mirror of
https://github.com/elastic/kibana.git
synced 2025-04-23 17:28:26 -04:00
[DOCS] Create OAS for get rule types and get alerting framework health (#148774)
This commit is contained in:
Lisa Cawley
GitHub
parent
4f6d0dff28
commit
fa68cb432b
20 changed files with 2474 additions and 36 deletions
|
|
@ -22,7 +22,9 @@ Any modifications made to this file will be overwritten.
|
|||
<li><a href="#disableRule"><code><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/_disable</code></a></li>
|
||||
<li><a href="#enableRule"><code><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/_enable</code></a></li>
|
||||
<li><a href="#findRules"><code><span class="http-method">get</span> /s/{spaceId}/api/alerting/rules/_find</code></a></li>
|
||||
<li><a href="#getAlertingHealth"><code><span class="http-method">get</span> /s/{spaceId}/api/alerting/_health</code></a></li>
|
||||
<li><a href="#getRule"><code><span class="http-method">get</span> /s/{spaceId}/api/alerting/rule/{ruleId}</code></a></li>
|
||||
<li><a href="#getRuleTypes"><code><span class="http-method">get</span> /s/{spaceId}/api/alerting/rule_types</code></a></li>
|
||||
<li><a href="#muteAlert"><code><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute</code></a></li>
|
||||
<li><a href="#muteAllAlerts"><code><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all</code></a></li>
|
||||
<li><a href="#unmuteAlert"><code><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute</code></a></li>
|
||||
|
|
@ -63,18 +65,30 @@ Any modifications made to this file will be overwritten.
|
|||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">204</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#"></a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
<h4 class="field-label">404</h4>
|
||||
Object is not found.
|
||||
<a href="#404_response">404_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="disableRule"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="post"><code class="huge"><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/_disable</code></pre></div>
|
||||
<div class="method-summary">Disable a rule. (<span class="nickname">disableRule</span>)</div>
|
||||
<div class="method-summary">Disables a rule. (<span class="nickname">disableRule</span>)</div>
|
||||
<div class="method-notes">You must have <code>all</code> privileges for the appropriate Kibana features, depending on the <code>consumer</code> and <code>rule_type_id</code> of the rule. For example, the <strong>Management > Stack Rules</strong> feature, <strong>Analytics > Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong>, and <strong>Security</strong> features.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
|
|
@ -102,18 +116,30 @@ Any modifications made to this file will be overwritten.
|
|||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">204</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#"></a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
<h4 class="field-label">404</h4>
|
||||
Object is not found.
|
||||
<a href="#404_response">404_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="enableRule"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="post"><code class="huge"><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/_enable</code></pre></div>
|
||||
<div class="method-summary">Enable a rule. (<span class="nickname">enableRule</span>)</div>
|
||||
<div class="method-summary">Enables a rule. (<span class="nickname">enableRule</span>)</div>
|
||||
<div class="method-notes">This API supports token-based authentication only. You must have <code>all</code> privileges for the appropriate Kibana features, depending on the <code>consumer</code> and <code>rule_type_id</code> of the rule. For example, the <strong>Management > Stack Rules</strong> feature, <strong>Analytics > Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong>, and <strong>Security</strong> features.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
|
|
@ -141,11 +167,23 @@ Any modifications made to this file will be overwritten.
|
|||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">204</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#"></a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
<h4 class="field-label">404</h4>
|
||||
Object is not found.
|
||||
<a href="#401_response">401_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="findRules"/>
|
||||
|
|
@ -325,13 +363,95 @@ Any modifications made to this file will be overwritten.
|
|||
<h4 class="field-label">200</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#findRules_200_response">findRules_200_response</a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="getAlertingHealth"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="get"><code class="huge"><span class="http-method">get</span> /s/{spaceId}/api/alerting/_health</code></pre></div>
|
||||
<div class="method-summary">Retrieves the health status of the alerting framework. (<span class="nickname">getAlertingHealth</span>)</div>
|
||||
<div class="method-notes">You must have <code>read</code> privileges for the <strong>Management > Stack Rules</strong> feature or for at least one of the <strong>Analytics > Discover</strong>, <strong>Analytics > Machine Learning</strong>, <strong>Observability</strong>, or <strong>Security</strong> features.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
<div class="field-items">
|
||||
<div class="param">spaceId (required)</div>
|
||||
|
||||
<div class="param-desc"><span class="param-type">Path Parameter</span> — An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
|
||||
</div> <!-- field-items -->
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<h3 class="field-label">Return type</h3>
|
||||
<div class="return-type">
|
||||
<a href="#getAlertingHealth_200_response">getAlertingHealth_200_response</a>
|
||||
|
||||
</div>
|
||||
|
||||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
<h3 class="field-label">Example data</h3>
|
||||
<div class="example-data-content-type">Content-Type: application/json</div>
|
||||
<pre class="example"><code>{
|
||||
"alerting_framework_health" : {
|
||||
"execution_health" : {
|
||||
"status" : "ok",
|
||||
"timestamp" : "2023-01-13T01:28:00.28Z"
|
||||
},
|
||||
"read_health" : {
|
||||
"status" : "ok",
|
||||
"timestamp" : "2023-01-13T01:28:00.28Z"
|
||||
},
|
||||
"decryption_health" : {
|
||||
"status" : "ok",
|
||||
"timestamp" : "2023-01-13T01:28:00.28Z"
|
||||
}
|
||||
},
|
||||
"alerting_framework_heath" : {
|
||||
"_deprecated" : "This state property has a typo, use \"alerting_framework_health\" instead.",
|
||||
"execution_health" : {
|
||||
"status" : "ok",
|
||||
"timestamp" : "2023-01-13T01:28:00.28Z"
|
||||
},
|
||||
"read_health" : {
|
||||
"status" : "ok",
|
||||
"timestamp" : "2023-01-13T01:28:00.28Z"
|
||||
},
|
||||
"decryption_health" : {
|
||||
"status" : "ok",
|
||||
"timestamp" : "2023-01-13T01:28:00.28Z"
|
||||
}
|
||||
},
|
||||
"has_permanent_encryption_key" : true,
|
||||
"is_sufficiently_secure" : true
|
||||
}</code></pre>
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">200</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#getAlertingHealth_200_response">getAlertingHealth_200_response</a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="getRule"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="get"><code class="huge"><span class="http-method">get</span> /s/{spaceId}/api/alerting/rule/{ruleId}</code></pre></div>
|
||||
<div class="method-summary">Retrieve a rule by its identifier. (<span class="nickname">getRule</span>)</div>
|
||||
<div class="method-summary">Retrieves a rule by its identifier. (<span class="nickname">getRule</span>)</div>
|
||||
<div class="method-notes">You must have <code>read</code> privileges for the appropriate Kibana features, depending on the <code>consumer</code> and <code>rule_type_id</code> of the rules you're seeking. For example, the <strong>Management > Stack Rules</strong> feature, <strong>Analytics > Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong> features, or <strong>Security</strong> features. To get rules associated with the <strong>Stack Monitoring</strong> feature, use the <code>monitoring_user</code> built-in role.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
|
|
@ -424,13 +544,154 @@ Any modifications made to this file will be overwritten.
|
|||
<h4 class="field-label">200</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#rule_response_properties">rule_response_properties</a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
<h4 class="field-label">404</h4>
|
||||
Object is not found.
