: object
required:
- savedObjectIds
required: [savedObjectIds]
properties:
savedObjectIds:
type: array
@ -35,7 +36,7 @@ paths:
type: string
searchIds:
type: array
description: Saved search ids that should be deleted alongside the timelines
description: Saved search ids that should be deleted alongside the timelines
items:
type: string
responses:
@ -45,11 +46,11 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [deleteTimeline]
properties:
deleteTimeline:
type: boolean
required:
- data

32
x-pack/plugins/security_solution/common/api/timeline/export_timelines/export_timelines_route.gen.ts Normal file
View file

@ -0,0 +1,32 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Import Timelines API
* version: 2023-10-31
*/
import { z } from 'zod';
export type ExportTimelinesRequestQuery = z.infer<typeof ExportTimelinesRequestQuery>;
export const ExportTimelinesRequestQuery = z.object({
/**
* The name of the file to export
*/
file_name: z.string(),
});
export type ExportTimelinesRequestQueryInput = z.input<typeof ExportTimelinesRequestQuery>;
export type ExportTimelinesRequestBody = z.infer<typeof ExportTimelinesRequestBody>;
export const ExportTimelinesRequestBody = z.object({
ids: z.array(z.string()).nullable().optional(),
});
export type ExportTimelinesRequestBodyInput = z.input<typeof ExportTimelinesRequestBody>;

9
x-pack/plugins/security_solution/common/api/timeline/export_timelines/export_timelines_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/export_timelines/export_timelines_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Import Timelines API
version: 8.9.0
version: '2023-10-31'
externalDocs:
url: https://www.elastic.co/guide/en/security/current/timeline-api-import.html
description: Documentation
@ -15,13 +15,16 @@ servers:
paths:
/api/timeline/_export:
post:
operationId: exportTimelines
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: ExportTimelines
summary: Exports timelines as an NDJSON file
tags:
- access:securitySolution
parameters:
- in: query
name: file_name
required: true
schema:
type: string
description: The name of the file to export
@ -56,4 +59,4 @@ paths:
body:
type: string
statusCode:
type: number
type: number

34
x-pack/plugins/security_solution/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen.ts Normal file
View file

@ -0,0 +1,34 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Get Draft Timelines API
* version: 2023-10-31
*/
import { z } from 'zod';
import { TimelineType, TimelineResponse } from '../model/components.gen';
export type GetDraftTimelinesRequestQuery = z.infer<typeof GetDraftTimelinesRequestQuery>;
export const GetDraftTimelinesRequestQuery = z.object({
timelineType: TimelineType,
});
export type GetDraftTimelinesRequestQueryInput = z.input<typeof GetDraftTimelinesRequestQuery>;
export type GetDraftTimelinesResponse = z.infer<typeof GetDraftTimelinesResponse>;
export const GetDraftTimelinesResponse = z.object({
data: z.object({
persistTimeline: z.object({
timeline: TimelineResponse,
}),
}),
});

16
x-pack/plugins/security_solution/common/api/timeline/get_draft_timelines/get_draft_timelines_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/get_draft_timelines/get_draft_timelines_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Get Draft Timelines API
version: 8.9.0
version: '2023-10-31'
servers:
- url: 'http://{kibana_host}:{port}'
variables:
@ -12,15 +12,18 @@ servers:
paths:
/api/timeline/_draft:
get:
operationId: getDraftTimelines
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: GetDraftTimelines
summary: Retrieves the draft timeline for the current user. If the user does not have a draft timeline, an empty timeline is returned.
tags:
- access:securitySolution
parameters:
- in: query
name: timelineType
required: true
schema:
$ref: '../model/components.yaml#/components/schemas/TimelineType'
$ref: '../model/components.schema.yaml#/components/schemas/TimelineType'
responses:
'200':
description: Indicates that the draft timeline was successfully retrieved.
@ -28,15 +31,18 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [persistTimeline]
properties:
persistTimeline:
type: object
required: [timeline]
properties:
timeline:
$ref: '../model/components.yaml#/components/schemas/TimelineResponse'
$ref: '../model/components.schema.yaml#/components/schemas/TimelineResponse'
'403':
description: If a draft timeline was not found and we attempted to create one, it indicates that the user does not have the required permissions to create a draft timeline.
content:
@ -58,4 +64,4 @@ paths:
message:
type: string
status_code:
type: number
type: number

32
x-pack/plugins/security_solution/common/api/timeline/get_notes/get_notes_route.gen.ts Normal file
View file

@ -0,0 +1,32 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Notes API
* version: 2023-10-31
*/
import { z } from 'zod';
export type DocumentIds = z.infer<typeof DocumentIds>;
export const DocumentIds = z.union([z.array(z.string()), z.string()]);
export type GetNotesRequestQuery = z.infer<typeof GetNotesRequestQuery>;
export const GetNotesRequestQuery = z.object({
documentIds: DocumentIds,
page: z.coerce.number().optional(),
perPage: z.coerce.number().optional(),
search: z.string().nullable().optional(),
sortField: z.string().nullable().optional(),
sortOrder: z.string().nullable().optional(),
filter: z.string().nullable().optional(),
});
export type GetNotesRequestQueryInput = z.input<typeof GetNotesRequestQuery>;

25
x-pack/plugins/security_solution/common/api/timeline/get_notes/get_notes_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/get_notes/get_notes_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Notes API
version: 8.9.0
version: '2023-10-31'
servers:
- url: 'http://{kibana_host}:{port}'
variables:
@ -12,19 +12,19 @@ servers:
paths:
/api/note:
get:
operationId: getNotes
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: GetNotes
description: Gets notes
summary: Get all notes for a given document.
tags:
- access:securitySolution
parameters:
- name: documentIds
in: query
required: true
schema:
oneOf:
- type: array
items:
type: string
- type: string
$ref: '#/components/schemas/DocumentIds'
- name: page
in: query
schema:
@ -56,5 +56,14 @@ paths:
type: string
nullable: true
responses:
200:
'200':
description: Indicates the requested notes were returned.
components:
schemas:
DocumentIds:
oneOf:
- type: array
items:
type: string
- type: string

39
x-pack/plugins/security_solution/common/api/timeline/get_timeline/get_timeline_route.gen.ts Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Get Timeline API
* version: 2023-10-31
*/
import { z } from 'zod';
import { TimelineResponse } from '../model/components.gen';
export type GetTimelineRequestQuery = z.infer<typeof GetTimelineRequestQuery>;
export const GetTimelineRequestQuery = z.object({
/**
* The ID of the template timeline to retrieve
*/
template_timeline_id: z.string().optional(),
/**
* The ID of the timeline to retrieve
*/
id: z.string().optional(),
});
export type GetTimelineRequestQueryInput = z.input<typeof GetTimelineRequestQuery>;
export type GetTimelineResponse = z.infer<typeof GetTimelineResponse>;
export const GetTimelineResponse = z.object({
data: z.object({
getOneTimeline: TimelineResponse.nullable(),
}),
});

15
x-pack/plugins/security_solution/common/api/timeline/get_timeline/get_timeline_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/get_timeline/get_timeline_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Get Timeline API
version: 8.9.0
version: '2023-10-31'
externalDocs:
url: https://www.elastic.co/guide/en/security/current/_get_timeline_or_timeline_template_by_savedobjectid.html
description: Documentation
@ -15,7 +15,9 @@ servers:
paths:
/api/timeline:
get:
operationId: getTimeline
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: GetTimeline
summary: Get an existing saved timeline or timeline template. This API is used to retrieve an existing saved timeline or timeline template.
tags:
- access:securitySolution
@ -37,13 +39,12 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [getOneTimeline]
properties:
getOneTimeline:
oneOf:
- $ref: '../model/components.yaml#/components/schemas/TimelineResponse'
- nullable: true
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/TimelineResponse'
nullable: true

