github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Automate docs for create/update/delete case APIs (#142929)

Browse source
This commit is contained in:
Lisa Cawley 2022-10-18 16:09:57 -07:00 committed by GitHub
parent 493741aa39
commit f92c76c86f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
23 changed files with 2447 additions and 518 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/api-generated/README.md
View file

@ -14,7 +14,7 @@ or a similar tool that can generate HTML output from OAS.
. Generate HTML output. For example: . Generate HTML output. For example:
``` ```
openapi-generator-cli generate -g html -i ~/kibana/x-pack/plugins/cases/docs/openapi/entrypoint.yaml -o ~/kibana/docs/api-generated/cases -t ~/kibana/docs/api-generated/template openapi-generator-cli generate -g html -i ~/kibana/x-pack/plugins/cases/docs/openapi/bundled.yaml -o ~/kibana/docs/api-generated/cases -t ~/kibana/docs/api-generated/template
openapi-generator-cli generate -g html -i ~/kibana/x-pack/plugins/ml/common/openapi/ml_apis_v3.yaml -o ~/kibana/docs/api-generated/machine-learning -t ~/kibana/docs/api-generated/template openapi-generator-cli generate -g html -i ~/kibana/x-pack/plugins/ml/common/openapi/ml_apis_v3.yaml -o ~/kibana/docs/api-generated/machine-learning -t ~/kibana/docs/api-generated/template
``` ```