|
||||
<a href="#404_response">404_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="getRuleTypes"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="get"><code class="huge"><span class="http-method">get</span> /s/{spaceId}/api/alerting/rule_types</code></pre></div>
|
||||
<div class="method-summary">Retrieves a list of rule types. (<span class="nickname">getRuleTypes</span>)</div>
|
||||
<div class="method-notes">If you have <code>read</code> privileges for one or more Kibana features, the API response contains information about the appropriate rule types. For example, there are rule types associated with the <strong>Management > Stack Rules</strong> feature, <strong>Analytics > Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong> features, and <strong>Security</strong> features. To get rule types associated with the <strong>Stack Monitoring</strong> feature, use the <code>monitoring_user</code> built-in role.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
<div class="field-items">
|
||||
<div class="param">spaceId (required)</div>
|
||||
|
||||
<div class="param-desc"><span class="param-type">Path Parameter</span> — An identifier for the space. If <code>/s/</code> and the identifier are omitted from the path, the default space is used. default: null </div>
|
||||
</div> <!-- field-items -->
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<h3 class="field-label">Return type</h3>
|
||||
<div class="return-type">
|
||||
array[<a href="#getRuleTypes_200_response_inner">getRuleTypes_200_response_inner</a>]
|
||||
|
||||
</div>
|
||||
|
||||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
<h3 class="field-label">Example data</h3>
|
||||
<div class="example-data-content-type">Content-Type: application/json</div>
|
||||
<pre class="example"><code>{
|
||||
"recovery_action_group" : {
|
||||
"name" : "name",
|
||||
"id" : "id"
|
||||
},
|
||||
"does_set_recovery_context" : true,
|
||||
"is_exportable" : true,
|
||||
"authorized_consumers" : {
|
||||
"alerts" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"discover" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"stackAlerts" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"infrastructure" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"siem" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"monitoring" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"logs" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"apm" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"ml" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
},
|
||||
"uptime" : {
|
||||
"all" : true,
|
||||
"read" : true
|
||||
}
|
||||
},
|
||||
"action_groups" : [ {
|
||||
"name" : "name",
|
||||
"id" : "id"
|
||||
}, {
|
||||
"name" : "name",
|
||||
"id" : "id"
|
||||
} ],
|
||||
"minimum_license_required" : "basic",
|
||||
"action_variables" : {
|
||||
"context" : [ {
|
||||
"name" : "name",
|
||||
"description" : "description",
|
||||
"useWithTripleBracesInTemplates" : true
|
||||
}, {
|
||||
"name" : "name",
|
||||
"description" : "description",
|
||||
"useWithTripleBracesInTemplates" : true
|
||||
} ],
|
||||
"state" : [ {
|
||||
"name" : "name",
|
||||
"description" : "description"
|
||||
}, {
|
||||
"name" : "name",
|
||||
"description" : "description"
|
||||
} ],
|
||||
"params" : [ {
|
||||
"name" : "name",
|
||||
"description" : "description"
|
||||
}, {
|
||||
"name" : "name",
|
||||
"description" : "description"
|
||||
} ]
|
||||
},
|
||||
"rule_task_timeout" : "5m",
|
||||
"name" : "name",
|
||||
"enabled_in_license" : true,
|
||||
"producer" : "stackAlerts",
|
||||
"id" : "id",
|
||||
"default_action_group_id" : "default_action_group_id"
|
||||
}</code></pre>
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">200</h4>
|
||||
Indicates a successful call.
|
||||
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="muteAlert"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="post"><code class="huge"><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute</code></pre></div>
|
||||
<div class="method-summary">Mute an alert. (<span class="nickname">muteAlert</span>)</div>
|
||||
<div class="method-summary">Mutes an alert. (<span class="nickname">muteAlert</span>)</div>
|
||||
<div class="method-notes">You must have <code>all</code> privileges for the appropriate Kibana features, depending on the <code>consumer</code> and <code>rule_type_id</code> of the rule. For example, the <strong>Management > Stack Rules</strong> feature, <strong>Analytics > Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong>, and <strong>Security</strong> features. If the rule has actions, you must also have <code>read</code> privileges for the <strong>Management > Actions and Connectors</strong> feature.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
|
|
@ -460,18 +721,27 @@ Any modifications made to this file will be overwritten.
|
|||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">204</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#"></a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="muteAllAlerts"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="post"><code class="huge"><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all</code></pre></div>
|
||||
<div class="method-summary">Mute all alerts. (<span class="nickname">muteAllAlerts</span>)</div>
|
||||
<div class="method-summary">Mutes all alerts. (<span class="nickname">muteAllAlerts</span>)</div>
|
||||
<div class="method-notes">This API snoozes the notifications for the rule indefinitely. The rule checks continue to occur but alerts will not trigger any actions. You must have <code>all</code> privileges for the appropriate Kibana features, depending on the <code>consumer</code> and <code>rule_type_id</code> of the rule. For example, the <strong>Management > Stack Rules</strong> feature, <strong>Analytics > Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong>, and <strong>Security</strong> features. If the rule has actions, you must also have <code>read</code> privileges for the <strong>Management > Actions and Connectors</strong> feature.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
|
|
@ -499,18 +769,27 @@ Any modifications made to this file will be overwritten.
|
|||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">204</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#"></a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="unmuteAlert"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="post"><code class="huge"><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute</code></pre></div>
|
||||
<div class="method-summary">Unmute an alert. (<span class="nickname">unmuteAlert</span>)</div>
|
||||
<div class="method-summary">Unmutes an alert. (<span class="nickname">unmuteAlert</span>)</div>
|
||||
<div class="method-notes">You must have <code>all</code> privileges for the appropriate Kibana features, depending on the <code>consumer</code> and <code>rule_type_id</code> of the rule. For example, the <strong>Management > Stack Rules</strong> feature, <strong>Analytics > Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong>, and <strong>Security</strong> features. If the rule has actions, you must also have <code>read</code> privileges for the <strong>Management > Actions and Connectors</strong> feature.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
|
|
@ -540,18 +819,27 @@ Any modifications made to this file will be overwritten.
|
|||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">204</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#"></a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="unmuteAllAlerts"/>
|
||||
<div class="method-path">
|
||||
<a class="up" href="#__Methods">Up</a>
|
||||
<pre class="post"><code class="huge"><span class="http-method">post</span> /s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all</code></pre></div>
|
||||
<div class="method-summary">Unmute all alerts. (<span class="nickname">unmuteAllAlerts</span>)</div>
|
||||
<div class="method-summary">Unmutes all alerts. (<span class="nickname">unmuteAllAlerts</span>)</div>
|
||||
<div class="method-notes">If the rule has its notifications snoozed indefinitely, this API cancels the snooze. You must have <code>all</code> privileges for the appropriate Kibana features, depending on the <code>consumer</code> and <code>rule_type_id</code> of the rule. For example, the <strong>Management > Stack Rules</strong> feature, <strong>Analytics > Discover</strong> and <strong>Machine Learning</strong> features, <strong>Observability</strong>, and <strong>Security</strong> features. If the rule has actions, you must also have <code>read</code> privileges for the <strong>Management > Actions and Connectors</strong> feature.</div>
|
||||
|
||||
<h3 class="field-label">Path parameters</h3>
|
||||
|
|
@ -579,11 +867,20 @@ Any modifications made to this file will be overwritten.
|
|||
<!--Todo: process Response Object and its headers, schema, examples -->
|
||||
|
||||
|
||||
<h3 class="field-label">Produces</h3>
|
||||
This API call produces the following media types according to the <span class="header">Accept</span> request header;
|
||||
the media type will be conveyed by the <span class="header">Content-Type</span> response header.
|
||||
<ul>
|
||||
<li><code>application/json</code></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="field-label">Responses</h3>
|
||||
<h4 class="field-label">204</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#"></a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
<div class="method"><a name="updateRule"/>
|
||||
|
|
@ -702,6 +999,12 @@ Any modifications made to this file will be overwritten.
|
|||
<h4 class="field-label">200</h4>
|
||||
Indicates a successful call.
|
||||
<a href="#rule_response_properties">rule_response_properties</a>
|
||||
<h4 class="field-label">401</h4>
|
||||
Authorization information is missing or invalid.
|
||||
<a href="#401_response">401_response</a>
|
||||
<h4 class="field-label">404</h4>
|
||||
Object is not found.
|
||||
<a href="#404_response">404_response</a>
|
||||
</div> <!-- method -->
|
||||
<hr/>
|
||||
|
||||
|
|
@ -710,10 +1013,27 @@ Any modifications made to this file will be overwritten.
|
|||
|
||||
<h3>Table of Contents</h3>
|
||||
<ol>
|
||||
<li><a href="#401_response"><code>401_response</code> - Unsuccessful rule API response</a></li>
|
||||
<li><a href="#404_response"><code>404_response</code> - </a></li>
|
||||
<li><a href="#actions_inner"><code>actions_inner</code> - </a></li>
|
||||
<li><a href="#findRules_200_response"><code>findRules_200_response</code> - </a></li>
|
||||
<li><a href="#findRules_has_reference_parameter"><code>findRules_has_reference_parameter</code> - </a></li>
|
||||
<li><a href="#findRules_search_fields_parameter"><code>findRules_search_fields_parameter</code> - </a></li>
|
||||
<li><a href="#getAlertingHealth_200_response"><code>getAlertingHealth_200_response</code> - </a></li>
|
||||
<li><a href="#getAlertingHealth_200_response_alerting_framework_health"><code>getAlertingHealth_200_response_alerting_framework_health</code> - </a></li>
|
||||
<li><a href="#getAlertingHealth_200_response_alerting_framework_health_decryption_health"><code>getAlertingHealth_200_response_alerting_framework_health_decryption_health</code> - </a></li>
|
||||
<li><a href="#getAlertingHealth_200_response_alerting_framework_health_execution_health"><code>getAlertingHealth_200_response_alerting_framework_health_execution_health</code> - </a></li>
|
||||
<li><a href="#getAlertingHealth_200_response_alerting_framework_health_read_health"><code>getAlertingHealth_200_response_alerting_framework_health_read_health</code> - </a></li>
|
||||
<li><a href="#getAlertingHealth_200_response_alerting_framework_heath"><code>getAlertingHealth_200_response_alerting_framework_heath</code> - </a></li>
|
||||
<li><a href="#getAlertingHealth_200_response_alerting_framework_heath_decryption_health"><code>getAlertingHealth_200_response_alerting_framework_heath_decryption_health</code> - </a></li>
|
||||
<li><a href="#getRuleTypes_200_response_inner"><code>getRuleTypes_200_response_inner</code> - </a></li>
|
||||
<li><a href="#getRuleTypes_200_response_inner_action_groups_inner"><code>getRuleTypes_200_response_inner_action_groups_inner</code> - </a></li>
|
||||
<li><a href="#getRuleTypes_200_response_inner_action_variables"><code>getRuleTypes_200_response_inner_action_variables</code> - </a></li>
|
||||
<li><a href="#getRuleTypes_200_response_inner_action_variables_context_inner"><code>getRuleTypes_200_response_inner_action_variables_context_inner</code> - </a></li>
|
||||
<li><a href="#getRuleTypes_200_response_inner_action_variables_params_inner"><code>getRuleTypes_200_response_inner_action_variables_params_inner</code> - </a></li>
|
||||
<li><a href="#getRuleTypes_200_response_inner_authorized_consumers"><code>getRuleTypes_200_response_inner_authorized_consumers</code> - </a></li>
|
||||
<li><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts"><code>getRuleTypes_200_response_inner_authorized_consumers_alerts</code> - </a></li>
|
||||
<li><a href="#getRuleTypes_200_response_inner_recovery_action_group"><code>getRuleTypes_200_response_inner_recovery_action_group</code> - </a></li>
|
||||
<li><a href="#notify_when"><code>notify_when</code> - </a></li>
|
||||
<li><a href="#rule_response_properties"><code>rule_response_properties</code> - Rule response properties</a></li>
|
||||
<li><a href="#rule_response_properties_execution_status"><code>rule_response_properties_execution_status</code> - </a></li>
|
||||
|
|
@ -723,6 +1043,32 @@ Any modifications made to this file will be overwritten.