53
x-pack/plugins/security_solution/common/api/timeline/get_timelines/get_timelines_route.gen.ts Normal file
View file

@ -0,0 +1,53 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Get Timelines API
* version: 2023-10-31
*/
import { z } from 'zod';
import {
TimelineType,
SortFieldTimeline,
TimelineStatus,
TimelineResponse,
} from '../model/components.gen';
export type GetTimelinesRequestQuery = z.infer<typeof GetTimelinesRequestQuery>;
export const GetTimelinesRequestQuery = z.object({
/**
* If true, only timelines that are marked as favorites by the user are returned.
*/
only_user_favorite: z.enum(['true', 'false']).nullable().optional(),
timeline_type: TimelineType.nullable().optional(),
sort_field: SortFieldTimeline.optional(),
sort_order: z.enum(['asc', 'desc']).optional(),
page_size: z.string().nullable().optional(),
page_index: z.string().nullable().optional(),
search: z.string().nullable().optional(),
status: TimelineStatus.nullable().optional(),
});
export type GetTimelinesRequestQueryInput = z.input<typeof GetTimelinesRequestQuery>;
export type GetTimelinesResponse = z.infer<typeof GetTimelinesResponse>;
export const GetTimelinesResponse = z.object({
data: z.object({
timelines: z.array(TimelineResponse),
totalCount: z.number(),
defaultTimelineCount: z.number(),
templateTimelineCount: z.number(),
favoriteCount: z.number(),
elasticTemplateTimelineCount: z.number(),
customTemplateTimelineCount: z.number(),
}),
});

37
x-pack/plugins/security_solution/common/api/timeline/get_timelines/get_timelines_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/get_timelines/get_timelines_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Get Timelines API
version: 8.9.0
version: '2023-10-31'
externalDocs:
url: https://www.elastic.co/guide/en/security/current/timeline-api-get.html
description: Documentation
@ -15,7 +15,9 @@ servers:
paths:
/api/timelines:
get:
operationId: getTimelines
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: GetTimelines
summary: This API is used to retrieve a list of existing saved timelines or timeline templates.
tags:
- access:securitySolution
@ -32,13 +34,12 @@ paths:
- in: query
name: timeline_type
schema:
allOf:
- $ref: '../model/components.yaml#/components/schemas/TimelineType'
- nullable: true
$ref: '../model/components.schema.yaml#/components/schemas/TimelineType'
nullable: true
- in: query
name: sort_field
schema:
$ref: '../model/components.yaml#/components/schemas/SortFieldTimeline'
schema:
$ref: '../model/components.schema.yaml#/components/schemas/SortFieldTimeline'
- in: query
name: sort_order
schema:
@ -64,9 +65,8 @@ paths:
- in: query
name: status
schema:
allOf:
- $ref: '../model/components.yaml#/components/schemas/TimelineStatus'
- nullable: true
$ref: '../model/components.schema.yaml#/components/schemas/TimelineStatus'
nullable: true
responses:
'200':
description: Indicates that the (template) timelines were found and returned.
@ -74,14 +74,25 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required:
[
timelines,
totalCount,
defaultTimelineCount,
templateTimelineCount,
favoriteCount,
elasticTemplateTimelineCount,
customTemplateTimelineCount,
]
properties:
timelines:
type: array
items:
$ref: '../model/components.yaml#/components/schemas/TimelineResponse'
$ref: '../model/components.schema.yaml#/components/schemas/TimelineResponse'
totalCount:
type: number
defaultTimelineCount:
@ -94,8 +105,6 @@ paths:
type: number
customTemplateTimelineCount:
type: number
required:
- data
'400':
description: Bad request. The user supplied invalid data.
content:
@ -106,4 +115,4 @@ paths:
body:
type: string
statusCode:
type: number
type: number

38
x-pack/plugins/security_solution/common/api/timeline/import_timelines/import_timelines_route.gen.ts Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Import Timelines API
* version: 2023-10-31
*/
import { z } from 'zod';
import { Readable, ImportTimelineResult } from '../model/components.gen';
export type ImportTimelinesRequestBody = z.infer<typeof ImportTimelinesRequestBody>;
export const ImportTimelinesRequestBody = z.object({
file: Readable.merge(
z.object({
hapi: z.object({
filename: z.string(),
headers: z.object({}),
isImmutable: z.enum(['true', 'false']).optional(),
}),
})
),
});
export type ImportTimelinesRequestBodyInput = z.input<typeof ImportTimelinesRequestBody>;
export type ImportTimelinesResponse = z.infer<typeof ImportTimelinesResponse>;
export const ImportTimelinesResponse = z.object({
data: ImportTimelineResult,
});

40
x-pack/plugins/security_solution/common/api/timeline/import_timelines/import_timelines_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/import_timelines/import_timelines_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Import Timelines API
version: 8.9.0
version: '2023-10-31'
externalDocs:
url: https://www.elastic.co/guide/en/security/current/timeline-api-import.html
description: Documentation
@ -15,7 +15,9 @@ servers:
paths:
/api/timeline/_import:
post:
operationId: importTimelines
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: ImportTimelines
summary: Imports timelines.
tags:
- access:securitySolution
@ -28,17 +30,24 @@ paths:
type: object
properties:
file:
type: object
allOf:
- $ref: '../model/components.yaml#/components/schemas/Readable'
- properties:
hapi:
type: object
properties:
filename:
type: string
headers:
type: object
- $ref: '../model/components.schema.yaml#/components/schemas/Readable'
- type: object
required: [hapi]
properties:
hapi:
type: object
required: [filename, headers]
properties:
filename:
type: string
headers:
type: object
isImmutable:
type: string
enum:
- 'true'
- 'false'
responses:
'200':
description: Indicates the import of timelines was successful.
@ -46,11 +55,10 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
$ref: '../model/components.yaml#/components/schemas/ImportTimelineResult'
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/ImportTimelineResult'
'400':
description: Indicates the import of timelines was unsuccessful because of an invalid file extension.
@ -89,4 +97,4 @@ paths:
body:
type: string
statusCode:
type: number
type: number

36
x-pack/plugins/security_solution/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen.ts Normal file
View file

@ -0,0 +1,36 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Install Prepackaged Timelines API
* version: 2023-10-31
*/
import { z } from 'zod';
import { ImportTimelines, SavedTimeline, ImportTimelineResult } from '../model/components.gen';
export type InstallPrepackedTimelinesRequestBody = z.infer<
typeof InstallPrepackedTimelinesRequestBody
>;
export const InstallPrepackedTimelinesRequestBody = z.object({
timelinesToInstall: z.array(ImportTimelines.nullable()),
timelinesToUpdate: z.array(ImportTimelines.nullable()),
prepackagedTimelines: z.array(SavedTimeline),
});
export type InstallPrepackedTimelinesRequestBodyInput = z.input<
typeof InstallPrepackedTimelinesRequestBody
>;
export type InstallPrepackedTimelinesResponse = z.infer<typeof InstallPrepackedTimelinesResponse>;
export const InstallPrepackedTimelinesResponse = z.object({
data: ImportTimelineResult,
});