566
docs/api-generated/cases/case-apis-passthru.asciidoc
View file

@ -19,8 +19,11 @@ Any modifications made to this file will be overwritten.
<h4><a href="#Cases">Cases</a></h4> <h4><a href="#Cases">Cases</a></h4>
<ul> <ul>
<li><a href="#addCaseComment"><code><span class="http-method">post</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li> <li><a href="#addCaseComment"><code><span class="http-method">post</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li>
<li><a href="#createCase"><code><span class="http-method">post</span> /s/{spaceId}/api/cases</code></a></li>
<li><a href="#deleteCase"><code><span class="http-method">delete</span> /s/{spaceId}/api/cases</code></a></li>
<li><a href="#deleteCaseComments"><code><span class="http-method">delete</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li> <li><a href="#deleteCaseComments"><code><span class="http-method">delete</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li>
<li><a href="#getAllCaseComments"><code><span class="http-method">get</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li> <li><a href="#getAllCaseComments"><code><span class="http-method">get</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li>
<li><a href="#updateCase"><code><span class="http-method">patch</span> /s/{spaceId}/api/cases</code></a></li>
<li><a href="#updateCaseComment"><code><span class="http-method">patch</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li> <li><a href="#updateCaseComment"><code><span class="http-method">patch</span> /s/{spaceId}/api/cases/{caseId}/comments</code></a></li>
</ul> </ul>
@ -102,28 +105,6 @@ Any modifications made to this file will be overwritten.
}, },
"tags" : [ "tag-1" ], "tags" : [ "tag-1" ],
"duration" : 120, "duration" : 120,
"connector" : {
"name" : "none",
"id" : "none",
"fields" : {
"destIp" : "destIp",
"severity" : "severity",
"parent" : "parent",
"impact" : "impact",
"malwareUrl" : "malwareUrl",
"priority" : "priority",
"issueTypes" : [ 0.8008281904610115, 0.8008281904610115 ],
"issueType" : "issueType",
"sourceIp" : "sourceIp",
"urgency" : "urgency",
"malwareHash" : "malwareHash",
"caseId" : "caseId",
"severityCode" : 6.027456183070403,
"category" : "category",
"subcategory" : "subcategory"
},
"type" : ".none"
},
"updated_at" : "2000-01-23T04:56:07.000+00:00", "updated_at" : "2000-01-23T04:56:07.000+00:00",
"updated_by" : { "updated_by" : {
"full_name" : "full_name", "full_name" : "full_name",
@ -161,6 +142,161 @@ Any modifications made to this file will be overwritten.
<a href="#case_response_properties">case_response_properties</a> <a href="#case_response_properties">case_response_properties</a>
</div> <!-- method --> </div> <!-- method -->
<hr/> <hr/>
<div class="method"><a name="createCase"/>
<div class="method-path">
<a class="up" href="#__Methods">Up</a>
<pre class="post"><code class="huge"><span class="http-method">post</span> /s/{spaceId}/api/cases</code></pre></div>
<div class="method-summary">Creates a case. (<span class="nickname">createCase</span>)</div>
<div class="method-notes">You must have <code>all</code> privileges for the <strong>Cases</strong> feature in the <strong>Management</strong>, <strong>Observability</strong>, or <strong>Security</strong> section of the Kibana feature privileges, depending on the owner of the case you're creating.</div>
<h3 class="field-label">Path parameters</h3>
<div class="field-items">
<div class="param">spaceId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Consumes</h3>
This API call consumes the following media types via the <span class="header">Content-Type</span> request header:
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Request body</h3>
<div class="field-items">
<div class="param">create_case_request <a href="#create_case_request">create_case_request</a> (required)</div>
<div class="param-desc"><span class="param-type">Body Parameter</span> &mdash; </div>
</div> <!-- field-items -->
<h3 class="field-label">Request headers</h3>
<div class="field-items">
<div class="param">kbn-xsrf (required)</div>
<div class="param-desc"><span class="param-type">Header Parameter</span> &mdash; default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Return type</h3>
<div class="return-type">
<a href="#case_response_properties">case_response_properties</a>
</div>
<!--Todo: process Response Object and its headers, schema, examples -->
<h3 class="field-label">Example data</h3>
<div class="example-data-content-type">Content-Type: application/json</div>
<pre class="example"><code>{
"owner" : "cases",
"totalComment" : 0,
"settings" : {
"syncAlerts" : true
},
"totalAlerts" : 0,
"closed_at" : "2000-01-23T04:56:07.000+00:00",
"comments" : [ null, null ],
"created_at" : "2022-05-13T09:16:17.416Z",
"description" : "A case description.",
"title" : "Case title 1",
"created_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"version" : "WzUzMiwxXQ==",
"closed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"tags" : [ "tag-1" ],
"duration" : 120,
"updated_at" : "2000-01-23T04:56:07.000+00:00",
"updated_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"id" : "66b9aa00-94fa-11ea-9f74-e7e108796192",
"external_service" : {
"external_title" : "external_title",
"pushed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"external_url" : "external_url",
"pushed_at" : "2000-01-23T04:56:07.000+00:00",
"connector_id" : "connector_id",
"external_id" : "external_id",
"connector_name" : "connector_name"
}
}</code></pre>
<h3 class="field-label">Produces</h3>
This API call produces the following media types according to the <span class="header">Accept</span> request header;
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Responses</h3>
<h4 class="field-label">200</h4>
Indicates a successful call.
<a href="#case_response_properties">case_response_properties</a>
</div> <!-- method -->
<hr/>
<div class="method"><a name="deleteCase"/>
<div class="method-path">
<a class="up" href="#__Methods">Up</a>
<pre class="delete"><code class="huge"><span class="http-method">delete</span> /s/{spaceId}/api/cases</code></pre></div>
<div class="method-summary">Deletes one or more cases. (<span class="nickname">deleteCase</span>)</div>
<div class="method-notes">You must have <code>read</code> or <code>all</code> privileges and the <code>delete</code> sub-feature privilege for the <strong>Cases</strong> feature in the <strong>Management</strong>, <strong>Observability</strong>, or <strong>Security</strong> section of the Kibana feature privileges, depending on the owner of the cases you're deleting.</div>
<h3 class="field-label">Path parameters</h3>
<div class="field-items">
<div class="param">spaceId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Request headers</h3>
<div class="field-items">
<div class="param">kbn-xsrf (required)</div>
<div class="param-desc"><span class="param-type">Header Parameter</span> &mdash; default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Query parameters</h3>
<div class="field-items">
<div class="param">ids (required)</div>
<div class="param-desc"><span class="param-type">Query Parameter</span> &mdash; The cases that you want to removed. All non-ASCII characters must be URL encoded. default: null </div>
</div> <!-- field-items -->
<!--Todo: process Response Object and its headers, schema, examples -->
<h3 class="field-label">Responses</h3>
<h4 class="field-label">204</h4>
Indicates a successful call.
<a href="#"></a>
</div> <!-- method -->
<hr/>
<div class="method"><a name="deleteCaseComments"/> <div class="method"><a name="deleteCaseComments"/>
<div class="method-path"> <div class="method-path">
<a class="up" href="#__Methods">Up</a> <a class="up" href="#__Methods">Up</a>
@ -258,28 +394,6 @@ Any modifications made to this file will be overwritten.
}, },
"tags" : [ "tag-1" ], "tags" : [ "tag-1" ],
"duration" : 120, "duration" : 120,
"connector" : {
"name" : "none",
"id" : "none",
"fields" : {
"destIp" : "destIp",
"severity" : "severity",
"parent" : "parent",
"impact" : "impact",
"malwareUrl" : "malwareUrl",
"priority" : "priority",
"issueTypes" : [ 0.8008281904610115, 0.8008281904610115 ],
"issueType" : "issueType",
"sourceIp" : "sourceIp",
"urgency" : "urgency",
"malwareHash" : "malwareHash",
"caseId" : "caseId",
"severityCode" : 6.027456183070403,
"category" : "category",
"subcategory" : "subcategory"
},
"type" : ".none"
},
"updated_at" : "2000-01-23T04:56:07.000+00:00", "updated_at" : "2000-01-23T04:56:07.000+00:00",
"updated_by" : { "updated_by" : {
"full_name" : "full_name", "full_name" : "full_name",
@ -317,6 +431,118 @@ Any modifications made to this file will be overwritten.
<a href="#case_response_properties">case_response_properties</a> <a href="#case_response_properties">case_response_properties</a>
</div> <!-- method --> </div> <!-- method -->
<hr/> <hr/>
<div class="method"><a name="updateCase"/>
<div class="method-path">
<a class="up" href="#__Methods">Up</a>
<pre class="patch"><code class="huge"><span class="http-method">patch</span> /s/{spaceId}/api/cases</code></pre></div>
<div class="method-summary">Updates one or more cases. (<span class="nickname">updateCase</span>)</div>
<div class="method-notes">You must have <code>all</code> privileges for the <strong>Cases</strong> feature in the <strong>Management</strong>, <strong>Observability</strong>, or <strong>Security</strong> section of the Kibana feature privileges, depending on the owner of the case you're updating.</div>
<h3 class="field-label">Path parameters</h3>
<div class="field-items">
<div class="param">spaceId (required)</div>
<div class="param-desc"><span class="param-type">Path Parameter</span> &mdash; An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Consumes</h3>
This API call consumes the following media types via the <span class="header">Content-Type</span> request header:
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Request body</h3>
<div class="field-items">
<div class="param">update_case_request <a href="#update_case_request">update_case_request</a> (optional)</div>
<div class="param-desc"><span class="param-type">Body Parameter</span> &mdash; </div>
</div> <!-- field-items -->
<h3 class="field-label">Request headers</h3>
<div class="field-items">
<div class="param">kbn-xsrf (required)</div>
<div class="param-desc"><span class="param-type">Header Parameter</span> &mdash; default: null </div>
</div> <!-- field-items -->
<h3 class="field-label">Return type</h3>
<div class="return-type">
array[<a href="#case_response_properties">case_response_properties</a>]
</div>
<!--Todo: process Response Object and its headers, schema, examples -->
<h3 class="field-label">Example data</h3>
<div class="example-data-content-type">Content-Type: application/json</div>
<pre class="example"><code>{
"owner" : "cases",
"totalComment" : 0,
"settings" : {
"syncAlerts" : true
},
"totalAlerts" : 0,
"closed_at" : "2000-01-23T04:56:07.000+00:00",
"comments" : [ null, null ],
"created_at" : "2022-05-13T09:16:17.416Z",
"description" : "A case description.",
"title" : "Case title 1",
"created_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"version" : "WzUzMiwxXQ==",
"closed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"tags" : [ "tag-1" ],
"duration" : 120,
"updated_at" : "2000-01-23T04:56:07.000+00:00",
"updated_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"id" : "66b9aa00-94fa-11ea-9f74-e7e108796192",
"external_service" : {
"external_title" : "external_title",
"pushed_by" : {
"full_name" : "full_name",
"profile_uid" : "u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0",
"email" : "email",
"username" : "elastic"
},
"external_url" : "external_url",
"pushed_at" : "2000-01-23T04:56:07.000+00:00",
"connector_id" : "connector_id",
"external_id" : "external_id",
"connector_name" : "connector_name"
}
}</code></pre>
<h3 class="field-label">Produces</h3>
This API call produces the following media types according to the <span class="header">Accept</span> request header;
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
<ul>
<li><code>application/json</code></li>
</ul>
<h3 class="field-label">Responses</h3>
<h4 class="field-label">200</h4>
Indicates a successful call.
</div> <!-- method -->
<hr/>
<div class="method"><a name="updateCaseComment"/> <div class="method"><a name="updateCaseComment"/>
<div class="method-path"> <div class="method-path">
<a class="up" href="#__Methods">Up</a> <a class="up" href="#__Methods">Up</a>
@ -394,28 +620,6 @@ Any modifications made to this file will be overwritten.
}, },
"tags" : [ "tag-1" ], "tags" : [ "tag-1" ],
"duration" : 120, "duration" : 120,
"connector" : {
"name" : "none",
"id" : "none",
"fields" : {
"destIp" : "destIp",
"severity" : "severity",
"parent" : "parent",
"impact" : "impact",
"malwareUrl" : "malwareUrl",
"priority" : "priority",
"issueTypes" : [ 0.8008281904610115, 0.8008281904610115 ],
"issueType" : "issueType",
"sourceIp" : "sourceIp",
"urgency" : "urgency",
"malwareHash" : "malwareHash",
"caseId" : "caseId",
"severityCode" : 6.027456183070403,
"category" : "category",
"subcategory" : "subcategory"
},
"type" : ".none"
},
"updated_at" : "2000-01-23T04:56:07.000+00:00", "updated_at" : "2000-01-23T04:56:07.000+00:00",