|
|||
<li><a href="#update_rule_request"><code>update_rule_request</code> - Update rule request</a></li>
|
||||
</ol>
|
||||
|
||||
<div class="model">
|
||||
<h3><a name="401_response"><code>401_response</code> - Unsuccessful rule API response</a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">error (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param-enum-header">Enum:</div>
|
||||
<div class="param-enum">Unauthorized</div>
|
||||
<div class="param">message (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">statusCode (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
|
||||
<div class="param-enum-header">Enum:</div>
|
||||
<div class="param-enum">401</div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="404_response"><code>404_response</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">error (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param-enum-header">Enum:</div>
|
||||
<div class="param-enum">Not Found</div>
|
||||
<div class="param">message (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">statusCode (optional)</div><div class="param-desc"><span class="param-type"><a href="#integer">Integer</a></span> </div>
|
||||
<div class="param-enum-header">Enum:</div>
|
||||
<div class="param-enum">404</div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="actions_inner"><code>actions_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
|
|
@ -756,6 +1102,158 @@ Any modifications made to this file will be overwritten.
|
|||
<div class="field-items">
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getAlertingHealth_200_response"><code>getAlertingHealth_200_response</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">alerting_framework_heath (optional)</div><div class="param-desc"><span class="param-type"><a href="#getAlertingHealth_200_response_alerting_framework_heath">getAlertingHealth_200_response_alerting_framework_heath</a></span> </div>
|
||||
<div class="param">alerting_framework_health (optional)</div><div class="param-desc"><span class="param-type"><a href="#getAlertingHealth_200_response_alerting_framework_health">getAlertingHealth_200_response_alerting_framework_health</a></span> </div>
|
||||
<div class="param">has_permanent_encryption_key (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> If <code>false</code>, the encrypted saved object plugin does not have a permanent encryption key. </div>
|
||||
<div class="param">is_sufficiently_secure (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> If <code>false</code>, security is enabled but TLS is not. </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getAlertingHealth_200_response_alerting_framework_health"><code>getAlertingHealth_200_response_alerting_framework_health</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>Three substates identify the health of the alerting framework: <code>decryption_health</code>, <code>execution_health</code>, and <code>read_health</code>.</div>
|
||||
<div class="field-items">
|
||||
<div class="param">decryption_health (optional)</div><div class="param-desc"><span class="param-type"><a href="#getAlertingHealth_200_response_alerting_framework_health_decryption_health">getAlertingHealth_200_response_alerting_framework_health_decryption_health</a></span> </div>
|
||||
<div class="param">execution_health (optional)</div><div class="param-desc"><span class="param-type"><a href="#getAlertingHealth_200_response_alerting_framework_health_execution_health">getAlertingHealth_200_response_alerting_framework_health_execution_health</a></span> </div>
|
||||
<div class="param">read_health (optional)</div><div class="param-desc"><span class="param-type"><a href="#getAlertingHealth_200_response_alerting_framework_health_read_health">getAlertingHealth_200_response_alerting_framework_health_read_health</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getAlertingHealth_200_response_alerting_framework_health_decryption_health"><code>getAlertingHealth_200_response_alerting_framework_health_decryption_health</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>The timestamp and status of the rule decryption.</div>
|
||||
<div class="field-items">
|
||||
<div class="param">status (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param-enum-header">Enum:</div>
|
||||
<div class="param-enum">error</div><div class="param-enum">ok</div><div class="param-enum">warn</div>
|
||||
<div class="param">timestamp (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getAlertingHealth_200_response_alerting_framework_health_execution_health"><code>getAlertingHealth_200_response_alerting_framework_health_execution_health</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>The timestamp and status of the rule run.</div>
|
||||
<div class="field-items">
|
||||
<div class="param">status (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param-enum-header">Enum:</div>
|
||||
<div class="param-enum">error</div><div class="param-enum">ok</div><div class="param-enum">warn</div>
|
||||
<div class="param">timestamp (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getAlertingHealth_200_response_alerting_framework_health_read_health"><code>getAlertingHealth_200_response_alerting_framework_health_read_health</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>The timestamp and status of the rule reading events.</div>
|
||||
<div class="field-items">
|
||||
<div class="param">status (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param-enum-header">Enum:</div>
|
||||
<div class="param-enum">error</div><div class="param-enum">ok</div><div class="param-enum">warn</div>
|
||||
<div class="param">timestamp (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getAlertingHealth_200_response_alerting_framework_heath"><code>getAlertingHealth_200_response_alerting_framework_heath</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>This property has a typo. Use <code>alerting_framework_health</code> instead.</div>
|
||||
<div class="field-items">
|
||||
<div class="param">_deprecated (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">decryption_health (optional)</div><div class="param-desc"><span class="param-type"><a href="#getAlertingHealth_200_response_alerting_framework_heath_decryption_health">getAlertingHealth_200_response_alerting_framework_heath_decryption_health</a></span> </div>
|
||||
<div class="param">execution_health (optional)</div><div class="param-desc"><span class="param-type"><a href="#getAlertingHealth_200_response_alerting_framework_heath_decryption_health">getAlertingHealth_200_response_alerting_framework_heath_decryption_health</a></span> </div>
|
||||
<div class="param">read_health (optional)</div><div class="param-desc"><span class="param-type"><a href="#getAlertingHealth_200_response_alerting_framework_heath_decryption_health">getAlertingHealth_200_response_alerting_framework_heath_decryption_health</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getAlertingHealth_200_response_alerting_framework_heath_decryption_health"><code>getAlertingHealth_200_response_alerting_framework_heath_decryption_health</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">status (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">timestamp (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getRuleTypes_200_response_inner"><code>getRuleTypes_200_response_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">action_groups (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_action_groups_inner">array[getRuleTypes_200_response_inner_action_groups_inner]</a></span> An explicit list of groups for which the rule type can schedule actions, each with the action group's unique ID and human readable name. Rule actions validation uses this configuration to ensure that groups are valid. </div>
|
||||
<div class="param">action_variables (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_action_variables">getRuleTypes_200_response_inner_action_variables</a></span> </div>
|
||||
<div class="param">authorized_consumers (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers">getRuleTypes_200_response_inner_authorized_consumers</a></span> </div>
|
||||
<div class="param">default_action_group_id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The default identifier for the rule type group. </div>
|
||||
<div class="param">does_set_recovery_context (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether the rule passes context variables to its recovery action. </div>
|
||||
<div class="param">enabled_in_license (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether the rule type is enabled or disabled based on the subscription. </div>
|
||||
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The unique identifier for the rule type. </div>
|
||||
<div class="param">is_exportable (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether the rule type is exportable in <strong>Stack Management > Saved Objects</strong>. </div>
|
||||
<div class="param">minimum_license_required (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The subscriptions required to use the rule type. </div>
|
||||
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The descriptive name of the rule type. </div>
|
||||
<div class="param">producer (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> An identifier for the application that produces this rule type. </div>
|
||||
<div class="param">recovery_action_group (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_recovery_action_group">getRuleTypes_200_response_inner_recovery_action_group</a></span> </div>
|
||||