26
x-pack/plugins/security_solution/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Install Prepackaged Timelines API
version: 8.9.0
version: '2023-10-31'
servers:
- url: 'http://{kibana_host}:{port}'
variables:
@ -12,7 +12,9 @@ servers:
paths:
/api/timeline/_prepackaged:
post:
operationId: installPrepackedTimelines
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: InstallPrepackedTimelines
summary: Installs prepackaged timelines.
tags:
- access:securitySolution
@ -23,23 +25,22 @@ paths:
application/json:
schema:
type: object
required: [timelinesToInstall, timelinesToUpdate, prepackagedTimelines]
properties:
timelinesToInstall:
type: array
items:
allOf:
- $ref: '../model/components.yaml#/components/schemas/ImportTimelines'
- nullable: true
$ref: '../model/components.schema.yaml#/components/schemas/ImportTimelines'
nullable: true
timelinesToUpdate:
type: array
items:
allOf:
- $ref: '../model/components.yaml#/components/schemas/ImportTimelines'
- nullable: true
$ref: '../model/components.schema.yaml#/components/schemas/ImportTimelines'
nullable: true
prepackagedTimelines:
type: array
items:
$ref: '../model/components.yaml#/components/schemas/SavedTimeline'
$ref: '../model/components.schema.yaml#/components/schemas/SavedTimeline'
responses:
'200':
description: Indicates the installation of prepackaged timelines was successful.
@ -47,11 +48,10 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
$ref: '../model/components.yaml#/components/schemas/ImportTimelineResult'
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/ImportTimelineResult'
'500':
description: Indicates the installation of prepackaged timelines was unsuccessful.
content:
@ -62,4 +62,4 @@ paths:
body:
type: string
statusCode:
type: number
type: number

354
x-pack/plugins/security_solution/common/api/timeline/model/components.gen.ts Normal file
View file

@ -0,0 +1,354 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Shared Timeline Components
* version: not applicable
*/
import type { ZodTypeDef } from 'zod';
import { z } from 'zod';
/**
* The type of timeline to create. Valid values are `default` and `template`.
*/
export type TimelineType = z.infer<typeof TimelineType>;
export const TimelineType = z.enum(['default', 'template']);
export type TimelineTypeEnum = typeof TimelineType.enum;
export const TimelineTypeEnum = TimelineType.enum;
/**
* The type of data provider to create. Valid values are `default` and `template`.
*/
export type DataProviderType = z.infer<typeof DataProviderType>;
export const DataProviderType = z.enum(['default', 'template']);
export type DataProviderTypeEnum = typeof DataProviderType.enum;
export const DataProviderTypeEnum = DataProviderType.enum;
export type ColumnHeaderResult = z.infer<typeof ColumnHeaderResult>;
export const ColumnHeaderResult = z.object({
aggregatable: z.boolean().optional(),
category: z.string().optional(),
columnHeaderType: z.string().optional(),
description: z.string().optional(),
example: z.union([z.string(), z.number()]).optional(),
indexes: z.array(z.string()).optional(),
id: z.string().optional(),
name: z.string().optional(),
placeholder: z.string().optional(),
searchable: z.boolean().optional(),
type: z.string().optional(),
});
export type QueryMatchResult = z.infer<typeof QueryMatchResult>;
export const QueryMatchResult = z.object({
field: z.string().optional(),
displayField: z.string().optional(),
value: z.string().optional(),
displayValue: z.string().optional(),
operator: z.string().optional(),
});
export interface DataProviderResult {
id?: string;
name?: string;
enabled?: boolean;
excluded?: boolean;
kqlQuery?: string;
queryMatch?: QueryMatchResult;
and?: DataProviderResult[];
type?: DataProviderType;
}
export interface DataProviderResultInput {
id?: string;
name?: string;
enabled?: boolean;
excluded?: boolean;
kqlQuery?: string;
queryMatch?: QueryMatchResult;
and?: DataProviderResultInput[];
type?: DataProviderType;
}
export const DataProviderResult: z.ZodType<
DataProviderResult,
ZodTypeDef,
DataProviderResultInput
> = z.object({
id: z.string().optional(),
name: z.string().optional(),
enabled: z.boolean().optional(),
excluded: z.boolean().optional(),
kqlQuery: z.string().optional(),
queryMatch: QueryMatchResult.optional(),
and: z.array(z.lazy(() => DataProviderResult)).optional(),
type: DataProviderType.optional(),
});
export type RowRendererId = z.infer<typeof RowRendererId>;
export const RowRendererId = z.enum([
'alert',
'alerts',
'auditd',
'auditd_file',
'library',
'netflow',
'plain',
'registry',
'suricata',
'system',
'system_dns',
'system_endgame_process',
'system_file',
'system_fim',
'system_security_event',
'system_socket',
'threat_match',
'zeek',
]);
export type RowRendererIdEnum = typeof RowRendererId.enum;
export const RowRendererIdEnum = RowRendererId.enum;
export type FavoriteTimelineResult = z.infer<typeof FavoriteTimelineResult>;
export const FavoriteTimelineResult = z.object({
fullName: z.string().nullable().optional(),
userName: z.string().nullable().optional(),
favoriteDate: z.number().nullable().optional(),
});
export type FilterTimelineResult = z.infer<typeof FilterTimelineResult>;
export const FilterTimelineResult = z.object({
exists: z.boolean().optional(),
meta: z
.object({
alias: z.string().optional(),
controlledBy: z.string().optional(),
disabled: z.boolean().optional(),
field: z.string().optional(),
formattedValue: z.string().optional(),
index: z.string().optional(),
key: z.string().optional(),
negate: z.boolean().optional(),
params: z.string().optional(),
type: z.string().optional(),
value: z.string().optional(),
})
.optional(),
match_all: z.string().optional(),
missing: z.string().optional(),
query: z.string().optional(),
range: z.string().optional(),
script: z.string().optional(),
});
export type SerializedFilterQueryResult = z.infer<typeof SerializedFilterQueryResult>;
export const SerializedFilterQueryResult = z.object({
filterQuery: z
.object({
kuery: z
.object({
kind: z.string().optional(),
expression: z.string().optional(),
})
.optional(),
serializedQuery: z.string().optional(),
})
.optional(),
});
export type Sort = z.infer<typeof Sort>;
export const Sort = z.object({
columnId: z.string().nullable().optional(),
columnType: z.string().nullable().optional(),
sortDirection: z.string().nullable().optional(),
});
export type SavedTimeline = z.infer<typeof SavedTimeline>;
export const SavedTimeline = z.object({
columns: ColumnHeaderResult.nullable().optional(),
created: z.number().nullable().optional(),
createdBy: z.string().nullable().optional(),
dataProviders: z
.array(z.lazy(() => DataProviderResult))
.nullable()
.optional(),
dataViewId: z.string().nullable().optional(),
dateRange: z
.object({
end: z.union([z.string(), z.number()]).optional(),
start: z.union([z.string(), z.number()]).optional(),
})
.nullable()
.optional(),
description: z.string().nullable().optional(),
eqlOptions: z
.object({
eventCategoryField: z.string().optional(),
tiebreakerField: z.string().optional(),
timestampField: z.string().optional(),
})
.nullable()
.optional(),
eventType: z.string().nullable().optional(),
excludedRowRendererIds: z.array(RowRendererId).nullable().optional(),
favorite: z.array(FavoriteTimelineResult).nullable().optional(),
filters: z.array(FilterTimelineResult).nullable().optional(),
kqlMode: z.string().nullable().optional(),
kqlQuery: SerializedFilterQueryResult.nullable().optional(),
indexNames: z.array(z.string()).nullable().optional(),
savedSearchId: z.string().nullable().optional(),
savedQueryId: z.string().nullable().optional(),
sort: Sort.nullable().optional(),
status: z.enum(['active', 'draft', 'immutable']).nullable().optional(),
title: z.string().nullable().optional(),
templateTimelineId: z.string().nullable().optional(),
templateTimelineVersion: z.number().nullable().optional(),
timelineType: TimelineType.nullable().optional(),
updated: z.number().nullable().optional(),
updatedBy: z.string().nullable().optional(),
});
export type BareNote = z.infer<typeof BareNote>;
export const BareNote = z.object({
eventId: z.string().nullable().optional(),
note: z.string().nullable().optional(),
timelineId: z.string().nullable(),
created: z.number().nullable().optional(),
createdBy: z.string().nullable().optional(),
updated: z.number().nullable().optional(),
updatedBy: z.string().nullable().optional(),
});
export type Note = z.infer<typeof Note>;
export const Note = BareNote.merge(
z.object({
noteId: z.string().optional(),
version: z.string().optional(),
})
);
export type PinnedEvent = z.infer<typeof PinnedEvent>;
export const PinnedEvent = z.object({
pinnedEventId: z.string(),
eventId: z.string(),
timelineId: z.string(),
created: z.number().nullable().optional(),
createdBy: z.string().nullable().optional(),
updated: z.number().nullable().optional(),
updatedBy: z.string().nullable().optional(),
version: z.string(),
});
export type TimelineResponse = z.infer<typeof TimelineResponse>;
export const TimelineResponse = SavedTimeline.merge(
z.object({
eventIdToNoteIds: z.array(Note).optional(),
notes: z.array(Note).optional(),
noteIds: z.array(z.string()).optional(),
pinnedEventIds: z.array(z.string()).optional(),
pinnedEventsSaveObject: z.array(PinnedEvent).optional(),
savedObjectId: z.string(),
version: z.string(),
})
);
export type FavoriteTimelineResponse = z.infer<typeof FavoriteTimelineResponse>;
export const FavoriteTimelineResponse = z.object({
savedObjectId: z.string(),
version: z.string(),
code: z.number().nullable().optional(),
message: z.string().nullable().optional(),
templateTimelineId: z.string().nullable().optional(),
templateTimelineVersion: z.number().nullable().optional(),
timelineType: TimelineType.optional(),
favorite: z.array(FavoriteTimelineResult).optional(),
});
export type GlobalNote = z.infer<typeof GlobalNote>;
export const GlobalNote = z.object({
noteId: z.string().optional(),
version: z.string().optional(),
note: z.string().optional(),
timelineId: z.string().optional(),
created: z.number().optional(),
createdBy: z.string().optional(),
updated: z.number().optional(),
updatedBy: z.string().optional(),
});
/**
* The field to sort the timelines by.
*/
export type SortFieldTimeline = z.infer<typeof SortFieldTimeline>;
export const SortFieldTimeline = z.enum(['title', 'description', 'updated', 'created']);
export type SortFieldTimelineEnum = typeof SortFieldTimeline.enum;
export const SortFieldTimelineEnum = SortFieldTimeline.enum;
/**
* The status of the timeline. Valid values are `active`, `draft`, and `immutable`.
*/
export type TimelineStatus = z.infer<typeof TimelineStatus>;
export const TimelineStatus = z.enum(['active', 'draft', 'immutable']);
export type TimelineStatusEnum = typeof TimelineStatus.enum;
export const TimelineStatusEnum = TimelineStatus.enum;
export type ImportTimelines = z.infer<typeof ImportTimelines>;
export const ImportTimelines = SavedTimeline.merge(
z.object({
savedObjectId: z.string().nullable().optional(),
version: z.string().nullable().optional(),
globalNotes: z.array(BareNote).nullable().optional(),
eventNotes: z.array(BareNote).nullable().optional(),
pinnedEventIds: z.array(z.string()).nullable().optional(),
})
);
export type ImportTimelineResult = z.infer<typeof ImportTimelineResult>;
export const ImportTimelineResult = z.object({
success: z.boolean().optional(),
success_count: z.number().optional(),
timelines_installed: z.number().optional(),
timelines_updated: z.number().optional(),
errors: z
.array(
z.object({
id: z.string().optional(),
error: z
.object({
message: z.string().optional(),
status_code: z.number().optional(),
})
.optional(),
})
)
.optional(),
});
export type ExportedTimelines = z.infer<typeof ExportedTimelines>;
export const ExportedTimelines = SavedTimeline.merge(
z.object({
globalNotes: z.array(Note).optional(),
eventNotes: z.array(Note).optional(),
pinnedEventIds: z.array(z.string()).optional(),
})
);
export type Readable = z.infer<typeof Readable>;
export const Readable = z.object({
_maxListeners: z.object({}).catchall(z.unknown()).optional(),
_readableState: z.object({}).catchall(z.unknown()).optional(),
_read: z.object({}).catchall(z.unknown()).optional(),
readable: z.boolean().optional(),
_events: z.object({}).catchall(z.unknown()).optional(),
_eventsCount: z.number().optional(),
_data: z.object({}).catchall(z.unknown()).optional(),
_position: z.number().optional(),
_encoding: z.string().optional(),
});