"updated_by" : { "updated_by" : {
"full_name" : "full_name", "full_name" : "full_name",
@ -471,12 +675,24 @@ Any modifications made to this file will be overwritten.
<li><a href="#alert_identifiers"><code>alert_identifiers</code> - Alert identifiers</a></li> <li><a href="#alert_identifiers"><code>alert_identifiers</code> - Alert identifiers</a></li>
<li><a href="#alert_indices"><code>alert_indices</code> - Alert indices</a></li> <li><a href="#alert_indices"><code>alert_indices</code> - Alert indices</a></li>
<li><a href="#case_response_closed_by_properties"><code>case_response_closed_by_properties</code> - Case response properties for closed_by</a></li> <li><a href="#case_response_closed_by_properties"><code>case_response_closed_by_properties</code> - Case response properties for closed_by</a></li>
<li><a href="#case_response_connector_field_properties"><code>case_response_connector_field_properties</code> - Case response properties for connector fields</a></li>
<li><a href="#case_response_created_by_properties"><code>case_response_created_by_properties</code> - Case response properties for created_by</a></li> <li><a href="#case_response_created_by_properties"><code>case_response_created_by_properties</code> - Case response properties for created_by</a></li>
<li><a href="#case_response_properties"><code>case_response_properties</code> - Case response properties</a></li> <li><a href="#case_response_properties"><code>case_response_properties</code> - Case response properties</a></li>
<li><a href="#case_response_pushed_by_properties"><code>case_response_pushed_by_properties</code> - Case response properties for pushed_by</a></li> <li><a href="#case_response_pushed_by_properties"><code>case_response_pushed_by_properties</code> - Case response properties for pushed_by</a></li>
<li><a href="#case_response_updated_by_properties"><code>case_response_updated_by_properties</code> - Case response properties for updated_by</a></li> <li><a href="#case_response_updated_by_properties"><code>case_response_updated_by_properties</code> - Case response properties for updated_by</a></li>
<li><a href="#connector_types"><code>connector_types</code> - </a></li> <li><a href="#connector_properties_cases_webhook"><code>connector_properties_cases_webhook</code> - Create or upate case request properties for Cases Webhook connector</a></li>
<li><a href="#connector_properties_jira"><code>connector_properties_jira</code> - Create or update case request properties for a Jira connector</a></li>
<li><a href="#connector_properties_jira_fields"><code>connector_properties_jira_fields</code> - </a></li>
<li><a href="#connector_properties_none"><code>connector_properties_none</code> - Create or update case request properties for no connector</a></li>
<li><a href="#connector_properties_resilient"><code>connector_properties_resilient</code> - Create case request properties for a IBM Resilient connector</a></li>
<li><a href="#connector_properties_resilient_fields"><code>connector_properties_resilient_fields</code> - </a></li>
<li><a href="#connector_properties_servicenow"><code>connector_properties_servicenow</code> - Create case request properties for a ServiceNow ITSM connector</a></li>
<li><a href="#connector_properties_servicenow_fields"><code>connector_properties_servicenow_fields</code> - </a></li>
<li><a href="#connector_properties_servicenow_sir"><code>connector_properties_servicenow_sir</code> - Create case request properties for a ServiceNow SecOps connector</a></li>
<li><a href="#connector_properties_servicenow_sir_fields"><code>connector_properties_servicenow_sir_fields</code> - </a></li>
<li><a href="#connector_properties_swimlane"><code>connector_properties_swimlane</code> - Create case request properties for a Swimlane connector</a></li>
<li><a href="#connector_properties_swimlane_fields"><code>connector_properties_swimlane_fields</code> - </a></li>
<li><a href="#create_case_request"><code>create_case_request</code> - Create case request</a></li>
<li><a href="#create_case_request_connector"><code>create_case_request_connector</code> - </a></li>
<li><a href="#external_service"><code>external_service</code> - </a></li> <li><a href="#external_service"><code>external_service</code> - </a></li>
<li><a href="#owners"><code>owners</code> - </a></li> <li><a href="#owners"><code>owners</code> - </a></li>
<li><a href="#rule"><code>rule</code> - Alerting rule</a></li> <li><a href="#rule"><code>rule</code> - Alerting rule</a></li>
@ -485,6 +701,8 @@ Any modifications made to this file will be overwritten.
<li><a href="#status"><code>status</code> - </a></li> <li><a href="#status"><code>status</code> - </a></li>
<li><a href="#update_alert_comment_request_properties"><code>update_alert_comment_request_properties</code> - Update case comment request properties for alerts</a></li> <li><a href="#update_alert_comment_request_properties"><code>update_alert_comment_request_properties</code> - Update case comment request properties for alerts</a></li>
<li><a href="#update_case_comment_request"><code>update_case_comment_request</code> - Update case comment request</a></li> <li><a href="#update_case_comment_request"><code>update_case_comment_request</code> - Update case comment request</a></li>
<li><a href="#update_case_request"><code>update_case_request</code> - Update case request</a></li>
<li><a href="#update_case_request_cases_inner"><code>update_case_request_cases_inner</code> - </a></li>
<li><a href="#update_user_comment_request_properties"><code>update_user_comment_request_properties</code> - Update case comment request properties for user comments</a></li> <li><a href="#update_user_comment_request_properties"><code>update_user_comment_request_properties</code> - Update case comment request properties for user comments</a></li>
<li><a href="#user_comment_response_properties"><code>user_comment_response_properties</code> - Case response properties for user comments</a></li> <li><a href="#user_comment_response_properties"><code>user_comment_response_properties</code> - Case response properties for user comments</a></li>
</ol> </ol>
@ -515,10 +733,12 @@ Any modifications made to this file will be overwritten.
<h3><a name="Case_response_properties_for_connectors"><code>Case_response_properties_for_connectors</code> - Case response properties for connectors</a> <a class="up" href="#__Models">Up</a></h3> <h3><a name="Case_response_properties_for_connectors"><code>Case_response_properties_for_connectors</code> - Case response properties for connectors</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div> <div class='model-description'></div>
<div class="field-items"> <div class="field-items">
<div class="param">fields (optional)</div><div class="param-desc"><span class="param-type"><a href="#case_response_connector_field_properties">case_response_connector_field_properties</a></span> </div> <div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#connector_properties_swimlane_fields">connector_properties_swimlane_fields</a></span> </div>
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To create a case without a connector, use <code>none</code>. </div> <div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To retrieve connector IDs, use the find connectors API. </div>
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. To create a case without a connector, use <code>none</code>. </div> <div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. </div>
<div class="param">type (optional)</div><div class="param-desc"><span class="param-type"><a href="#connector_types">connector_types</a></span> </div> <div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.swimlane</div>
</div> <!-- field-items --> </div> <!-- field-items -->
</div> </div>
<div class="model"> <div class="model">
@ -630,27 +850,6 @@ Any modifications made to this file will be overwritten.
<div class="param">profile_uid (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div> <div class="param">profile_uid (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
</div> <!-- field-items --> </div> <!-- field-items -->
</div> </div>
<div class="model">
<h3><a name="case_response_connector_field_properties"><code>case_response_connector_field_properties</code> - Case response properties for connector fields</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.</div>
<div class="field-items">
<div class="param">caseId (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The case identifier for Swimlane connectors. </div>
<div class="param">category (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors. </div>
<div class="param">destIp (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A comma-separated list of destination IPs for ServiceNow SecOps connectors. </div>
<div class="param">impact (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The effect an incident had on business for ServiceNow ITSM connectors. </div>
<div class="param">issueType (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of issue for Jira connectors. </div>
<div class="param">issueTypes (optional)</div><div class="param-desc"><span class="param-type"><a href="#number">array[BigDecimal]</a></span> The type of incident for IBM Resilient connectors. </div>
<div class="param">malwareHash (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A comma-separated list of malware hashes for ServiceNow SecOps connectors. </div>
<div class="param">malwareUrl (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A comma-separated list of malware URLs for ServiceNow SecOps connectors. </div>
<div class="param">parent (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The key of the parent issue, when the issue type is sub-task for Jira connectors. </div>
<div class="param">priority (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The priority of the issue for Jira and ServiceNow SecOps connectors. </div>
<div class="param">severity (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The severity of the incident for ServiceNow ITSM connectors. </div>
<div class="param">severityCode (optional)</div><div class="param-desc"><span class="param-type"><a href="#number">BigDecimal</a></span> The severity code of the incident for IBM Resilient connectors. </div>
<div class="param">sourceIp (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A comma-separated list of source IPs for ServiceNow SecOps connectors. </div>
<div class="param">subcategory (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The subcategory of the incident for ServiceNow ITSM connectors. </div>
<div class="param">urgency (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors. </div>
</div> <!-- field-items -->
</div>
<div class="model"> <div class="model">
<h3><a name="case_response_created_by_properties"><code>case_response_created_by_properties</code> - Case response properties for created_by</a> <a class="up" href="#__Models">Up</a></h3> <h3><a name="case_response_created_by_properties"><code>case_response_created_by_properties</code> - Case response properties for created_by</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div> <div class='model-description'></div>
@ -709,10 +908,161 @@ Any modifications made to this file will be overwritten.
</div> <!-- field-items --> </div> <!-- field-items -->
</div> </div>
<div class="model"> <div class="model">
<h3><a name="connector_types"><code>connector_types</code> - </a> <a class="up" href="#__Models">Up</a></h3> <h3><a name="connector_properties_cases_webhook"><code>connector_properties_cases_webhook</code> - Create or upate case request properties for Cases Webhook connector</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The type of connector.</div> <div class='model-description'>Defines properties for connectors when type is <code>.cases-webhook</code>.</div>
<div class="field-items"> <div class="field-items">
</div> <!-- field-items --> <div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To retrieve connector IDs, use the find connectors API. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.cases-webhook</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_jira"><code>connector_properties_jira</code> - Create or update case request properties for a Jira connector</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for connectors when type is <code>.jira</code>.</div>
<div class="field-items">
<div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#connector_properties_jira_fields">connector_properties_jira_fields</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To retrieve connector IDs, use the find connectors API. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.jira</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_jira_fields"><code>connector_properties_jira_fields</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object containing the connector fields. If you want to omit any individual field, specify null as its value.</div>
<div class="field-items">
<div class="param">issueType </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of issue. </div>
<div class="param">parent </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The key of the parent issue, when the issue type is sub-task. </div>