<div class="param">rule_task_timeout (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getRuleTypes_200_response_inner_action_groups_inner"><code>getRuleTypes_200_response_inner_action_groups_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getRuleTypes_200_response_inner_action_variables"><code>getRuleTypes_200_response_inner_action_variables</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>A list of action variables that the rule type makes available via context and state in action parameter templates, and a short human readable description. When you create a rule in Kibana, it uses this information to prompt you for these variables in action parameter editors.</div>
|
||||
<div class="field-items">
|
||||
<div class="param">context (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_action_variables_context_inner">array[getRuleTypes_200_response_inner_action_variables_context_inner]</a></span> </div>
|
||||
<div class="param">params (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_action_variables_params_inner">array[getRuleTypes_200_response_inner_action_variables_params_inner]</a></span> </div>
|
||||
<div class="param">state (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_action_variables_params_inner">array[getRuleTypes_200_response_inner_action_variables_params_inner]</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getRuleTypes_200_response_inner_action_variables_context_inner"><code>getRuleTypes_200_response_inner_action_variables_context_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">description (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">useWithTripleBracesInTemplates (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getRuleTypes_200_response_inner_action_variables_params_inner"><code>getRuleTypes_200_response_inner_action_variables_params_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">description (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getRuleTypes_200_response_inner_authorized_consumers"><code>getRuleTypes_200_response_inner_authorized_consumers</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>The list of the plugins IDs that have access to the rule type.</div>
|
||||
<div class="field-items">
|
||||
<div class="param">alerts (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">apm (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">discover (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">infrastructure (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">logs (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">ml (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">monitoring (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">siem (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">stackAlerts (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
<div class="param">uptime (optional)</div><div class="param-desc"><span class="param-type"><a href="#getRuleTypes_200_response_inner_authorized_consumers_alerts">getRuleTypes_200_response_inner_authorized_consumers_alerts</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getRuleTypes_200_response_inner_authorized_consumers_alerts"><code>getRuleTypes_200_response_inner_authorized_consumers_alerts</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'></div>
|
||||
<div class="field-items">
|
||||
<div class="param">all (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> </div>
|
||||
<div class="param">read (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="getRuleTypes_200_response_inner_recovery_action_group"><code>getRuleTypes_200_response_inner_recovery_action_group</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>An action group to use when an alert goes from an active state to an inactive one.</div>
|
||||
<div class="field-items">
|
||||
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
<div class="param">name (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
|
||||
</div> <!-- field-items -->
|
||||
</div>
|
||||
<div class="model">
|
||||
<h3><a name="notify_when"><code>notify_when</code> - </a> <a class="up" href="#__Models">Up</a></h3>
|
||||
<div class='model-description'>Indicates how often alerts generate actions. Valid values include: <code>onActionGroupChange</code>: Actions run when the alert status changes; <code>onActiveAlert</code>: Actions run when the alert becomes active and at each check interval while the rule conditions are met; <code>onThrottleInterval</code>: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met.</div>
|
||||
|
|
|
|||
|
|
@ -6,6 +6,12 @@
|
|||
|
||||
Retrieve the health status of the alerting framework.
|
||||
|
||||
[NOTE]
|
||||
====
|
||||
For the most up-to-date API details, refer to the
|
||||
{kib-repo}/tree/{branch}/x-pack/plugins/alerting/docs/openapi[open API specification]. For a preview, check out <<rule-apis>>.
|
||||
====
|
||||
|
||||
[[get-alerting-framework-health-api-request]]
|
||||
=== {api-request-title}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,6 +6,13 @@
|
|||
|
||||
Retrieve a list of rule types that the user is authorized to access.
|
||||
|
||||
[NOTE]
|
||||
====
|
||||
For the most up-to-date API details, refer to the
|
||||
{kib-repo}/tree/{branch}/x-pack/plugins/alerting/docs/openapi[open API specification]. For a preview, check out <<rule-apis>>.
|
||||
====
|
||||
|
||||
|
||||
[[list-rule-types-api-request]]
|
||||
=== {api-request-title}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@
|
|||
"paths": {
|
||||
"/s/{spaceId}/api/alerting/rule/{ruleId}": {
|
||||
"get": {
|
||||
"summary": "Retrieve a rule by its identifier.",
|
||||
"summary": "Retrieves a rule by its identifier.",
|
||||
"operationId": "getRule",
|
||||
"description": "You must have `read` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rules you're seeking. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, or **Security** features. To get rules associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.\n",
|
||||
"tags": [
|
||||
|
|
@ -50,14 +50,39 @@
|
|||
"$ref": "#/components/schemas/rule_response_properties"
|
||||
},
|
||||
"examples": {
|
||||
"updateRuleResponse": {
|
||||
"getRuleResponse": {
|
||||
"$ref": "#/components/examples/get_rule_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"404": {
|
||||
"description": "Object is not found.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/404_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
{
|
||||
"url": "https://localhost:5601"
|
||||
}
|
||||
]
|
||||
},
|
||||
"delete": {
|
||||
"summary": "Deletes a rule.",
|
||||
|
|
@ -80,6 +105,26 @@
|
|||
"responses": {
|
||||
"204": {
|
||||
"description": "Indicates a successful call."
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"404": {
|
||||
"description": "Object is not found.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/404_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -136,6 +181,26 @@
|
|||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"404": {
|
||||
"description": "Object is not found.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/404_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -152,7 +217,7 @@
|
|||
},
|
||||
"/s/{spaceId}/api/alerting/rule/{ruleId}/_disable": {
|
||||
"post": {
|
||||
"summary": "Disable a rule.",
|
||||
"summary": "Disables a rule.",
|
||||
"operationId": "disableRule",
|
||||
"description": "You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features.\n",
|
||||
"tags": [
|
||||
|
|
@ -172,6 +237,26 @@
|
|||
"responses": {
|
||||
"204": {
|
||||
"description": "Indicates a successful call."
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"404": {
|
||||
"description": "Object is not found.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/404_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -188,7 +273,7 @@
|
|||
},
|
||||
"/s/{spaceId}/api/alerting/rule/{ruleId}/_enable": {
|
||||
"post": {
|
||||
"summary": "Enable a rule.",
|
||||
"summary": "Enables a rule.",
|
||||
"operationId": "enableRule",
|
||||
"description": "This API supports token-based authentication only. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features.\n",
|
||||
"tags": [
|
||||
|
|
@ -208,6 +293,26 @@
|
|||
"responses": {
|
||||
"204": {
|
||||
"description": "Indicates a successful call."
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"404": {
|
||||
"description": "Object is not found.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -380,6 +485,16 @@
|
|||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -394,9 +509,471 @@
|
|||
}
|
||||
]
|
||||
},
|
||||
"/s/{spaceId}/api/alerting/_health": {
|
||||
"get": {
|
||||
"summary": "Retrieves the health status of the alerting framework.",
|
||||
"operationId": "getAlertingHealth",
|
||||
"description": "You must have `read` privileges for the **Management > Stack Rules** feature or for at least one of the **Analytics > Discover**, **Analytics > Machine Learning**, **Observability**, or **Security** features.\n",
|
||||
"tags": [
|
||||
"alerting"
|
||||
],
|
||||
"parameters": [
|
||||
{
|
||||
"$ref": "#/components/parameters/space_id"
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "Indicates a successful call.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"alerting_framework_heath": {
|
||||
"type": "object",
|
||||
"description": "This property has a typo. Use `alerting_framework_health` instead.",
|
||||
"deprecated": true,
|
||||
"properties": {
|
||||
"_deprecated": {
|
||||
"type": "string",
|
||||
"example": "This state property has a typo, use \"alerting_framework_health\" instead."