102
x-pack/plugins/security_solution/common/api/timeline/model/components.yaml → x-pack/plugins/security_solution/common/api/timeline/model/components.schema.yaml
View file

@ -1,3 +1,8 @@
openapi: 3.0.0
info:
title: Shared Timeline Components
version: 'not applicable'
paths: {}
components:
schemas:
TimelineType:
@ -5,32 +10,40 @@ components:
enum:
- default
- template
default: default
# enum default value is temporarily unsupported by the code generator
# default: default
description: The type of timeline to create. Valid values are `default` and `template`.
DataProviderType:
type: string
enum:
- default
- template
default: default
# enum default value is temporarily unsupported by the code generator
# default: default
description: The type of data provider to create. Valid values are `default` and `template`.
SavedTimeline:
type: object
properties:
columns:
$ref: '#/components/schemas/ColumnHeaderResult'
nullable: true
created:
type: number
nullable: true
createdBy:
type: string
nullable: true
dataProviders:
type: array
nullable: true
items:
$ref: '#/components/schemas/DataProviderResult'
dataViewId:
type: string
nullable: true
dateRange:
type: object
nullable: true
properties:
end:
oneOf:
@ -42,8 +55,10 @@ components:
- type: number
description:
type: string
nullable: true
eqlOptions:
type: object
nullable: true
properties:
eventCategoryField:
type: string
@ -53,48 +68,67 @@ components:
type: string
eventType:
type: string
nullable: true
excludedRowRendererIds:
type: array
nullable: true
items:
$ref: '#/components/schemas/RowRendererId'
favorite:
type: array
nullable: true
items:
$ref: '#/components/schemas/FavoriteTimelineResult'
filters:
type: array
nullable: true
items:
$ref: '#/components/schemas/FilterTimelineResult'
kqlMode:
type: string
nullable: true
kqlQuery:
nullable: true
$ref: '#/components/schemas/SerializedFilterQueryResult'
indexNames:
type: array
nullable: true
items:
type: string
savedSearchId:
type: string
nullable: true
savedQueryId:
type: string
nullable: true
sort:
nullable: true
$ref: '#/components/schemas/Sort'
status:
type: string
nullable: true
enum:
- active
- draft
- immutable
title:
type: string
nullable: true
templateTimelineId:
type: string
nullable: true
templateTimelineVersion:
type: number
nullable: true
timelineType:
nullable: true
$ref: '#/components/schemas/TimelineType'
updated:
type: number
nullable: true
updatedBy:
type: string
nullable: true
TimelineResponse:
allOf:
- $ref: '#/components/schemas/SavedTimeline'
@ -220,21 +254,29 @@ components:
$ref: '#/components/schemas/DataProviderType'
BareNote:
type: object
required: [timelineId]
properties:
eventId:
type: string
nullable: true
note:
type: string
nullable: true
timelineId:
type: string
nullable: true
created:
type: number
nullable: true
createdBy:
type: string
nullable: true
updated:
type: number
nullable: true
updatedBy:
type: string
nullable: true
Note:
allOf:
- $ref: '#/components/schemas/BareNote'
@ -263,15 +305,6 @@ components:
type: number
updatedBy:
type: string
Note:
allOf:
- $ref: '#/components/schemas/BareNote'
- type: object
properties:
noteId:
type: string
version:
type: string
RowRendererId:
type: string
enum:
@ -298,10 +331,13 @@ components:
properties:
fullName:
type: string
nullable: true
userName:
type: string
nullable: true
favoriteDate:
type: number
nullable: true
FilterTimelineResult:
type: object
properties:
@ -359,6 +395,7 @@ components:
type: string
PinnedEvent:
type: object
required: [eventId, pinnedEventId, timelineId, version]
properties:
pinnedEventId:
type: string
@ -368,12 +405,16 @@ components:
type: string
created:
type: number
nullable: true
createdBy:
type: string
nullable: true
updated:
type: number
nullable: true
updatedBy:
type: string
nullable: true
version:
type: string
Sort:
@ -381,27 +422,29 @@ components:
properties:
columnId:
type: string
nullable: true
columnType:
type: string
nullable: true
sortDirection:
type: string
nullable: true
SortFieldTimeline:
type: object
type: string
description: The field to sort the timelines by.
properties:
title:
type: string
description:
type: string
updated:
type: string
created:
type: string
enum:
- title
- description
- updated
- created
TimelineStatus:
type: string
enum:
- active
- draft
- immutable
default: draft
# enum default value is temporarily unsupported by the code generator
# default: draft
description: The status of the timeline. Valid values are `active`, `draft`, and `immutable`.
ImportTimelines:
allOf:
@ -475,19 +518,24 @@ components:
type: object
properties:
_maxListeners:
type: {}
type: object
additionalProperties: true
_readableState:
type: {}
type: object
additionalProperties: true
_read:
type: {}
type: object
additionalProperties: true
readable:
type: boolean
_events:
type: {}
type: object
additionalProperties: true
_eventsCount:
type: number
_data:
type: {}
type: object
additionalProperties: true
_position:
type: number
_encoding:

36
x-pack/plugins/security_solution/common/api/timeline/patch_timelines/patch_timeline_route.gen.ts Normal file
View file

@ -0,0 +1,36 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Patch Timeline API
* version: 2023-10-31
*/
import { z } from 'zod';
import { SavedTimeline, TimelineResponse } from '../model/components.gen';
export type PatchTimelineRequestBody = z.infer<typeof PatchTimelineRequestBody>;
export const PatchTimelineRequestBody = z.object({
timelineId: z.string().nullable(),
version: z.string().nullable(),
timeline: SavedTimeline,
});
export type PatchTimelineRequestBodyInput = z.input<typeof PatchTimelineRequestBody>;
export type PatchTimelineResponse = z.infer<typeof PatchTimelineResponse>;
export const PatchTimelineResponse = z.object({
data: z.object({
persistTimeline: z.object({
timeline: TimelineResponse,
}),
}),
});

20
x-pack/plugins/security_solution/common/api/timeline/patch_timelines/patch_timeline_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/patch_timelines/patch_timeline_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Patch Timeline API
version: 8.9.0
version: '2023-10-31'
servers:
- url: 'http://{kibana_host}:{port}'
variables:
@ -12,7 +12,9 @@ servers:
paths:
/api/timeline:
patch:
operationId: patchTimeline
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: PatchTimeline
summary: Updates an existing timeline.
description: Updates an existing timeline. This API is used to update the title, description, date range, pinned events, pinned queries, and/or pinned saved queries of an existing timeline.
tags:
@ -24,13 +26,16 @@ paths:
application/json:
schema:
type: object
required: [timelineId, version, timeline]
properties:
timelineId:
type: string
nullable: true
version:
type: string
nullable: true
timeline:
$ref: '../model/components.yaml#/components/schemas/SavedTimeline'
$ref: '../model/components.schema.yaml#/components/schemas/SavedTimeline'
responses:
'200':
description: Indicates that the draft timeline was successfully created. In the event the user already has a draft timeline, the existing draft timeline is cleared and returned.
@ -38,17 +43,18 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [persistTimeline]
properties:
persistTimeline:
type: object
required: [timeline]
properties:
timeline:
$ref: '../model/components.yaml#/components/schemas/TimelineResponse'
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/TimelineResponse'
'405':
description: Indicates that the user does not have the required access to create a draft timeline.
content:
@ -59,4 +65,4 @@ paths:
body:
type: string
statusCode:
type: number
type: number

35
x-pack/plugins/security_solution/common/api/timeline/persist_favorite/persist_favorite_route.gen.ts Normal file
View file

@ -0,0 +1,35 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Favorite API
* version: 2023-10-31
*/
import { z } from 'zod';
import { TimelineType, FavoriteTimelineResponse } from '../model/components.gen';
export type PersistFavoriteRouteRequestBody = z.infer<typeof PersistFavoriteRouteRequestBody>;
export const PersistFavoriteRouteRequestBody = z.object({
timelineId: z.string().nullable(),
templateTimelineId: z.string().nullable(),
templateTimelineVersion: z.number().nullable(),
timelineType: TimelineType.nullable(),
});
export type PersistFavoriteRouteRequestBodyInput = z.input<typeof PersistFavoriteRouteRequestBody>;
export type PersistFavoriteRouteResponse = z.infer<typeof PersistFavoriteRouteResponse>;
export const PersistFavoriteRouteResponse = z.object({
data: z.object({
persistFavorite: FavoriteTimelineResponse,
}),
});

20
x-pack/plugins/security_solution/common/api/timeline/persist_favorite/persist_favorite_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/persist_favorite/persist_favorite_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Favorite API
version: 8.9.0
version: '2023-10-31'
servers:
- url: 'http://{kibana_host}:{port}'
variables:
@ -12,7 +12,9 @@ servers:
paths:
/api/timeline/_favorite:
patch:
operationId: persistFavoriteRoute
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: PersistFavoriteRoute
summary: Persists a given users favorite status of a timeline.
tags:
- access:securitySolution
@ -23,6 +25,7 @@ paths:
application/json:
schema:
type: object
required: [timelineId, templateTimelineId, templateTimelineVersion, timelineType]
properties:
timelineId:
type: string
@ -34,9 +37,8 @@ paths:
type: number
nullable: true
timelineType:
allOf:
- $ref: '../model/components.yaml#/components/schemas/TimelineType'
- nullable: true
$ref: '../model/components.schema.yaml#/components/schemas/TimelineType'
nullable: true
responses:
'200':
description: Indicates the favorite status was successfully updated.
@ -44,14 +46,14 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [persistFavorite]
properties:
persistFavorite:
$ref: '../model/components.yaml#/components/schemas/FavoriteTimelineResponse'
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/FavoriteTimelineResponse'
'403':
description: Indicates the user does not have the required permissions to persist the favorite status.
content:
@ -62,4 +64,4 @@ paths:
body:
type: string
statusCode:
type: number
type: number