<div class="param">priority </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The priority of the issue. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_none"><code>connector_properties_none</code> - Create or update case request properties for no connector</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for connectors when type is <code>.none</code>.</div>
<div class="field-items">
<div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> An object containing the connector fields. To create a case without a connector, specify null. To update a case to remove the connector, specify null. </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To create a case without a connector, use <code>none</code>. To update a case to remove the connector, specify <code>none</code>. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. To create a case without a connector, use <code>none</code>. To update a case to remove the connector, specify <code>none</code>. </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. To create a case without a connector, use <code>.none</code>. To update a case to remove the connector, specify <code>.none</code>. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.none</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_resilient"><code>connector_properties_resilient</code> - Create case request properties for a IBM Resilient connector</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for connectors when type is <code>.resilient</code>.</div>
<div class="field-items">
<div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#connector_properties_resilient_fields">connector_properties_resilient_fields</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.resilient</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_resilient_fields"><code>connector_properties_resilient_fields</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object containing the connector fields. If you want to omit any individual field, specify null as its value.</div>
<div class="field-items">
<div class="param">issueTypes </div><div class="param-desc"><span class="param-type"><a href="#string">array[String]</a></span> The type of incident. </div>
<div class="param">severityCode </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The severity code of the incident. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_servicenow"><code>connector_properties_servicenow</code> - Create case request properties for a ServiceNow ITSM connector</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for connectors when type is <code>.servicenow</code>.</div>
<div class="field-items">
<div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#connector_properties_servicenow_fields">connector_properties_servicenow_fields</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To retrieve connector IDs, use the find connectors API. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.servicenow</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_servicenow_fields"><code>connector_properties_servicenow_fields</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object containing the connector fields. If you want to omit any individual field, specify null as its value.</div>
<div class="field-items">
<div class="param">category </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The category of the incident. </div>
<div class="param">impact </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The effect an incident had on business. </div>
<div class="param">severity </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The severity of the incident. </div>
<div class="param">subcategory </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The subcategory of the incident. </div>
<div class="param">urgency </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The extent to which the incident resolution can be delayed. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_servicenow_sir"><code>connector_properties_servicenow_sir</code> - Create case request properties for a ServiceNow SecOps connector</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for connectors when type is <code>.servicenow-sir</code>.</div>
<div class="field-items">
<div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#connector_properties_servicenow_sir_fields">connector_properties_servicenow_sir_fields</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To retrieve connector IDs, use the find connectors API. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.servicenow-sir</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_servicenow_sir_fields"><code>connector_properties_servicenow_sir_fields</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object containing the connector fields. If you want to omit any individual field, specify null as its value.</div>
<div class="field-items">
<div class="param">category </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The category of the incident. </div>
<div class="param">destIp </div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether cases will send a comma-separated list of destination IPs. </div>
<div class="param">malwareHash </div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether cases will send a comma-separated list of malware hashes. </div>
<div class="param">malwareUrl </div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether cases will send a comma-separated list of malware URLs. </div>
<div class="param">priority </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The priority of the issue. </div>
<div class="param">sourceIp </div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether cases will send a comma-separated list of source IPs. </div>
<div class="param">subcategory </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The subcategory of the incident. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_swimlane"><code>connector_properties_swimlane</code> - Create case request properties for a Swimlane connector</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for connectors when type is <code>.swimlane</code>.</div>
<div class="field-items">
<div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#connector_properties_swimlane_fields">connector_properties_swimlane_fields</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To retrieve connector IDs, use the find connectors API. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.swimlane</div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="connector_properties_swimlane_fields"><code>connector_properties_swimlane_fields</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object containing the connector fields. If you want to omit any individual field, specify null as its value.</div>
<div class="field-items">
<div class="param">caseId </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The case identifier for Swimlane connectors. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="create_case_request"><code>create_case_request</code> - Create case request</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The create case API request body varies depending on the type of connector.</div>
<div class="field-items">
<div class="param">connector </div><div class="param-desc"><span class="param-type"><a href="#create_case_request_connector">create_case_request_connector</a></span> </div>
<div class="param">description </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The description for the case. </div>
<div class="param">owner </div><div class="param-desc"><span class="param-type"><a href="#owners">owners</a></span> </div>
<div class="param">settings </div><div class="param-desc"><span class="param-type"><a href="#settings">settings</a></span> </div>
<div class="param">severity (optional)</div><div class="param-desc"><span class="param-type"><a href="#severity_property">severity_property</a></span> </div>
<div class="param">tags </div><div class="param-desc"><span class="param-type"><a href="#string">array[String]</a></span> The words and phrases that help categorize cases. It can be an empty array. </div>
<div class="param">title </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A title for the case. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="create_case_request_connector"><code>create_case_request_connector</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">fields </div><div class="param-desc"><span class="param-type"><a href="#connector_properties_swimlane_fields">connector_properties_swimlane_fields</a></span> </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector. To retrieve connector IDs, use the find connectors API. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the connector. </div>
<div class="param">type </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
<div class="param-enum-header">Enum:</div>
<div class="param-enum">.swimlane</div>
</div> <!-- field-items -->
</div> </div>
<div class="model"> <div class="model">
<h3><a name="external_service"><code>external_service</code> - </a> <a class="up" href="#__Models">Up</a></h3> <h3><a name="external_service"><code>external_service</code> - </a> <a class="up" href="#__Models">Up</a></h3>
@ -745,7 +1095,7 @@ Any modifications made to this file will be overwritten.
<h3><a name="settings"><code>settings</code> - </a> <a class="up" href="#__Models">Up</a></h3> <h3><a name="settings"><code>settings</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>An object that contains the case settings.</div> <div class='model-description'>An object that contains the case settings.</div>
<div class="field-items"> <div class="field-items">
<div class="param">syncAlerts (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Turns alert syncing on or off. </div> <div class="param">syncAlerts </div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Turns alert syncing on or off. </div>
</div> <!-- field-items --> </div> <!-- field-items -->
</div> </div>
<div class="model"> <div class="model">
@ -791,6 +1141,28 @@ Any modifications made to this file will be overwritten.
<div class="param">comment </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The new comment. It is required only when <code>type</code> is <code>user</code>. </div> <div class="param">comment </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The new comment. It is required only when <code>type</code> is <code>user</code>. </div>
</div> <!-- field-items --> </div> <!-- field-items -->
</div> </div>
<div class="model">
<h3><a name="update_case_request"><code>update_case_request</code> - Update case request</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The update case API request body varies depending on the type of connector.</div>
<div class="field-items">
<div class="param">cases </div><div class="param-desc"><span class="param-type"><a href="#update_case_request_cases_inner">array[update_case_request_cases_inner]</a></span> An array containing one or more case objects. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="update_case_request_cases_inner"><code>update_case_request_cases_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">connector (optional)</div><div class="param-desc"><span class="param-type"><a href="#create_case_request_connector">create_case_request_connector</a></span> </div>
<div class="param">description (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> An updated description for the case. </div>
<div class="param">id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the case. </div>
<div class="param">settings (optional)</div><div class="param-desc"><span class="param-type"><a href="#settings">settings</a></span> </div>
<div class="param">severity (optional)</div><div class="param-desc"><span class="param-type"><a href="#severity_property">severity_property</a></span> </div>
<div class="param">status (optional)</div><div class="param-desc"><span class="param-type"><a href="#status">status</a></span> </div>
<div class="param">tags (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">array[String]</a></span> The words and phrases that help categorize cases. </div>
<div class="param">title (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A title for the case. </div>
<div class="param">version </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The current version of the case. To determine this value, use the get case or find cases APIs. </div>
</div> <!-- field-items -->
</div>
<div class="model"> <div class="model">
<h3><a name="update_user_comment_request_properties"><code>update_user_comment_request_properties</code> - Update case comment request properties for user comments</a> <a class="up" href="#__Models">Up</a></h3> <h3><a name="update_user_comment_request_properties"><code>update_user_comment_request_properties</code> - Update case comment request properties for user comments</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>Defines properties for case comment requests when type is user.</div> <div class='model-description'>Defines properties for case comment requests when type is user.</div>