|
||||
},
|
||||
"decryption_health": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"status": {
|
||||
"type": "string",
|
||||
"example": "ok"
|
||||
},
|
||||
"timestamp": {
|
||||
"type": "string",
|
||||
"format": "date-time",
|
||||
"example": "2023-01-13T01:28:00.280Z"
|
||||
}
|
||||
}
|
||||
},
|
||||
"execution_health": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"status": {
|
||||
"type": "string",
|
||||
"example": "ok"
|
||||
},
|
||||
"timestamp": {
|
||||
"type": "string",
|
||||
"format": "date-time",
|
||||
"example": "2023-01-13T01:28:00.280Z"
|
||||
}
|
||||
}
|
||||
},
|
||||
"read_health": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"status": {
|
||||
"type": "string",
|
||||
"example": "ok"
|
||||
},
|
||||
"timestamp": {
|
||||
"type": "string",
|
||||
"format": "date-time",
|
||||
"example": "2023-01-13T01:28:00.280Z"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"alerting_framework_health": {
|
||||
"type": "object",
|
||||
"description": "Three substates identify the health of the alerting framework: `decryption_health`, `execution_health`, and `read_health`.\n",
|
||||
"properties": {
|
||||
"decryption_health": {
|
||||
"type": "object",
|
||||
"description": "The timestamp and status of the rule decryption.",
|
||||
"properties": {
|
||||
"status": {
|
||||
"type": "string",
|
||||
"example": "ok",
|
||||
"enum": [
|
||||
"error",
|
||||
"ok",
|
||||
"warn"
|
||||
]
|
||||
},
|
||||
"timestamp": {
|
||||
"type": "string",
|
||||
"format": "date-time",
|
||||
"example": "2023-01-13T01:28:00.280Z"
|
||||
}
|
||||
}
|
||||
},
|
||||
"execution_health": {
|
||||
"type": "object",
|
||||
"description": "The timestamp and status of the rule run.",
|
||||
"properties": {
|
||||
"status": {
|
||||
"type": "string",
|
||||
"example": "ok",
|
||||
"enum": [
|
||||
"error",
|
||||
"ok",
|
||||
"warn"
|
||||
]
|
||||
},
|
||||
"timestamp": {
|
||||
"type": "string",
|
||||
"format": "date-time",
|
||||
"example": "2023-01-13T01:28:00.280Z"
|
||||
}
|
||||
}
|
||||
},
|
||||
"read_health": {
|
||||
"type": "object",
|
||||
"description": "The timestamp and status of the rule reading events.",
|
||||
"properties": {
|
||||
"status": {
|
||||
"type": "string",
|
||||
"example": "ok",
|
||||
"enum": [
|
||||
"error",
|
||||
"ok",
|
||||
"warn"
|
||||
]
|
||||
},
|
||||
"timestamp": {
|
||||
"type": "string",
|
||||
"format": "date-time",
|
||||
"example": "2023-01-13T01:28:00.280Z"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"has_permanent_encryption_key": {
|
||||
"type": "boolean",
|
||||
"description": "If `false`, the encrypted saved object plugin does not have a permanent encryption key.",
|
||||
"example": true
|
||||
},
|
||||
"is_sufficiently_secure": {
|
||||
"type": "boolean",
|
||||
"description": "If `false`, security is enabled but TLS is not.",
|
||||
"example": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"examples": {
|
||||
"getAlertingHealthResponse": {
|
||||
"$ref": "#/components/examples/get_health_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
{
|
||||
"url": "https://localhost:5601"
|
||||
}
|
||||
]
|
||||
},
|
||||
"/s/{spaceId}/api/alerting/rule_types": {
|
||||
"get": {
|
||||
"summary": "Retrieves a list of rule types.",
|
||||
"operationId": "getRuleTypes",
|
||||
"description": "If you have `read` privileges for one or more Kibana features, the API response contains information about the appropriate rule types. For example, there are rule types associated with the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, and **Security** features. To get rule types associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.\n",
|
||||
"tags": [
|
||||
"alerting"
|
||||
],
|
||||
"parameters": [
|
||||
{
|
||||
"$ref": "#/components/parameters/space_id"
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "Indicates a successful call.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"action_groups": {
|
||||
"description": "An explicit list of groups for which the rule type can schedule actions, each with the action group's unique ID and human readable name. Rule actions validation uses this configuration to ensure that groups are valid.\n",
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"id": {
|
||||
"type": "string"
|
||||
},
|
||||
"name": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"action_variables": {
|
||||
"description": "A list of action variables that the rule type makes available via context and state in action parameter templates, and a short human readable description. When you create a rule in Kibana, it uses this information to prompt you for these variables in action parameter editors.\n",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"context": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"name": {
|
||||
"type": "string"
|
||||
},
|
||||
"description": {
|
||||
"type": "string"
|
||||
},
|
||||
"useWithTripleBracesInTemplates": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"params": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"description": {
|
||||
"type": "string"
|
||||
},
|
||||
"name": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"state": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"description": {
|
||||
"type": "string"
|
||||
},
|
||||
"name": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"authorized_consumers": {
|
||||
"description": "The list of the plugins IDs that have access to the rule type.",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"alerts": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"apm": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"discover": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"infrastructure": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"logs": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"ml": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"monitoring": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"siem": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"stackAlerts": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"uptime": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"read": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"default_action_group_id": {
|
||||
"description": "The default identifier for the rule type group.",
|
||||
"type": "string"
|
||||
},
|
||||
"does_set_recovery_context": {
|
||||
"description": "Indicates whether the rule passes context variables to its recovery action.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"enabled_in_license": {
|
||||
"description": "Indicates whether the rule type is enabled or disabled based on the subscription.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"id": {
|
||||
"description": "The unique identifier for the rule type.",
|
||||
"type": "string"
|
||||
},
|
||||
"is_exportable": {
|
||||
"description": "Indicates whether the rule type is exportable in **Stack Management > Saved Objects**.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"minimum_license_required": {
|
||||
"description": "The subscriptions required to use the rule type.",
|
||||
"type": "string",
|
||||
"example": "basic"
|
||||
},
|
||||
"name": {
|
||||
"description": "The descriptive name of the rule type.",
|
||||
"type": "string"
|
||||
},
|
||||
"producer": {
|
||||
"description": "An identifier for the application that produces this rule type.",
|
||||
"type": "string",
|
||||
"example": "stackAlerts"
|
||||
},
|
||||
"recovery_action_group": {
|
||||
"description": "An action group to use when an alert goes from an active state to an inactive one.",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"id": {
|
||||
"type": "string"
|
||||
},
|
||||
"name": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
},
|
||||
"rule_task_timeout": {
|
||||
"type": "string",
|
||||
"example": "5m"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"examples": {
|
||||
"getRuleTypesResponse": {
|
||||
"$ref": "#/components/examples/get_rule_types_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
{
|
||||
"url": "https://localhost:5601"
|
||||
}
|
||||
]
|
||||
},
|
||||
"/s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all": {
|
||||
"post": {
|
||||
"summary": "Mute all alerts.",
|
||||
"summary": "Mutes all alerts.",
|
||||
"operationId": "muteAllAlerts",
|
||||
"description": "This API snoozes the notifications for the rule indefinitely. The rule checks continue to occur but alerts will not trigger any actions. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature.\n",
|
||||
"tags": [
|
||||
|
|
@ -416,6 +993,16 @@
|
|||
"responses": {
|
||||
"204": {
|
||||
"description": "Indicates a successful call."
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -432,7 +1019,7 @@
|
|||
},
|
||||
"/s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all": {
|
||||
"post": {
|
||||
"summary": "Unmute all alerts.",
|
||||
"summary": "Unmutes all alerts.",
|
||||
"operationId": "unmuteAllAlerts",
|
||||
"description": "If the rule has its notifications snoozed indefinitely, this API cancels the snooze. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature.\n",
|
||||
"tags": [
|
||||
|
|
@ -452,6 +1039,16 @@
|
|||
"responses": {
|
||||
"204": {
|
||||
"description": "Indicates a successful call."
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -468,7 +1065,7 @@
|
|||
},
|
||||
"/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute": {
|
||||
"post": {
|
||||
"summary": "Mute an alert.",
|
||||
"summary": "Mutes an alert.",
|
||||
"operationId": "muteAlert",
|
||||
"description": "You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature. \n",
|
||||
"tags": [
|
||||
|
|
@ -491,6 +1088,16 @@
|
|||
"responses": {
|
||||
"204": {
|
||||
"description": "Indicates a successful call."
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -507,7 +1114,7 @@
|
|||
},
|
||||
"/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute": {
|
||||
"post": {
|
||||
"summary": "Unmute an alert.",
|
||||
"summary": "Unmutes an alert.",
|
||||
"operationId": "unmuteAlert",
|
||||
"description": "You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature. \n",
|
||||
"tags": [
|
||||
|
|
@ -530,6 +1137,16 @@
|
|||
"responses": {
|
||||
"204": {
|
||||
"description": "Indicates a successful call."