42
x-pack/plugins/security_solution/common/api/timeline/persist_note/persist_note_route.gen.ts Normal file
View file

@ -0,0 +1,42 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Notes API
* version: 2023-10-31
*/
import { z } from 'zod';
import { BareNote, Note } from '../model/components.gen';
export type PersistNoteRouteRequestBody = z.infer<typeof PersistNoteRouteRequestBody>;
export const PersistNoteRouteRequestBody = z.object({
note: BareNote,
overrideOwner: z.boolean().nullable().optional(),
noteId: z.string().nullable().optional(),
version: z.string().nullable().optional(),
eventIngested: z.string().nullable().optional(),
eventTimestamp: z.string().nullable().optional(),
eventDataView: z.string().nullable().optional(),
});
export type PersistNoteRouteRequestBodyInput = z.input<typeof PersistNoteRouteRequestBody>;
export type PersistNoteRouteResponse = z.infer<typeof PersistNoteRouteResponse>;
export const PersistNoteRouteResponse = z.object({
data: z.object({
persistNote: z.object({
code: z.number(),
message: z.string(),
note: Note,
}),
}),
});

27
x-pack/plugins/security_solution/common/api/timeline/persist_note/persist_note_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/persist_note/persist_note_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Notes API
version: 8.14.0
version: '2023-10-31'
externalDocs:
url: https://www.elastic.co/guide/en/security/current/timeline-api-update.html
description: Documentation
@ -15,7 +15,9 @@ servers:
paths:
/api/note:
patch:
operationId: persistNoteRoute
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: PersistNoteRoute
summary: Persists a note to a timeline.
tags:
- access:securitySolution
@ -26,11 +28,10 @@ paths:
application/json:
schema:
type: object
required:
- note
required: [note]
properties:
note:
$ref: '../model/components.yaml#/components/schemas/BareNote'
$ref: '../model/components.schema.yaml#/components/schemas/BareNote'
overrideOwner:
type: boolean
nullable: true
@ -40,6 +41,15 @@ paths:
version:
type: string
nullable: true
eventIngested:
type: string
nullable: true
eventTimestamp:
type: string
nullable: true
eventDataView:
type: string
nullable: true
responses:
'200':
description: Indicates the note was successfully created.
@ -47,18 +57,19 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [persistNote]
properties:
persistNote:
type: object
required: [code, message, note]
properties:
code:
type: number
message:
type: string
note:
$ref: '../model/components.yaml#/components/schemas/Note'
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/Note'

41
x-pack/plugins/security_solution/common/api/timeline/pinned_events/pinned_events_route.gen.ts Normal file
View file

@ -0,0 +1,41 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Pinned Event API
* version: 2023-10-31
*/
import { z } from 'zod';
import { PinnedEvent } from '../model/components.gen';
export type PersistPinnedEventRouteRequestBody = z.infer<typeof PersistPinnedEventRouteRequestBody>;
export const PersistPinnedEventRouteRequestBody = z.object({
eventId: z.string(),
pinnedEventId: z.string().nullable().optional(),
timelineId: z.string(),
});
export type PersistPinnedEventRouteRequestBodyInput = z.input<
typeof PersistPinnedEventRouteRequestBody
>;
export type PersistPinnedEventRouteResponse = z.infer<typeof PersistPinnedEventRouteResponse>;
export const PersistPinnedEventRouteResponse = z.object({
data: z.object({
persistPinnedEventOnTimeline: PinnedEvent.merge(
z.object({
code: z.number().optional(),
message: z.string().optional(),
})
),
}),
});

15
x-pack/plugins/security_solution/common/api/timeline/pinned_events/pinned_events_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/pinned_events/pinned_events_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Pinned Event API
version: 8.14.0
version: '2023-10-31'
externalDocs:
url: https://www.elastic.co/guide/en/security/current/_pin_an_event_to_an_existing_timeline.html
description: Documentation
@ -15,7 +15,9 @@ servers:
paths:
/api/pinned_event:
patch:
operationId: persistPinnedEventRoute
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: PersistPinnedEventRoute
summary: Persists a pinned event to a timeline.
tags:
- access:securitySolution
@ -26,8 +28,7 @@ paths:
application/json:
schema:
type: object
required:
- eventId
required: [eventId, timelineId]
properties:
eventId:
type: string
@ -43,18 +44,18 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [persistPinnedEventOnTimeline]
properties:
persistPinnedEventOnTimeline:
allOf:
- $ref: '../model/components.yaml#/components/schemas/PinnedEvent'
- $ref: '../model/components.schema.yaml#/components/schemas/PinnedEvent'
- type: object
properties:
code:
type: number
message:
type: string
required:
- data

39
x-pack/plugins/security_solution/common/api/timeline/resolve_timeline/resolve_timeline_route.gen.ts Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Elastic Security - Timeline - Resolve Timeline API
* version: 2023-10-31
*/
import { z } from 'zod';
import { TimelineResponse } from '../model/components.gen';
export type ResolveTimelineRequestQuery = z.infer<typeof ResolveTimelineRequestQuery>;
export const ResolveTimelineRequestQuery = z.object({
/**
* The ID of the template timeline to resolve
*/
template_timeline_id: z.string().optional(),
/**
* The ID of the timeline to resolve
*/
id: z.string().optional(),
});
export type ResolveTimelineRequestQueryInput = z.input<typeof ResolveTimelineRequestQuery>;
export type ResolveTimelineResponse = z.infer<typeof ResolveTimelineResponse>;
export const ResolveTimelineResponse = z.object({
data: z.object({
getOneTimeline: TimelineResponse.nullable(),
}),
});

19
x-pack/plugins/security_solution/common/api/timeline/resolve_timeline/resolve_timeline_route_schema.yaml → x-pack/plugins/security_solution/common/api/timeline/resolve_timeline/resolve_timeline_route.schema.yaml
View file

@ -1,7 +1,7 @@
openapi: 3.0.0
info:
title: Elastic Security - Timeline - Resolve Timeline API
version: 8.9.0
version: '2023-10-31'
servers:
- url: 'http://{kibana_host}:{port}'
variables:
@ -10,9 +10,11 @@ servers:
port:
default: '5601'
paths:
/api/timeline:
/api/timeline/resolve:
get:
operationId: resolveTimeline
x-labels: [serverless, ess]
x-codegen-enabled: true
operationId: ResolveTimeline
summary: Get an existing saved timeline or timeline template.
tags:
- access:securitySolution
@ -34,17 +36,16 @@ paths:
application/json:
schema:
type: object
required: [data]
properties:
data:
type: object
required: [getOneTimeline]
properties:
getOneTimeline:
oneOf:
- $ref: '../model/components.yaml#/components/schemas/TimelineResponse'
- nullable: true
required:
- data
$ref: '../model/components.schema.yaml#/components/schemas/TimelineResponse'
nullable: true
'400':
description: The request is missing parameters
'404':
description: The (template) timeline was not found
description: The (template) timeline was not found

1472
x-pack/plugins/security_solution/docs/openapi/ess/security_solution_timeline_api_2023_10_31.bundled.schema.yaml Normal file
View file