10
docs/api/cases/cases-api-create.asciidoc
View file

@ -6,6 +6,12 @@
Creates a case. Creates a case.
[NOTE]
====
For the most up-to-date API details, refer to the
{kib-repo}/tree/{branch}/x-pack/plugins/cases/docs/openapi[open API specification]. For a preview, check out <<case-apis>>.
====
=== {api-request-title} === {api-request-title}
`POST <kibana host>:<port>/api/cases` `POST <kibana host>:<port>/api/cases`
@ -45,10 +51,10 @@ specify `null` as its value.
For {ibm-r} connectors, specify: For {ibm-r} connectors, specify:
`issueTypes`::: `issueTypes`:::
(Required, array of numbers) The type of the incident. (Required, array of strings) The type of the incident.
`severityCode`::: `severityCode`:::
(Required, number) The severity code of the incident. (Required, string) The severity code of the incident.
For {jira} connectors, specify: For {jira} connectors, specify:

6
docs/api/cases/cases-api-delete-cases.asciidoc
View file

@ -6,6 +6,12 @@
Deletes one or more cases. Deletes one or more cases.
[NOTE]
====
For the most up-to-date API details, refer to the
{kib-repo}/tree/{branch}/x-pack/plugins/cases/docs/openapi[open API specification]. For a preview, check out <<case-apis>>.
====
=== {api-request-title} === {api-request-title}
`DELETE <kibana host>:<port>/api/cases?ids=["<case ID1>","<case ID2>"]` `DELETE <kibana host>:<port>/api/cases?ids=["<case ID1>","<case ID2>"]`