|
||||
},
|
||||
"401": {
|
||||
"description": "Authorization information is missing or invalid.",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/401_response"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"servers": [
|
||||
|
|
@ -838,6 +1455,52 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"401_response": {
|
||||
"type": "object",
|
||||
"title": "Unsuccessful rule API response",
|
||||
"properties": {
|
||||
"error": {
|
||||
"type": "string",
|
||||
"example": "Unauthorized",
|
||||
"enum": [
|
||||
"Unauthorized"
|
||||
]
|
||||
},
|
||||
"message": {
|
||||
"type": "string"
|
||||
},
|
||||
"statusCode": {
|
||||
"type": "integer",
|
||||
"example": 401,
|
||||
"enum": [
|
||||
401
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"404_response": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"error": {
|
||||
"type": "string",
|
||||
"example": "Not Found",
|
||||
"enum": [
|
||||
"Not Found"
|
||||
]
|
||||
},
|
||||
"message": {
|
||||
"type": "string",
|
||||
"example": "Saved object [alert/caaad6d0-920c-11ed-b36a-874bd1548a00] not found"
|
||||
},
|
||||
"statusCode": {
|
||||
"type": "integer",
|
||||
"example": 404,
|
||||
"enum": [
|
||||
404
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"update_rule_request": {
|
||||
"title": "Update rule request",
|
||||
"description": "The update rule API request body varies depending on the type of rule and actions.",
|
||||
|
|
@ -1115,6 +1778,174 @@
|
|||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"get_health_response": {
|
||||
"summary": "Retrieve information about the health of the alerting framework.",
|
||||
"value": {
|
||||
"is_sufficiently_secure": true,
|
||||
"has_permanent_encryption_key": true,
|
||||
"alerting_framework_health": {
|
||||
"decryption_health": {
|
||||
"status": "ok",
|
||||
"timestamp": "2023-01-13T01:28:00.280Z"
|
||||
},
|
||||
"execution_health": {
|
||||
"status": "ok",
|
||||
"timestamp": "2023-01-13T01:28:00.280Z"
|
||||
},
|
||||
"read_health": {
|
||||
"status": "ok",
|
||||
"timestamp": "2023-01-13T01:28:00.280Z"
|
||||
}
|
||||
},
|
||||
"alerting_framework_heath": {
|
||||
"_deprecated": "This state property has a typo, use \"alerting_framework_health\" instead.",
|
||||
"decryption_health": {
|
||||
"status": "ok",
|
||||
"timestamp": "2023-01-13T01:28:00.280Z"
|
||||
},
|
||||
"execution_health": {
|
||||
"status": "ok",
|
||||
"timestamp": "2023-01-13T01:28:00.280Z"
|
||||
},
|
||||
"read_health": {
|
||||
"status": "ok",
|
||||
"timestamp": "2023-01-13T01:28:00.280Z"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"get_rule_types_response": {
|
||||
"summary": "Retrieve rule types associated with Kibana machine learning features",
|
||||
"value": [
|
||||
{
|
||||
"id": "xpack.ml.anomaly_detection_alert",
|
||||
"action_groups": [
|
||||
{
|
||||
"id": "anomaly_score_match",
|
||||
"name": "Anomaly score matched the condition"
|
||||
},
|
||||
{
|
||||
"id": "recovered",
|
||||
"name": "Recovered"
|
||||
}
|
||||
],
|
||||
"action_variables": {
|
||||
"context": [
|
||||
{
|
||||
"name": "timestamp",
|
||||
"description": "The bucket timestamp of the anomaly"
|
||||
},
|
||||
{
|
||||
"name": "timestampIso8601",
|
||||
"description": "The bucket time of the anomaly in ISO8601 format"
|
||||
},
|
||||
{
|
||||
"name": "jobIds",
|
||||
"description": "List of job IDs that triggered the alert"
|
||||
},
|
||||
{
|
||||
"name": "message",
|
||||
"description": "Alert info message"
|
||||
},
|
||||
{
|
||||
"name": "isInterim",
|
||||
"description": "Indicate if top hits contain interim results"
|
||||
},
|
||||
{
|
||||
"name": "score",
|
||||
"description": "Anomaly score at the time of the notification action"
|
||||
},
|
||||
{
|
||||
"name": "topRecords",
|
||||
"description": "Top records"
|
||||
},
|
||||
{
|
||||
"name": "topInfluencers",
|
||||
"description": "Top influencers"
|
||||
},
|
||||
{
|
||||
"name": "anomalyExplorerUrl",
|
||||
"description": "URL to open in the Anomaly Explorer",
|
||||
"useWithTripleBracesInTemplates": true
|
||||
}
|
||||
],
|
||||
"params": [],
|
||||
"state": []
|
||||
},
|
||||
"authorized_consumers": {
|
||||
"alerts": {
|
||||
"all": true,
|
||||
"read": true
|
||||
},
|
||||
"ml": {
|
||||
"all": true,
|
||||
"read": true
|
||||
}
|
||||
},
|
||||
"default_action_group_id": "anomaly_score_match",
|
||||
"does_set_recovery_context": true,
|
||||
"enabled_in_license": true,
|
||||
"is_exportable": true,
|
||||
"minimum_license_required": "platinum",
|
||||
"name": "Anomaly detection alert",
|
||||
"producer": "ml",
|
||||
"recovery_action_group": {
|
||||
"id": "recovered",
|
||||
"name": "Recovered"
|
||||
},
|
||||
"rule_task_timeout": "5m"
|
||||
},
|
||||
{
|
||||
"id": "xpack.ml.anomaly_detection_jobs_health",
|
||||
"action_groups": [
|
||||
{
|
||||
"id": "anomaly_detection_realtime_issue",
|
||||
"name": "Issue detected"
|
||||
},
|
||||
{
|
||||
"id": "recovered",
|
||||
"name": "Recovered"
|
||||
}
|
||||
],
|
||||
"action_variables": {
|
||||
"context": [
|
||||
{
|
||||
"name": "results",
|
||||
"description": "Results of the rule execution"
|
||||
},
|
||||
{
|
||||
"name": "message",
|
||||
"description": "Alert info message"
|
||||
}
|
||||
],
|
||||
"params": [],
|
||||
"state": []
|
||||
},
|
||||
"authorized_consumers": {
|
||||
"alerts": {
|
||||
"all": true,
|
||||
"read": true
|
||||
},
|
||||
"ml": {
|
||||
"all": true,
|
||||
"read": true
|
||||
}
|
||||
},
|
||||
"default_action_group_id": "anomaly_detection_realtime_issue",
|
||||
"does_set_recovery_context": true,
|
||||
"enabled_in_license": true,
|
||||
"is_exportable": true,
|
||||
"minimum_license_required": "platinum",
|
||||
"name": "Anomaly detection jobs health",
|
||||
"producer": "ml",
|
||||
"recovery_action_group": {
|
||||
"id": "recovered",
|
||||
"name": "Recovered"
|
||||
},
|
||||
"rule_task_timeout": "5m"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ servers:
|
|||
paths:
|
||||
/s/{spaceId}/api/alerting/rule/{ruleId}:
|
||||
get:
|
||||
summary: Retrieve a rule by its identifier.
|
||||
summary: Retrieves a rule by its identifier.
|
||||
operationId: getRule
|
||||
description: |
|
||||
You must have `read` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rules you're seeking. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, or **Security** features. To get rules associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.
|
||||
|
|
@ -34,8 +34,22 @@ paths:
|
|||
schema:
|
||||
$ref: '#/components/schemas/rule_response_properties'
|
||||
examples:
|
||||
updateRuleResponse:
|
||||
getRuleResponse:
|
||||
$ref: '#/components/examples/get_rule_response'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/404_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
delete:
|
||||
summary: Deletes a rule.
|
||||
operationId: deleteRule
|
||||
|
|
@ -50,6 +64,18 @@ paths:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/404_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
put:
|
||||
|
|
@ -82,13 +108,25 @@ paths:
|
|||
examples:
|
||||
updateRuleResponse:
|
||||
$ref: '#/components/examples/update_rule_response'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/404_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
/s/{spaceId}/api/alerting/rule/{ruleId}/_disable:
|
||||
post:
|
||||
summary: Disable a rule.
|
||||
summary: Disables a rule.
|
||||
operationId: disableRule
|
||||
description: |
|
||||
You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features.
|
||||
|
|
@ -101,13 +139,25 @@ paths:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/404_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
/s/{spaceId}/api/alerting/rule/{ruleId}/_enable:
|
||||
post:
|
||||
summary: Enable a rule.
|
||||
summary: Enables a rule.
|
||||
operationId: enableRule
|
||||
description: |
|
||||
This API supports token-based authentication only. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features.
|
||||
|
|
@ -120,6 +170,18 @@ paths:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
@ -229,13 +291,331 @@ paths:
|
|||
examples:
|
||||
findRulesResponse:
|
||||
$ref: '#/components/examples/find_rules_response'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
/s/{spaceId}/api/alerting/_health:
|
||||
get:
|
||||
summary: Retrieves the health status of the alerting framework.
|
||||
operationId: getAlertingHealth
|
||||
description: |
|
||||
You must have `read` privileges for the **Management > Stack Rules** feature or for at least one of the **Analytics > Discover**, **Analytics > Machine Learning**, **Observability**, or **Security** features.
|
||||
tags:
|
||||
- alerting
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/space_id'
|
||||
responses:
|
||||
'200':
|
||||
description: Indicates a successful call.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
alerting_framework_heath:
|
||||
type: object
|
||||
description: This property has a typo. Use `alerting_framework_health` instead.
|
||||
deprecated: true
|
||||
properties:
|
||||
_deprecated:
|
||||
type: string
|
||||
example: This state property has a typo, use "alerting_framework_health" instead.
|
||||
decryption_health:
|
||||
type: object
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: '2023-01-13T01:28:00.280Z'
|
||||
execution_health:
|
||||
type: object
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: '2023-01-13T01:28:00.280Z'
|
||||
read_health:
|
||||
type: object
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: '2023-01-13T01:28:00.280Z'
|
||||
alerting_framework_health:
|
||||
type: object
|
||||
description: |
|
||||
Three substates identify the health of the alerting framework: `decryption_health`, `execution_health`, and `read_health`.
|
||||
properties:
|
||||
decryption_health:
|
||||
type: object
|
||||
description: The timestamp and status of the rule decryption.