File diff suppressed because it is too large Load diff

1472
x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_timeline_api_2023_10_31.bundled.schema.yaml Normal file
View file

File diff suppressed because it is too large Load diff

3
x-pack/plugins/security_solution/package.json
View file

@ -31,7 +31,8 @@
"openapi:generate": "node scripts/openapi/generate",
"openapi:generate:debug": "node --inspect-brk scripts/openapi/generate",
"openapi:bundle:detections": "node scripts/openapi/bundle_detections",
"openapi:bundle:timeline": "node scripts/openapi/bundle_timeline",
"openapi:bundle:entity-analytics": "node scripts/openapi/bundle_entity_analytics",
"openapi:bundle:endpoint-management": "node scripts/openapi/bundle_endpoint_management"
}
}
}

46
x-pack/plugins/security_solution/scripts/openapi/bundle_timeline.js Normal file
View file

@ -0,0 +1,46 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
require('../../../../../src/setup_node_env');
const { bundle } = require('@kbn/openapi-bundler');
const { join, resolve } = require('path');
const ROOT = resolve(__dirname, '../..');
(async () => {
await bundle({
sourceGlob: join(ROOT, 'common/api/timeline/**/*.schema.yaml'),
outputFilePath: join(
ROOT,
'docs/openapi/serverless/security_solution_timeline_api_{version}.bundled.schema.yaml'
),
options: {
includeLabels: ['serverless'],
specInfo: {
title: 'Security Solution Timeline API (Elastic Cloud Serverless)',
description:
'You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file.',
},
},
});
await bundle({
sourceGlob: join(ROOT, 'common/api/timeline/**/*.schema.yaml'),
outputFilePath: join(
ROOT,
'docs/openapi/ess/security_solution_timeline_api_{version}.bundled.schema.yaml'
),
options: {
includeLabels: ['ess'],
specInfo: {
title: 'Security Solution Timeline API (Elastic Cloud and self-hosted)',
description:
'You can create Timelines and Timeline templates via the API, as well as import new Timelines from an ndjson file.',
},
},
});
})();