10
docs/api/cases/cases-api-update.asciidoc
View file

@ -6,6 +6,12 @@
Updates one or more cases. Updates one or more cases.
[NOTE]
====
For the most up-to-date API details, refer to the
{kib-repo}/tree/{branch}/x-pack/plugins/cases/docs/openapi[open API specification]. For a preview, check out <<case-apis>>.
====
=== {api-request-title} === {api-request-title}
`PATCH <kibana host>:<port>/api/cases` `PATCH <kibana host>:<port>/api/cases`
@ -51,10 +57,10 @@ connector, specify `null`. If you want to omit any individual field, specify
For {ibm-r} connectors, specify: For {ibm-r} connectors, specify:
`issueTypes`::: `issueTypes`:::
(Required, array of numbers) The issue types of the issue. (Required, array of strings) The issue types of the issue.
`severityCode`::: `severityCode`:::
(Required, number) The severity code of the issue. (Required, string) The severity code of the issue.
For {jira} connectors, specify: For {jira} connectors, specify:

1034
x-pack/plugins/cases/docs/openapi/bundled-min.json
View file

File diff suppressed because it is too large Load diff

740
x-pack/plugins/cases/docs/openapi/bundled-min.yaml
View file

@ -15,6 +15,94 @@ servers:
- url: http://localhost:5601 - url: http://localhost:5601
description: local description: local
paths: paths:
/s/{spaceId}/api/cases:
post:
summary: Creates a case.
operationId: createCase
description: |
You must have `all` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the case you're creating.
tags:
- cases
parameters:
- $ref: '#/components/parameters/kbn_xsrf'
- $ref: '#/components/parameters/space_id'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/create_case_request'
examples:
createCaseRequest:
$ref: '#/components/examples/create_case_request'
responses:
'200':
description: Indicates a successful call.
content:
application/json:
schema:
$ref: '#/components/schemas/case_response_properties'
examples:
createCaseResponse:
$ref: '#/components/examples/create_case_response'
servers:
- url: https://localhost:5601
delete:
summary: Deletes one or more cases.
operationId: deleteCase
description: |
You must have `read` or `all` privileges and the `delete` sub-feature privilege for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the cases you're deleting.
tags:
- cases
parameters:
- $ref: '#/components/parameters/kbn_xsrf'
- $ref: '#/components/parameters/space_id'
- name: ids
description: The cases that you want to removed. All non-ASCII characters must be URL encoded.
in: query
required: true
schema:
type: string
example: d4e7abb0-b462-11ec-9a8d-698504725a43
responses:
'204':
description: Indicates a successful call.
servers:
- url: https://localhost:5601
patch:
summary: Updates one or more cases.
operationId: updateCase
description: |
You must have `all` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the case you're updating.
tags:
- cases
parameters:
- $ref: '#/components/parameters/kbn_xsrf'
- $ref: '#/components/parameters/space_id'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/update_case_request'
examples:
updateCaseRequest:
$ref: '#/components/examples/update_case_request'
responses:
'200':
description: Indicates a successful call.
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/case_response_properties'
examples:
updateCaseResponse:
$ref: '#/components/examples/update_case_response'
servers:
- url: https://localhost:5601
servers:
- url: https://localhost:5601
/s/{spaceId}/api/cases/{caseId}/comments: /s/{spaceId}/api/cases/{caseId}/comments:
post: post:
summary: Adds a comment or alert to a case. summary: Adds a comment or alert to a case.
@ -128,14 +216,12 @@ components:
in: header in: header
name: ApiKey name: ApiKey
parameters: parameters:
case_id: kbn_xsrf:
in: path
name: caseId
description: The identifier for the case. To retrieve case IDs, use the find cases API. All non-ASCII characters must be URL encoded.
required: true
schema: schema:
type: string type: string
example: 9c235210-6834-11ea-a78c-6ffb38a34414 in: header
name: kbn-xsrf
required: true
space_id: space_id:
in: path in: path
name: spaceId name: spaceId
@ -144,13 +230,362 @@ components:
schema: schema:
type: string type: string
example: default example: default
kbn_xsrf: case_id:
in: path
name: caseId
description: The identifier for the case. To retrieve case IDs, use the find cases API. All non-ASCII characters must be URL encoded.
required: true
schema: schema:
type: string type: string
in: header example: 9c235210-6834-11ea-a78c-6ffb38a34414
name: kbn-xsrf
required: true
schemas: schemas:
connector_properties_none:
title: Create or update case request properties for no connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.none`.
type: object
properties:
fields:
description: An object containing the connector fields. To create a case without a connector, specify null. To update a case to remove the connector, specify null.
nullable: true
type: string
example: null
id:
description: The identifier for the connector. To create a case without a connector, use `none`. To update a case to remove the connector, specify `none`.
type: string
example: none
name:
description: The name of the connector. To create a case without a connector, use `none`. To update a case to remove the connector, specify `none`.
type: string
example: none
type:
description: The type of connector. To create a case without a connector, use `.none`. To update a case to remove the connector, specify `.none`.
type: string
example: .none
enum:
- .none
connector_properties_cases_webhook:
title: Create or upate case request properties for Cases Webhook connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.cases-webhook`.
type: object
properties:
fields:
type: string
nullable: true
example: null
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .cases-webhook
enum:
- .cases-webhook
connector_properties_jira:
title: Create or update case request properties for a Jira connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.jira`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
required:
- issueType
- parent
- priority
properties:
issueType:
description: The type of issue.
type: string
nullable: true
parent:
description: The key of the parent issue, when the issue type is sub-task.
type: string
nullable: true
priority:
description: The priority of the issue.
type: string
nullable: true
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .jira
enum:
- .jira
connector_properties_resilient:
title: Create case request properties for a IBM Resilient connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.resilient`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
nullable: true
required:
- issueTypes
- severityCode
properties:
issueTypes:
description: The type of incident.
type: array
items:
type: string
severityCode:
description: The severity code of the incident.
type: string
id:
description: The identifier for the connector.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .resilient
enum:
- .resilient
connector_properties_servicenow:
title: Create case request properties for a ServiceNow ITSM connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.servicenow`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
required:
- category
- impact
- severity
- subcategory
- urgency
properties:
category:
description: The category of the incident.
type: string
nullable: true
impact:
description: The effect an incident had on business.
type: string
nullable: true
severity:
description: The severity of the incident.
type: string
nullable: true
subcategory:
description: The subcategory of the incident.
type: string
nullable: true
urgency:
description: The extent to which the incident resolution can be delayed.
type: string
nullable: true
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .servicenow
enum:
- .servicenow
connector_properties_servicenow_sir:
title: Create case request properties for a ServiceNow SecOps connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.servicenow-sir`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
required:
- category
- destIp
- malwareHash
- malwareUrl
- priority
- sourceIp
- subcategory
properties:
category:
description: The category of the incident.
type: string
nullable: true
destIp:
description: Indicates whether cases will send a comma-separated list of destination IPs.
type: boolean
nullable: true
malwareHash:
description: Indicates whether cases will send a comma-separated list of malware hashes.
type: boolean
nullable: true
malwareUrl:
description: Indicates whether cases will send a comma-separated list of malware URLs.
type: boolean
nullable: true
priority:
description: The priority of the issue.
type: string
nullable: true
sourceIp:
description: Indicates whether cases will send a comma-separated list of source IPs.
type: boolean
nullable: true
subcategory:
description: The subcategory of the incident.
type: string
nullable: true
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .servicenow-sir
enum:
- .servicenow-sir
connector_properties_swimlane:
title: Create case request properties for a Swimlane connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.swimlane`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
required:
- caseId
properties:
caseId:
description: The case identifier for Swimlane connectors.
type: string
nullable: true
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .swimlane
enum:
- .swimlane
owners:
type: string
description: |
The application that owns the cases: Stack Management, Observability, or Elastic Security.
enum:
- cases
- observability
- securitySolution
example: cases
settings:
type: object
description: An object that contains the case settings.
required:
- syncAlerts
properties:
syncAlerts:
description: Turns alert syncing on or off.
type: boolean
example: true
severity_property:
type: string
description: The severity of the case.
enum:
- critical
- high
- low
- medium
default: low
create_case_request:
title: Create case request
description: The create case API request body varies depending on the type of connector.
type: object
required:
- connector
- description
- owner
- settings
- tags
- title
properties:
connector:
oneOf:
- $ref: '#/components/schemas/connector_properties_none'
- $ref: '#/components/schemas/connector_properties_cases_webhook'
- $ref: '#/components/schemas/connector_properties_jira'
- $ref: '#/components/schemas/connector_properties_resilient'
- $ref: '#/components/schemas/connector_properties_servicenow'
- $ref: '#/components/schemas/connector_properties_servicenow_sir'
- $ref: '#/components/schemas/connector_properties_swimlane'
description:
description: The description for the case.
type: string
owner:
$ref: '#/components/schemas/owners'
settings:
$ref: '#/components/schemas/settings'
severity:
$ref: '#/components/schemas/severity_property'
tags:
description: The words and phrases that help categorize cases. It can be an empty array.
type: array
items:
type: string
title:
description: A title for the case.
type: string
case_response_closed_by_properties: case_response_closed_by_properties:
title: Case response properties for closed_by title: Case response properties for closed_by
type: object type: object
@ -175,15 +610,6 @@ components:
- email - email
- full_name - full_name
- username - username
owners:
type: string
description: |
The application that owns the cases: Stack Management, Observability, or Elastic Security.
enum:
- cases
- observability
- securitySolution
example: cases
alert_comment_response_properties: alert_comment_response_properties:
title: Add case comment response properties for alerts title: Add case comment response properties for alerts
type: object type: object
@ -401,71 +827,6 @@ components:
version: version:
type: string type: string
example: WzIwNDMxLDFd example: WzIwNDMxLDFd
case_response_connector_field_properties:
title: Case response properties for connector fields
type: object
description: An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.
nullable: true
properties:
caseId:
description: The case identifier for Swimlane connectors.
type: string
category:
description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
type: string
destIp:
description: A comma-separated list of destination IPs for ServiceNow SecOps connectors.
type: string
impact:
description: The effect an incident had on business for ServiceNow ITSM connectors.
type: string
issueType:
description: The type of issue for Jira connectors.
type: string
issueTypes:
description: The type of incident for IBM Resilient connectors.
type: array
items:
type: number
malwareHash:
description: A comma-separated list of malware hashes for ServiceNow SecOps connectors.
type: string
malwareUrl:
description: A comma-separated list of malware URLs for ServiceNow SecOps connectors.
type: string
parent:
description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
type: string
priority:
description: The priority of the issue for Jira and ServiceNow SecOps connectors.
type: string
severity:
description: The severity of the incident for ServiceNow ITSM connectors.
type: string
severityCode:
description: The severity code of the incident for IBM Resilient connectors.
type: number
sourceIp:
description: A comma-separated list of source IPs for ServiceNow SecOps connectors.
type: string
subcategory:
description: The subcategory of the incident for ServiceNow ITSM connectors.
type: string
urgency:
description: The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors.
type: string
connector_types:
type: string
description: The type of connector.
enum:
- .cases-webhook
- .jira
- .none
- .resilient
- .servicenow
- .servicenow-sir
- .swimlane
example: .none
external_service: external_service:
type: object type: object
nullable: true nullable: true
@ -502,23 +863,6 @@ components:
type: string type: string
example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
nullable: true nullable: true
settings:
type: object
description: An object that contains the case settings.
properties:
syncAlerts:
description: Turns alert syncing on or off.
type: boolean
example: true
severity_property:
type: string
description: The severity of the case.
enum:
- critical
- high
- low
- medium
default: low
status: status:
type: string type: string
description: The status of the case. description: The status of the case.
@ -570,20 +914,16 @@ components:
- $ref: '#/components/schemas/user_comment_response_properties' - $ref: '#/components/schemas/user_comment_response_properties'
connector: connector:
title: Case response properties for connectors title: Case response properties for connectors
type: object discriminator:
properties: propertyName: type
fields: oneOf:
$ref: '#/components/schemas/case_response_connector_field_properties' - $ref: '#/components/schemas/connector_properties_none'
id: - $ref: '#/components/schemas/connector_properties_cases_webhook'
description: The identifier for the connector. To create a case without a connector, use `none`. - $ref: '#/components/schemas/connector_properties_jira'
type: string - $ref: '#/components/schemas/connector_properties_resilient'
example: none - $ref: '#/components/schemas/connector_properties_servicenow'
name: - $ref: '#/components/schemas/connector_properties_servicenow_sir'
description: The name of the connector. To create a case without a connector, use `none`. - $ref: '#/components/schemas/connector_properties_swimlane'
type: string
example: none
type:
$ref: '#/components/schemas/connector_types'
created_at: created_at:
type: string type: string
format: date-time format: date-time
@ -636,6 +976,54 @@ components:
version: version:
type: string type: string
example: WzUzMiwxXQ== example: WzUzMiwxXQ==
update_case_request:
title: Update case request
description: The update case API request body varies depending on the type of connector.
type: object
required:
- cases
properties:
cases:
type: array
description: An array containing one or more case objects.
items:
type: object
required:
- id
- version
properties:
connector:
oneOf:
- $ref: '#/components/schemas/connector_properties_none'
- $ref: '#/components/schemas/connector_properties_cases_webhook'
- $ref: '#/components/schemas/connector_properties_jira'
- $ref: '#/components/schemas/connector_properties_resilient'
- $ref: '#/components/schemas/connector_properties_servicenow'
- $ref: '#/components/schemas/connector_properties_servicenow_sir'
- $ref: '#/components/schemas/connector_properties_swimlane'
description:
description: An updated description for the case.
type: string
id:
description: The identifier for the case.
type: string
settings:
$ref: '#/components/schemas/settings'
severity:
$ref: '#/components/schemas/severity_property'
status:
$ref: '#/components/schemas/status'
tags:
description: The words and phrases that help categorize cases.
type: array
items:
type: string
title:
description: A title for the case.
type: string
version:
description: The current version of the case. To determine this value, use the get case or find cases APIs.
type: string
alert_identifiers: alert_identifiers:
title: Alert identifiers title: Alert identifiers
description: | description: |
@ -805,6 +1193,128 @@ components:
- $ref: '#/components/schemas/update_alert_comment_request_properties' - $ref: '#/components/schemas/update_alert_comment_request_properties'
- $ref: '#/components/schemas/update_user_comment_request_properties' - $ref: '#/components/schemas/update_user_comment_request_properties'
examples: examples:
create_case_request:
summary: Create a security case that uses a Jira connector.
value:
description: A case description.
title: Case title 1
tags:
- tag-1
connector:
id: 131d4448-abe0-4789-939d-8ef60680b498
name: My connector
type: .jira
fields:
issueType: '10006'
priority: High
parent: null
settings:
syncAlerts: true
owner: cases
create_case_response:
summary: The create case API returns a JSON object that contains details about the case.
value:
comments: []
totalAlerts: 0
id: 66b9aa00-94fa-11ea-9f74-e7e108796192
version: WzUzMiwxXQ==
totalComment: 1
title: Case title 1
tags:
- tag 1
description: A case description.
settings:
syncAlerts: false
owner: cases
duration: null
severity: low
closed_at: null
closed_by: null
created_at: '2022-03-24T00:37:03.906Z'
created_by:
username: elastic
full_name: null
email: null
status: open
updated_at: null
updated_by: null
connector:
id: 131d4448-abe0-4789-939d-8ef60680b498
name: My connector
type: .jira
fields:
issueType: '10006'
parent: null
priority: High
external_service: null
update_case_request:
summary: Update the case description, tags, and connector.
value:
cases:
- id: a18b38a0-71b0-11ea-a0b2-c51ea50a58e2
version: WzIzLDFd
connector:
id: 131d4448-abe0-4789-939d-8ef60680b498
name: My connector
type: .jira
fields:
issueType: '10006'
priority: null
parent: null
description: A case description.
tags:
- tag-1
settings:
syncAlerts: true
update_case_response:
summary: This is an example response when the case description, tags, and connector were updated.
value:
- id: 66b9aa00-94fa-11ea-9f74-e7e108796192
version: WzU0OCwxXQ==
comments: []
totalComment: 0
totalAlerts: 0
title: Case title 1
tags:
- tag-1
settings:
syncAlerts: true
owner: cases
description: A case description.
duration: null
severity: low
closed_at: null
closed_by: null
created_at: '2022-05-13T09:16:17.416Z'
created_by:
email: null
full_name: null
username: elastic
status: open
updated_at: '2022-05-13T09:48:33.043Z'
updated_by:
email: null
full_name: null
username: elastic
connector:
id: 131d4448-abe0-4789-939d-8ef60680b498
name: My connector
type: .jira
fields:
issueType: '10006'
parent: null
priority: null
external_service:
external_title: IS-4
pushed_by:
full_name: null
email: null
username: elastic
external_url: https://hms.atlassian.net/browse/IS-4
pushed_at: '2022-05-13T09:20:40.672Z'
connector_id: 05da469f-1fde-4058-99a3-91e4807e2de8
external_id: '10003'
connector_name: Jira
add_comment_request: add_comment_request:
summary: Adds a comment to a case. summary: Adds a comment to a case.
value: value:

74
x-pack/plugins/cases/docs/openapi/components/examples/create_case_response.yaml
View file