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
enum:
|
||||
- error
|
||||
- ok
|
||||
- warn
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: '2023-01-13T01:28:00.280Z'
|
||||
execution_health:
|
||||
type: object
|
||||
description: The timestamp and status of the rule run.
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
enum:
|
||||
- error
|
||||
- ok
|
||||
- warn
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: '2023-01-13T01:28:00.280Z'
|
||||
read_health:
|
||||
type: object
|
||||
description: The timestamp and status of the rule reading events.
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
enum:
|
||||
- error
|
||||
- ok
|
||||
- warn
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: '2023-01-13T01:28:00.280Z'
|
||||
has_permanent_encryption_key:
|
||||
type: boolean
|
||||
description: If `false`, the encrypted saved object plugin does not have a permanent encryption key.
|
||||
example: true
|
||||
is_sufficiently_secure:
|
||||
type: boolean
|
||||
description: If `false`, security is enabled but TLS is not.
|
||||
example: true
|
||||
examples:
|
||||
getAlertingHealthResponse:
|
||||
$ref: '#/components/examples/get_health_response'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
/s/{spaceId}/api/alerting/rule_types:
|
||||
get:
|
||||
summary: Retrieves a list of rule types.
|
||||
operationId: getRuleTypes
|
||||
description: |
|
||||
If you have `read` privileges for one or more Kibana features, the API response contains information about the appropriate rule types. For example, there are rule types associated with the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, and **Security** features. To get rule types associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.
|
||||
tags:
|
||||
- alerting
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/space_id'
|
||||
responses:
|
||||
'200':
|
||||
description: Indicates a successful call.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
action_groups:
|
||||
description: |
|
||||
An explicit list of groups for which the rule type can schedule actions, each with the action group's unique ID and human readable name. Rule actions validation uses this configuration to ensure that groups are valid.
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
id:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
action_variables:
|
||||
description: |
|
||||
A list of action variables that the rule type makes available via context and state in action parameter templates, and a short human readable description. When you create a rule in Kibana, it uses this information to prompt you for these variables in action parameter editors.
|
||||
type: object
|
||||
properties:
|
||||
context:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
description:
|
||||
type: string
|
||||
useWithTripleBracesInTemplates:
|
||||
type: boolean
|
||||
params:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
description:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
state:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
description:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
authorized_consumers:
|
||||
description: The list of the plugins IDs that have access to the rule type.
|
||||
type: object
|
||||
properties:
|
||||
alerts:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
apm:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
discover:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
infrastructure:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
logs:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
ml:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
monitoring:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
siem:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
stackAlerts:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
uptime:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
default_action_group_id:
|
||||
description: The default identifier for the rule type group.
|
||||
type: string
|
||||
does_set_recovery_context:
|
||||
description: Indicates whether the rule passes context variables to its recovery action.
|
||||
type: boolean
|
||||
enabled_in_license:
|
||||
description: Indicates whether the rule type is enabled or disabled based on the subscription.
|
||||
type: boolean
|
||||
id:
|
||||
description: The unique identifier for the rule type.
|
||||
type: string
|
||||
is_exportable:
|
||||
description: Indicates whether the rule type is exportable in **Stack Management > Saved Objects**.
|
||||
type: boolean
|
||||
minimum_license_required:
|
||||
description: The subscriptions required to use the rule type.
|
||||
type: string
|
||||
example: basic
|
||||
name:
|
||||
description: The descriptive name of the rule type.
|
||||
type: string
|
||||
producer:
|
||||
description: An identifier for the application that produces this rule type.
|
||||
type: string
|
||||
example: stackAlerts
|
||||
recovery_action_group:
|
||||
description: An action group to use when an alert goes from an active state to an inactive one.
|
||||
type: object
|
||||
properties:
|
||||
id:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
rule_task_timeout:
|
||||
type: string
|
||||
example: 5m
|
||||
examples:
|
||||
getRuleTypesResponse:
|
||||
$ref: '#/components/examples/get_rule_types_response'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
/s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all:
|
||||
post:
|
||||
summary: Mute all alerts.
|
||||
summary: Mutes all alerts.
|
||||
operationId: muteAllAlerts
|
||||
description: |
|
||||
This API snoozes the notifications for the rule indefinitely. The rule checks continue to occur but alerts will not trigger any actions. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature.
|
||||
|
|
@ -248,13 +628,19 @@ paths:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
/s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all:
|
||||
post:
|
||||
summary: Unmute all alerts.
|
||||
summary: Unmutes all alerts.
|
||||
operationId: unmuteAllAlerts
|
||||
description: |
|
||||
If the rule has its notifications snoozed indefinitely, this API cancels the snooze. You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature.
|
||||
|
|
@ -267,13 +653,19 @@ paths:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute:
|
||||
post:
|
||||
summary: Mute an alert.
|
||||
summary: Mutes an alert.
|
||||
operationId: muteAlert
|
||||
description: |
|
||||
You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature.
|
||||
|
|
@ -287,13 +679,19 @@ paths:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute:
|
||||
post:
|
||||
summary: Unmute an alert.
|
||||
summary: Unmutes an alert.
|
||||
operationId: unmuteAlert
|
||||
description: |
|
||||
You must have `all` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rule. For example, the **Management > Stack Rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability**, and **Security** features. If the rule has actions, you must also have `read` privileges for the **Management > Actions and Connectors** feature.
|
||||
|
|
@ -307,6 +705,12 @@ paths:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/401_response'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
@ -539,6 +943,38 @@ components:
|
|||
description: The identifier for the user that updated this rule most recently.
|
||||
nullable: true
|
||||
example: elastic
|
||||
401_response:
|
||||
type: object
|
||||
title: Unsuccessful rule API response
|
||||
properties:
|
||||
error:
|
||||
type: string
|
||||
example: Unauthorized
|
||||
enum:
|
||||
- Unauthorized
|
||||
message:
|
||||
type: string
|
||||
statusCode:
|
||||
type: integer
|
||||
example: 401
|
||||
enum:
|
||||
- 401
|
||||
404_response:
|
||||
type: object
|
||||
properties:
|
||||
error:
|
||||
type: string
|
||||
example: Not Found
|
||||
enum:
|
||||
- Not Found
|
||||
message:
|
||||
type: string
|
||||
example: Saved object [alert/caaad6d0-920c-11ed-b36a-874bd1548a00] not found
|
||||
statusCode:
|
||||
type: integer
|
||||
example: 404
|
||||
enum:
|
||||
- 404
|
||||
update_rule_request:
|
||||
title: Update rule request
|
||||
description: The update rule API request body varies depending on the type of rule and actions.
|
||||
|
|
@ -770,6 +1206,114 @@ components:
|
|||
warning: null
|
||||
outcome: succeeded
|
||||
next_run: '2022-12-06T01:45:23.912Z'
|
||||
get_health_response:
|
||||
summary: Retrieve information about the health of the alerting framework.
|
||||
value:
|
||||
is_sufficiently_secure: true
|
||||
has_permanent_encryption_key: true
|
||||
alerting_framework_health:
|
||||
decryption_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
execution_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
read_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
alerting_framework_heath:
|
||||
_deprecated: This state property has a typo, use "alerting_framework_health" instead.