207
x-pack/test/api_integration/services/security_solution_api.gen.ts
View file

@ -27,15 +27,19 @@ import { BulkDeleteRulesPostRequestBodyInput } from '@kbn/security-solution-plug
import { BulkPatchRulesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.gen';
import { BulkUpdateRulesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.gen';
import { BulkUpsertAssetCriticalityRecordsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen';
import { CleanDraftTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/clean_draft_timelines/clean_draft_timelines_route.gen';
import { CreateAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen';
import { CreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen';
import { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen';
import { CreateTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/create_timelines/create_timelines_route.gen';
import {
CreateUpdateProtectionUpdatesNoteRequestParamsInput,
CreateUpdateProtectionUpdatesNoteRequestBodyInput,
} from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen';
import { DeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen';
import { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen';
import { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen';
import { DeleteTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_timelines/delete_timelines_route.gen';
import { DeprecatedTriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen';
import { EndpointIsolateRedirectRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/isolate_route.gen';
import { EndpointUnisolateRedirectRequestBodyInput } from '@kbn/security-solution-plugin/common/api/endpoint/actions/unisolate_route.gen';
@ -43,16 +47,22 @@ import {
ExportRulesRequestQueryInput,
ExportRulesRequestBodyInput,
} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/export_rules/export_rules_route.gen';
import {
ExportTimelinesRequestQueryInput,
ExportTimelinesRequestBodyInput,
} from '@kbn/security-solution-plugin/common/api/timeline/export_timelines/export_timelines_route.gen';
import { FinalizeAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen';
import { FindAssetCriticalityRecordsRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/list_asset_criticality.gen';
import { FindRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/find_rules/find_rules_route.gen';
import { GetAgentPolicySummaryRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy.gen';
import { GetAlertsMigrationStatusRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/get_signals_migration_status/get_signals_migration_status.gen';
import { GetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/get_asset_criticality.gen';
import { GetDraftTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_draft_timelines/get_draft_timelines_route.gen';
import {
GetEndpointSuggestionsRequestParamsInput,
GetEndpointSuggestionsRequestBodyInput,
} from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen';
import { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen';
import { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy.gen';
import { GetProtectionUpdatesNoteRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen';
import {
@ -63,18 +73,27 @@ import {
GetRuleExecutionResultsRequestQueryInput,
GetRuleExecutionResultsRequestParamsInput,
} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen';
import { GetTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timeline/get_timeline_route.gen';
import { GetTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_timelines/get_timelines_route.gen';
import { ImportRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen';
import { ImportTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/import_timelines/import_timelines_route.gen';
import { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen';
import { InternalCreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/internal_create_asset_criticality.gen';
import { InternalDeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/internal_delete_asset_criticality.gen';
import { InternalGetAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/internal_get_asset_criticality.gen';
import { ManageAlertTagsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen';
import { PatchRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen';
import { PatchTimelineRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/patch_timelines/patch_timeline_route.gen';
import {
PerformBulkActionRequestQueryInput,
PerformBulkActionRequestBodyInput,
} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen';
import { PersistFavoriteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_favorite/persist_favorite_route.gen';
import { PersistNoteRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/persist_note/persist_note_route.gen';
import { PersistPinnedEventRouteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/pinned_events/pinned_events_route.gen';
import { PreviewRiskScoreRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/preview_route.gen';
import { ReadRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/read_rule/read_rule_route.gen';
import { ResolveTimelineRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/resolve_timeline/resolve_timeline_route.gen';
import { RulePreviewRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_preview/rule_preview.gen';
import { SearchAlertsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/query_signals/query_signals_route.gen';
import { SetAlertAssigneesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen';
@ -172,6 +191,18 @@ after 30 days. It also deletes other artifacts specific to the migration impleme
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
/**
* Retrieves a clean draft timeline. If a draft timeline does not exist, it is created and returned.
*/
cleanDraftTimelines(props: CleanDraftTimelinesProps) {
return supertest
.post('/api/timeline/_draft')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
createAlertsIndex() {
return supertest
.post('/api/detection_engine/index')
@ -211,6 +242,14 @@ Migrations are initiated per index. While the process is neither destructive nor
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
createTimelines(props: CreateTimelinesProps) {
return supertest
.post('/api/timeline')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
createUpdateProtectionUpdatesNote(props: CreateUpdateProtectionUpdatesNoteProps) {
return supertest
.post(
@ -236,6 +275,14 @@ Migrations are initiated per index. While the process is neither destructive nor
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
deleteNote(props: DeleteNoteProps) {
return supertest
.delete('/api/note')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
/**
* Delete a detection rule using the `rule_id` or `id` field.
*/
@ -247,6 +294,14 @@ Migrations are initiated per index. While the process is neither destructive nor
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
deleteTimelines(props: DeleteTimelinesProps) {
return supertest
.delete('/api/timeline')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
/**
* Calculates and persists Risk Scores for an entity, returning the calculated risk score.
*/
@ -305,6 +360,15 @@ Migrations are initiated per index. While the process is neither destructive nor
.send(props.body as object)
.query(props.query);
},
exportTimelines(props: ExportTimelinesProps) {
return supertest
.post('/api/timeline/_export')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object)
.query(props.query);
},
/**
* Finalize successful migrations of detection alerts. This replaces the original index's alias with the successfully migrated index's alias.