@ -1,40 +1,36 @@
summary: The create case API returns a JSON object that includes the user who created the case and the case identifier, version, and creation time. summary: The create case API returns a JSON object that contains details about the case.
value: value:
{ comments: []
"id": "66b9aa00-94fa-11ea-9f74-e7e108796192", totalAlerts: 0
"version": "WzUzMiwxXQ==", id: 66b9aa00-94fa-11ea-9f74-e7e108796192
"comments": [], version: WzUzMiwxXQ==
"totalComment": 0, totalComment: 1
"totalAlerts": 0, title: Case title 1
"title": "Case title 1", tags:
"tags": [ "tag-1" ], - tag 1
"settings": { description: A case description.
"syncAlerts": true settings:
}, syncAlerts: false
"owner": "cases", owner: cases
"description": "A case description.", duration: null
"duration": null, severity: low
"severity": "low", closed_at: null
"closed_at": null, closed_by: null
"closed_by": null, created_at: '2022-03-24T00:37:03.906Z'
"created_at": "2022-05-13T09:16:17.416Z", created_by:
"created_by": { username: elastic
"email": null, full_name: null
"full_name": null, email: null
"username": "elastic" status: open
}, updated_at: null
"status": "open", updated_by: null
"updated_at": null, connector:
"updated_by": null, id: 131d4448-abe0-4789-939d-8ef60680b498
"connector": { name: My connector
"id": "131d4448-abe0-4789-939d-8ef60680b498", type: .jira
"name": "My connector", fields:
"type": ".jira", issueType: '10006'
"fields": { parent: null
"issueType": "10006", priority: High
"parent": null, external_service: null
"priority": "High"
}
},
"external_service": null
}

23
x-pack/plugins/cases/docs/openapi/components/schemas/case_response_connector_field_properties.yaml
View file

@ -10,8 +10,9 @@ properties:
description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors. description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
type: string type: string
destIp: destIp:
description: A comma-separated list of destination IPs for ServiceNow SecOps connectors. description: Indicates whether cases will send a comma-separated list of destination IPs for ServiceNow SecOps connectors.
type: string type: boolean
nullable: true
impact: impact:
description: The effect an incident had on business for ServiceNow ITSM connectors. description: The effect an incident had on business for ServiceNow ITSM connectors.
type: string type: string
@ -22,13 +23,15 @@ properties:
description: The type of incident for IBM Resilient connectors. description: The type of incident for IBM Resilient connectors.
type: array type: array
items: items:
type: number type: string
malwareHash: malwareHash:
description: A comma-separated list of malware hashes for ServiceNow SecOps connectors. description: Indicates whether cases will send a comma-separated list of malware hashes for ServiceNow SecOps connectors.
type: string type: boolean
nullable: true
malwareUrl: malwareUrl:
description: A comma-separated list of malware URLs for ServiceNow SecOps connectors. description: Indicates whether cases will send a comma-separated list of malware URLs for ServiceNow SecOps connectors.
type: string type: boolean
nullable: true
parent: parent:
description: The key of the parent issue, when the issue type is sub-task for Jira connectors. description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
type: string type: string
@ -40,10 +43,10 @@ properties:
type: string type: string
severityCode: severityCode:
description: The severity code of the incident for IBM Resilient connectors. description: The severity code of the incident for IBM Resilient connectors.
type: number
sourceIp:
description: A comma-separated list of source IPs for ServiceNow SecOps connectors.
type: string type: string
sourceIp:
description: Indicates whether cases will send a comma-separated list of source IPs for ServiceNow SecOps connectors.
type: boolean
subcategory: subcategory:
description: The subcategory of the incident for ServiceNow ITSM connectors. description: The subcategory of the incident for ServiceNow ITSM connectors.
type: string type: string

24
x-pack/plugins/cases/docs/openapi/components/schemas/case_response_properties.yaml
View file

@ -41,20 +41,16 @@ properties:
- $ref: 'user_comment_response_properties.yaml' - $ref: 'user_comment_response_properties.yaml'
connector: connector:
title: Case response properties for connectors title: Case response properties for connectors
type: object discriminator:
properties: propertyName: type
fields: oneOf:
$ref: 'case_response_connector_field_properties.yaml' - $ref: 'connector_properties_none.yaml'
id: - $ref: 'connector_properties_cases_webhook.yaml'
description: The identifier for the connector. To create a case without a connector, use `none`. - $ref: 'connector_properties_jira.yaml'
type: string - $ref: 'connector_properties_resilient.yaml'
example: none - $ref: 'connector_properties_servicenow.yaml'
name: - $ref: 'connector_properties_servicenow_sir.yaml'
description: The name of the connector. To create a case without a connector, use `none`. - $ref: 'connector_properties_swimlane.yaml'
type: string
example: none
type:
$ref: 'connector_types.yaml'
created_at: created_at:
type: string type: string
format: date-time format: date-time

24
x-pack/plugins/cases/docs/openapi/components/schemas/connector_properties.yaml
View file

@ -10,8 +10,9 @@ fields:
description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors. description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
type: string type: string
destIp: destIp:
description: A comma-separated list of destination IPs for ServiceNow SecOps connectors. description: Indicates whether cases will send a comma-separated list of destination IPs for ServiceNow SecOps connectors.
type: string type: boolean
nullable: true
impact: impact:
description: The effect an incident had on business for ServiceNow ITSM connectors. description: The effect an incident had on business for ServiceNow ITSM connectors.
type: string type: string
@ -22,13 +23,15 @@ fields:
description: The type of incident for IBM Resilient connectors. description: The type of incident for IBM Resilient connectors.
type: array type: array
items: items:
type: number type: string
malwareHash: malwareHash:
description: A comma-separated list of malware hashes for ServiceNow SecOps connectors. description: Indicates whether cases will send a comma-separated list of malware hashes for ServiceNow SecOps connectors.
type: string type: boolean
nullable: true
malwareUrl: malwareUrl:
description: A comma-separated list of malware URLs for ServiceNow SecOps connectors. description: Indicates whether cases will send a comma-separated list of malware URLs for ServiceNow SecOps connectors.
type: string type: boolean
nullable: true
parent: parent:
description: The key of the parent issue, when the issue type is sub-task for Jira connectors. description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
type: string type: string
@ -40,10 +43,11 @@ fields:
type: string type: string
severityCode: severityCode:
description: The severity code of the incident for IBM Resilient connectors. description: The severity code of the incident for IBM Resilient connectors.
type: number
sourceIp:
description: A comma-separated list of source IPs for ServiceNow SecOps connectors.
type: string type: string
sourceIp:
description: Indicates whether cases will send a comma-separated list of source IPs for ServiceNow SecOps connectors.
type: boolean
nullable: true
subcategory: subcategory:
description: The subcategory of the incident for ServiceNow ITSM connectors. description: The subcategory of the incident for ServiceNow ITSM connectors.
type: string type: string

25
x-pack/plugins/cases/docs/openapi/components/schemas/connector_properties_cases_webhook.yaml Normal file
View file

@ -0,0 +1,25 @@
title: Create or upate case request properties for Cases Webhook connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.cases-webhook`.
type: object
properties:
fields:
type: string
nullable: true
example: null
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .cases-webhook
enum:
- .cases-webhook

41
x-pack/plugins/cases/docs/openapi/components/schemas/connector_properties_jira.yaml Normal file
View file

@ -0,0 +1,41 @@
title: Create or update case request properties for a Jira connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.jira`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
required:
- issueType
- parent
- priority
properties:
issueType:
description: The type of issue.
type: string
nullable: true
parent:
description: The key of the parent issue, when the issue type is sub-task.
type: string
nullable: true
priority:
description: The priority of the issue.
type: string
nullable: true
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .jira
enum:
- .jira

28
x-pack/plugins/cases/docs/openapi/components/schemas/connector_properties_none.yaml Normal file
View file

@ -0,0 +1,28 @@
title: Create or update case request properties for no connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.none`.
type: object
properties:
fields:
description: An object containing the connector fields. To create a case without a connector, specify null. To update a case to remove the connector, specify null.
nullable: true
type: string
example: null
id:
description: The identifier for the connector. To create a case without a connector, use `none`. To update a case to remove the connector, specify `none`.
type: string
example: none
name:
description: The name of the connector. To create a case without a connector, use `none`. To update a case to remove the connector, specify `none`.
type: string
example: none
type:
description: The type of connector. To create a case without a connector, use `.none`. To update a case to remove the connector, specify `.none`.
type: string
example: .none
enum:
- .none

37
x-pack/plugins/cases/docs/openapi/components/schemas/connector_properties_resilient.yaml Normal file
View file

@ -0,0 +1,37 @@
title: Create case request properties for a IBM Resilient connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.resilient`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
nullable: true
required:
- issueTypes
- severityCode
properties:
issueTypes:
description: The type of incident.
type: array
items:
type: string
severityCode:
description: The severity code of the incident.
type: string
id:
description: The identifier for the connector.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .resilient
enum:
- .resilient