The endpoint is idempotent; therefore, it can safely be used to poll a given migration and, upon completion,
@ -379,6 +443,14 @@ finalize it.
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');
},
getDraftTimelines(props: GetDraftTimelinesProps) {
return supertest
.get('/api/timeline/_draft')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
getEndpointSuggestions(props: GetEndpointSuggestionsProps) {
return supertest
.post(replaceParams('/api/endpoint/suggestions/{suggestion_type}', props.params))
@ -387,6 +459,17 @@ finalize it.
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
/**
* Gets notes
*/
getNotes(props: GetNotesProps) {
return supertest
.get('/api/note')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
getPolicyResponse(props: GetPolicyResponseProps) {
return supertest
.get('/api/endpoint/policy_response')
@ -458,6 +541,22 @@ detection engine rules.
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
getTimeline(props: GetTimelineProps) {
return supertest
.get('/api/timeline')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
getTimelines(props: GetTimelinesProps) {
return supertest
.get('/api/timelines')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
/**
* Import detection rules from an `.ndjson` file, including actions and exception lists. The request must include:
- The `Content-Type: multipart/form-data` HTTP header.
@ -472,6 +571,14 @@ detection engine rules.
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
importTimelines(props: ImportTimelinesProps) {
return supertest
.post('/api/timeline/_import')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
/**
* Initializes the Risk Engine by creating the necessary indices and mappings, removing old transforms, and starting the new risk engine
*/
@ -492,6 +599,14 @@ detection engine rules.
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');
},
installPrepackedTimelines(props: InstallPrepackedTimelinesProps) {
return supertest
.post('/api/timeline/_prepackaged')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
internalCreateAssetCriticalityRecord(props: InternalCreateAssetCriticalityRecordProps) {
return supertest
.post('/internal/asset_criticality')
@ -548,6 +663,17 @@ detection engine rules.
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
/**
* Updates an existing timeline. This API is used to update the title, description, date range, pinned events, pinned queries, and/or pinned saved queries of an existing timeline.
*/
patchTimeline(props: PatchTimelineProps) {
return supertest
.patch('/api/timeline')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
/**
* Apply a bulk action, such as bulk edit, duplicate, or delete, to multiple detection rules. The bulk action is applied to all rules that match the query or to the rules listed by their IDs.
*/
@ -560,6 +686,30 @@ detection engine rules.
.send(props.body as object)
.query(props.query);
},
persistFavoriteRoute(props: PersistFavoriteRouteProps) {
return supertest
.patch('/api/timeline/_favorite')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
persistNoteRoute(props: PersistNoteRouteProps) {
return supertest
.patch('/api/note')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
persistPinnedEventRoute(props: PersistPinnedEventRouteProps) {
return supertest
.patch('/api/pinned_event')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
/**
* Calculates and returns a list of Risk Scores, sorted by identifier_type and risk score.
*/
@ -599,6 +749,14 @@ detection engine rules.
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');
},
resolveTimeline(props: ResolveTimelineProps) {
return supertest
.get('/api/timeline/resolve')
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
rulePreview(props: RulePreviewProps) {
return supertest
.post('/api/detection_engine/rules/preview')
@ -710,6 +868,9 @@ export interface BulkUpdateRulesProps {
export interface BulkUpsertAssetCriticalityRecordsProps {
body: BulkUpsertAssetCriticalityRecordsRequestBodyInput;
}
export interface CleanDraftTimelinesProps {
body: CleanDraftTimelinesRequestBodyInput;
}
export interface CreateAlertsMigrationProps {
body: CreateAlertsMigrationRequestBodyInput;
}
@ -719,6 +880,9 @@ export interface CreateAssetCriticalityRecordProps {
export interface CreateRuleProps {
body: CreateRuleRequestBodyInput;
}
export interface CreateTimelinesProps {
body: CreateTimelinesRequestBodyInput;
}
export interface CreateUpdateProtectionUpdatesNoteProps {
params: CreateUpdateProtectionUpdatesNoteRequestParamsInput;
body: CreateUpdateProtectionUpdatesNoteRequestBodyInput;
@ -726,9 +890,15 @@ export interface CreateUpdateProtectionUpdatesNoteProps {
export interface DeleteAssetCriticalityRecordProps {
query: DeleteAssetCriticalityRecordRequestQueryInput;
}
export interface DeleteNoteProps {
body: DeleteNoteRequestBodyInput;
}
export interface DeleteRuleProps {
query: DeleteRuleRequestQueryInput;
}
export interface DeleteTimelinesProps {
body: DeleteTimelinesRequestBodyInput;
}
export interface DeprecatedTriggerRiskScoreCalculationProps {
body: DeprecatedTriggerRiskScoreCalculationRequestBodyInput;
}
@ -742,6 +912,10 @@ export interface ExportRulesProps {
query: ExportRulesRequestQueryInput;
body: ExportRulesRequestBodyInput;
}
export interface ExportTimelinesProps {
query: ExportTimelinesRequestQueryInput;
body: ExportTimelinesRequestBodyInput;
}
export interface FinalizeAlertsMigrationProps {
body: FinalizeAlertsMigrationRequestBodyInput;
}
@ -760,10 +934,16 @@ export interface GetAlertsMigrationStatusProps {
export interface GetAssetCriticalityRecordProps {
query: GetAssetCriticalityRecordRequestQueryInput;
}
export interface GetDraftTimelinesProps {
query: GetDraftTimelinesRequestQueryInput;
}
export interface GetEndpointSuggestionsProps {
params: GetEndpointSuggestionsRequestParamsInput;
body: GetEndpointSuggestionsRequestBodyInput;
}
export interface GetNotesProps {
query: GetNotesRequestQueryInput;
}
export interface GetPolicyResponseProps {
query: GetPolicyResponseRequestQueryInput;
}
@ -778,9 +958,21 @@ export interface GetRuleExecutionResultsProps {
query: GetRuleExecutionResultsRequestQueryInput;
params: GetRuleExecutionResultsRequestParamsInput;
}
export interface GetTimelineProps {
query: GetTimelineRequestQueryInput;
}
export interface GetTimelinesProps {
query: GetTimelinesRequestQueryInput;
}
export interface ImportRulesProps {
query: ImportRulesRequestQueryInput;
}
export interface ImportTimelinesProps {
body: ImportTimelinesRequestBodyInput;
}
export interface InstallPrepackedTimelinesProps {
body: InstallPrepackedTimelinesRequestBodyInput;
}
export interface InternalCreateAssetCriticalityRecordProps {
body: InternalCreateAssetCriticalityRecordRequestBodyInput;
}
@ -796,16 +988,31 @@ export interface ManageAlertTagsProps {
export interface PatchRuleProps {
body: PatchRuleRequestBodyInput;
}
export interface PatchTimelineProps {
body: PatchTimelineRequestBodyInput;
}
export interface PerformBulkActionProps {
query: PerformBulkActionRequestQueryInput;
body: PerformBulkActionRequestBodyInput;
}
export interface PersistFavoriteRouteProps {
body: PersistFavoriteRouteRequestBodyInput;
}
export interface PersistNoteRouteProps {
body: PersistNoteRouteRequestBodyInput;
}
export interface PersistPinnedEventRouteProps {
body: PersistPinnedEventRouteRequestBodyInput;
}
export interface PreviewRiskScoreProps {
body: PreviewRiskScoreRequestBodyInput;
}
export interface ReadRuleProps {
query: ReadRuleRequestQueryInput;
}
export interface ResolveTimelineProps {
query: ResolveTimelineRequestQueryInput;
}
export interface RulePreviewProps {
body: RulePreviewRequestBodyInput;
}