51
x-pack/plugins/cases/docs/openapi/components/schemas/connector_properties_servicenow.yaml Normal file
View file

@ -0,0 +1,51 @@
title: Create case request properties for a ServiceNow ITSM connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.servicenow`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
required:
- category
- impact
- severity
- subcategory
- urgency
properties:
category:
description: The category of the incident.
type: string
nullable: true
impact:
description: The effect an incident had on business.
type: string
nullable: true
severity:
description: The severity of the incident.
type: string
nullable: true
subcategory:
description: The subcategory of the incident.
type: string
nullable: true
urgency:
description: The extent to which the incident resolution can be delayed.
type: string
nullable: true
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .servicenow
enum:
- .servicenow

61
x-pack/plugins/cases/docs/openapi/components/schemas/connector_properties_servicenow_sir.yaml Normal file
View file

@ -0,0 +1,61 @@
title: Create case request properties for a ServiceNow SecOps connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.servicenow-sir`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
required:
- category
- destIp
- malwareHash
- malwareUrl
- priority
- sourceIp
- subcategory
properties:
category:
description: The category of the incident.
type: string
nullable: true
destIp:
description: Indicates whether cases will send a comma-separated list of destination IPs.
type: boolean
nullable: true
malwareHash:
description: Indicates whether cases will send a comma-separated list of malware hashes.
type: boolean
nullable: true
malwareUrl:
description: Indicates whether cases will send a comma-separated list of malware URLs.
type: boolean
nullable: true
priority:
description: The priority of the issue.
type: string
nullable: true
sourceIp:
description: Indicates whether cases will send a comma-separated list of source IPs.
type: boolean
nullable: true
subcategory:
description: The subcategory of the incident.
type: string
nullable: true
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .servicenow-sir
enum:
- .servicenow-sir

31
x-pack/plugins/cases/docs/openapi/components/schemas/connector_properties_swimlane.yaml Normal file
View file

@ -0,0 +1,31 @@
title: Create case request properties for a Swimlane connector
required:
- fields
- id
- name
- type
description: Defines properties for connectors when type is `.swimlane`.
type: object
properties:
fields:
description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
required:
- caseId
properties:
caseId:
description: The case identifier for Swimlane connectors.
type: string
nullable: true
id:
description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
description: The name of the connector.
type: string
type:
description: The type of connector.
type: string
example: .swimlane
enum:
- .swimlane

38
x-pack/plugins/cases/docs/openapi/components/schemas/create_case_request.yaml Normal file
View file

@ -0,0 +1,38 @@
title: Create case request
description: >-
The create case API request body varies depending on the type of connector.
type: object
required:
- connector
- description
- owner
- settings
- tags
- title
properties:
connector:
oneOf:
- $ref: 'connector_properties_none.yaml'
- $ref: 'connector_properties_cases_webhook.yaml'
- $ref: 'connector_properties_jira.yaml'
- $ref: 'connector_properties_resilient.yaml'
- $ref: 'connector_properties_servicenow.yaml'
- $ref: 'connector_properties_servicenow_sir.yaml'
- $ref: 'connector_properties_swimlane.yaml'
description:
description: The description for the case.
type: string
owner:
$ref: 'owners.yaml'
settings:
$ref: 'settings.yaml'
severity:
$ref: 'severity_property.yaml'
tags:
description: The words and phrases that help categorize cases. It can be an empty array.
type: array
items:
type: string
title:
description: A title for the case.
type: string

2
x-pack/plugins/cases/docs/openapi/components/schemas/settings.yaml
View file

@ -1,5 +1,7 @@
type: object type: object
description: An object that contains the case settings. description: An object that contains the case settings.
required:
- syncAlerts
properties: properties:
syncAlerts: syncAlerts:
description: Turns alert syncing on or off. description: Turns alert syncing on or off.

48
x-pack/plugins/cases/docs/openapi/components/schemas/update_case_request.yaml Normal file
View file

@ -0,0 +1,48 @@
title: Update case request
description: >-
The update case API request body varies depending on the type of connector.
type: object
required:
- cases
properties:
cases:
type: array
description: An array containing one or more case objects.
items:
type: object
required:
- id
- version
properties:
connector:
oneOf:
- $ref: 'connector_properties_none.yaml'
- $ref: 'connector_properties_cases_webhook.yaml'
- $ref: 'connector_properties_jira.yaml'
- $ref: 'connector_properties_resilient.yaml'
- $ref: 'connector_properties_servicenow.yaml'
- $ref: 'connector_properties_servicenow_sir.yaml'
- $ref: 'connector_properties_swimlane.yaml'
description:
description: An updated description for the case.
type: string
id:
description: The identifier for the case.
type: string
settings:
$ref: 'settings.yaml'
severity:
$ref: 'severity_property.yaml'
status:
$ref: 'status.yaml'
tags:
description: The words and phrases that help categorize cases.
type: array
items:
type: string
title:
description: A title for the case.
type: string
version:
description: The current version of the case. To determine this value, use the get case or find cases APIs.
type: string

4
x-pack/plugins/cases/docs/openapi/entrypoint-min.yaml
View file

@ -15,8 +15,8 @@ servers:
- url: 'http://localhost:5601' - url: 'http://localhost:5601'
description: local description: local
paths: paths:
# '/s/{spaceId}/api/cases': '/s/{spaceId}/api/cases':
# $ref: 'paths/s@{spaceid}@api@cases.yaml' $ref: 'paths/s@{spaceid}@api@cases.yaml'
# '/s/{spaceId}/api/cases/_find': # '/s/{spaceId}/api/cases/_find':
# $ref: 'paths/s@{spaceid}@api@cases@_find.yaml' # $ref: 'paths/s@{spaceid}@api@cases@_find.yaml'
# '/s/{spaceId}/api/cases/alerts/{alertId}': # '/s/{spaceId}/api/cases/alerts/{alertId}':

86
x-pack/plugins/cases/docs/openapi/paths/s@{spaceid}@api@cases.yaml
View file

@ -11,45 +11,11 @@ post:
- $ref: ../components/headers/kbn_xsrf.yaml - $ref: ../components/headers/kbn_xsrf.yaml
- $ref: '../components/parameters/space_id.yaml' - $ref: '../components/parameters/space_id.yaml'
requestBody: requestBody:
required: true
content: content:
application/json: application/json:
schema: schema:
type: object $ref: '../components/schemas/create_case_request.yaml'
properties:
connector:
description: An object that contains the connector configuration.
type: object
properties:
$ref: '../components/schemas/connector_properties.yaml'
required:
- fields
- id
- name
- type
description:
description: The description for the case.
type: string
owner:
$ref: '../components/schemas/owners.yaml'
settings:
$ref: '../components/schemas/settings.yaml'
severity:
$ref: '../components/schemas/severity_property.yaml'
tags:
description: The words and phrases that help categorize cases. It can be an empty array.
type: array
items:
type: string
title:
description: A title for the case.
type: string
required:
- connector
- description
- owner
- settings
- tags
- title
examples: examples:
createCaseRequest: createCaseRequest:
$ref: '../components/examples/create_case_request.yaml' $ref: '../components/examples/create_case_request.yaml'
@ -108,49 +74,7 @@ patch:
content: content:
application/json: application/json:
schema: schema:
type: object $ref: '../components/schemas/update_case_request.yaml'
properties:
cases:
type: array
items:
type: object
properties:
connector:
description: An object that contains the connector configuration.
type: object
properties:
$ref: '../components/schemas/connector_properties.yaml'
required:
- fields
- id
- name
- type
description:
description: The description for the case.
type: string
id:
description: The identifier for the case.
type: string
settings:
$ref: '../components/schemas/settings.yaml'
severity:
$ref: '../components/schemas/severity_property.yaml'
status:
$ref: '../components/schemas/status.yaml'
tags:
description: The words and phrases that help categorize cases.
type: array
items:
type: string
title:
description: A title for the case.
type: string
version:
description: The current version of the case.
type: string
required:
- id
- version
examples: examples:
updateCaseRequest: updateCaseRequest:
$ref: '../components/examples/update_case_request.yaml' $ref: '../components/examples/update_case_request.yaml'
@ -160,7 +84,9 @@ patch:
content: content:
application/json: application/json:
schema: schema:
$ref: '../components/schemas/case_response_properties.yaml' type: array
items:
$ref: '../components/schemas/case_response_properties.yaml'
examples: examples:
updateCaseResponse: updateCaseResponse:
$ref: '../components/examples/update_case_response.yaml' $ref: '../components/examples/update_case_response.yaml'