|
||||
decryption_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
execution_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
read_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
get_rule_types_response:
|
||||
summary: Retrieve rule types associated with Kibana machine learning features
|
||||
value:
|
||||
- id: xpack.ml.anomaly_detection_alert
|
||||
action_groups:
|
||||
- id: anomaly_score_match
|
||||
name: Anomaly score matched the condition
|
||||
- id: recovered
|
||||
name: Recovered
|
||||
action_variables:
|
||||
context:
|
||||
- name: timestamp
|
||||
description: The bucket timestamp of the anomaly
|
||||
- name: timestampIso8601
|
||||
description: The bucket time of the anomaly in ISO8601 format
|
||||
- name: jobIds
|
||||
description: List of job IDs that triggered the alert
|
||||
- name: message
|
||||
description: Alert info message
|
||||
- name: isInterim
|
||||
description: Indicate if top hits contain interim results
|
||||
- name: score
|
||||
description: Anomaly score at the time of the notification action
|
||||
- name: topRecords
|
||||
description: Top records
|
||||
- name: topInfluencers
|
||||
description: Top influencers
|
||||
- name: anomalyExplorerUrl
|
||||
description: URL to open in the Anomaly Explorer
|
||||
useWithTripleBracesInTemplates: true
|
||||
params: []
|
||||
state: []
|
||||
authorized_consumers:
|
||||
alerts:
|
||||
all: true
|
||||
read: true
|
||||
ml:
|
||||
all: true
|
||||
read: true
|
||||
default_action_group_id: anomaly_score_match
|
||||
does_set_recovery_context: true
|
||||
enabled_in_license: true
|
||||
is_exportable: true
|
||||
minimum_license_required: platinum
|
||||
name: Anomaly detection alert
|
||||
producer: ml
|
||||
recovery_action_group:
|
||||
id: recovered
|
||||
name: Recovered
|
||||
rule_task_timeout: 5m
|
||||
- id: xpack.ml.anomaly_detection_jobs_health
|
||||
action_groups:
|
||||
- id: anomaly_detection_realtime_issue
|
||||
name: Issue detected
|
||||
- id: recovered
|
||||
name: Recovered
|
||||
action_variables:
|
||||
context:
|
||||
- name: results
|
||||
description: Results of the rule execution
|
||||
- name: message
|
||||
description: Alert info message
|
||||
params: []
|
||||
state: []
|
||||
authorized_consumers:
|
||||
alerts:
|
||||
all: true
|
||||
read: true
|
||||
ml:
|
||||
all: true
|
||||
read: true
|
||||
default_action_group_id: anomaly_detection_realtime_issue
|
||||
does_set_recovery_context: true
|
||||
enabled_in_license: true
|
||||
is_exportable: true
|
||||
minimum_license_required: platinum
|
||||
name: Anomaly detection jobs health
|
||||
producer: ml
|
||||
recovery_action_group:
|
||||
id: recovered
|
||||
name: Recovered
|
||||
rule_task_timeout: 5m
|
||||
security:
|
||||
- basicAuth: []
|
||||
- apiKeyAuth: []
|
||||
|
|
|
|||
|
|
@ -0,0 +1,25 @@
|
|||
summary: Retrieve information about the health of the alerting framework.
|
||||
value:
|
||||
is_sufficiently_secure: true
|
||||
has_permanent_encryption_key: true
|
||||
alerting_framework_health:
|
||||
decryption_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
execution_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
read_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
alerting_framework_heath:
|
||||
_deprecated: "This state property has a typo, use \"alerting_framework_health\" instead."
|
||||
decryption_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
execution_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
read_health:
|
||||
status: ok
|
||||
timestamp: '2023-01-13T01:28:00.280Z'
|
||||
|
|
@ -0,0 +1,81 @@
|
|||
summary: Retrieve rule types associated with Kibana machine learning features
|
||||
value:
|
||||
- id: xpack.ml.anomaly_detection_alert
|
||||
action_groups:
|
||||
- id: anomaly_score_match
|
||||
name: Anomaly score matched the condition
|
||||
- id: recovered
|
||||
name: Recovered
|
||||
action_variables:
|
||||
context:
|
||||
- name: timestamp
|
||||
description: The bucket timestamp of the anomaly
|
||||
- name: timestampIso8601
|
||||
description: The bucket time of the anomaly in ISO8601 format
|
||||
- name: jobIds
|
||||
description: List of job IDs that triggered the alert
|
||||
- name: message
|
||||
description: Alert info message
|
||||
- name: isInterim
|
||||
description: Indicate if top hits contain interim results
|
||||
- name: score
|
||||
description: Anomaly score at the time of the notification action
|
||||
- name: topRecords
|
||||
description: Top records
|
||||
- name: topInfluencers
|
||||
description: Top influencers
|
||||
- name: anomalyExplorerUrl
|
||||
description: URL to open in the Anomaly Explorer
|
||||
useWithTripleBracesInTemplates: true
|
||||
params: []
|
||||
state: []
|
||||
authorized_consumers:
|
||||
alerts:
|
||||
all: true
|
||||
read: true
|
||||
ml:
|
||||
all: true
|
||||
read: true
|
||||
default_action_group_id: anomaly_score_match
|
||||
does_set_recovery_context: true
|
||||
enabled_in_license: true
|
||||
is_exportable: true
|
||||
minimum_license_required: platinum
|
||||
name: Anomaly detection alert
|
||||
producer: ml
|
||||
recovery_action_group:
|
||||
id: recovered
|
||||
name: Recovered
|
||||
rule_task_timeout: 5m
|
||||
- id: xpack.ml.anomaly_detection_jobs_health
|
||||
action_groups:
|
||||
- id: anomaly_detection_realtime_issue
|
||||
name: Issue detected
|
||||
- id: recovered
|
||||
name: Recovered
|
||||
action_variables:
|
||||
context:
|
||||
- name: results
|
||||
description: Results of the rule execution
|
||||
- name: message
|
||||
description: Alert info message
|
||||
params: []
|
||||
state: []
|
||||
authorized_consumers:
|
||||
alerts:
|
||||
all: true
|
||||
read: true
|
||||
ml:
|
||||
all: true
|
||||
read: true
|
||||
default_action_group_id: anomaly_detection_realtime_issue
|
||||
does_set_recovery_context: true
|
||||
enabled_in_license: true
|
||||
is_exportable: true
|
||||
minimum_license_required: platinum
|
||||
name: Anomaly detection jobs health
|
||||
producer: ml
|
||||
recovery_action_group:
|
||||
id: recovered
|
||||
name: Recovered
|
||||
rule_task_timeout: 5m
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
type: object
|
||||
title: Unsuccessful rule API response
|
||||
properties:
|
||||
error:
|
||||
type: string
|
||||
example: Unauthorized
|
||||
enum:
|
||||
- Unauthorized
|
||||
message:
|
||||
type: string
|
||||
statusCode:
|
||||
type: integer
|
||||
example: 401
|
||||
enum:
|
||||
- 401
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
type: object
|
||||
properties:
|
||||
error:
|
||||
type: string
|
||||
example: Not Found
|
||||
enum:
|
||||
- Not Found
|
||||
message:
|
||||
type: string
|
||||
example: "Saved object [alert/caaad6d0-920c-11ed-b36a-874bd1548a00] not found"
|
||||
statusCode:
|
||||
type: integer
|
||||
example: 404
|
||||
enum:
|
||||
- 404
|
||||
|
|
@ -23,10 +23,10 @@ paths:
|
|||
$ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@_enable.yaml'
|
||||
'/s/{spaceId}/api/alerting/rules/_find':
|
||||
$ref: 'paths/s@{spaceid}@api@alerting@rules@_find.yaml'
|
||||
# '/s/{spaceId}/api/alerting/_health':
|
||||
# $ref: paths/s@{spaceid}@api@alerting@_health.yaml
|
||||
# '/s/{spaceId}/api/alerting/rule_types':
|
||||
# $ref: 'paths/s@{spaceid}@api@alerting@rule_types.yaml'
|
||||
'/s/{spaceId}/api/alerting/_health':
|
||||
$ref: paths/s@{spaceid}@api@alerting@_health.yaml
|
||||
'/s/{spaceId}/api/alerting/rule_types':
|
||||
$ref: 'paths/s@{spaceid}@api@alerting@rule_types.yaml'
|
||||
'/s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all':
|
||||
$ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@_mute_all.yaml'
|
||||
'/s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all':
|
||||
|
|
|
|||
|
|
@ -0,0 +1,126 @@
|
|||
get:
|
||||
summary: Retrieves the health status of the alerting framework.
|
||||
operationId: getAlertingHealth
|
||||
description: >
|
||||
You must have `read` privileges for the **Management > Stack Rules** feature
|
||||
or for at least one of the **Analytics > Discover**,
|
||||
**Analytics > Machine Learning**, **Observability**, or **Security** features.
|
||||
tags:
|
||||
- alerting
|
||||
parameters:
|
||||
- $ref: '../components/parameters/space_id.yaml'
|
||||
responses:
|
||||
'200':
|
||||
description: Indicates a successful call.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
alerting_framework_heath:
|
||||
type: object
|
||||
description: This property has a typo. Use `alerting_framework_health` instead.
|
||||
deprecated: true
|
||||
properties:
|
||||
_deprecated:
|
||||
type: string
|
||||
example: "This state property has a typo, use \"alerting_framework_health\" instead."
|
||||
decryption_health:
|
||||
type: object
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: "2023-01-13T01:28:00.280Z"
|
||||
execution_health:
|
||||
type: object
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: "2023-01-13T01:28:00.280Z"
|
||||
read_health:
|
||||
type: object
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: "2023-01-13T01:28:00.280Z"
|
||||
alerting_framework_health:
|
||||
type: object
|
||||
description: >
|
||||
Three substates identify the health of the alerting framework: `decryption_health`, `execution_health`, and `read_health`.
|
||||
properties:
|
||||
decryption_health:
|
||||
type: object
|
||||
description: The timestamp and status of the rule decryption.
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
enum:
|
||||
- error
|
||||
- ok
|
||||
- warn
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: "2023-01-13T01:28:00.280Z"
|
||||
execution_health:
|
||||
type: object
|
||||
description: The timestamp and status of the rule run.
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
enum:
|
||||
- error
|
||||
- ok
|
||||
- warn
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: "2023-01-13T01:28:00.280Z"
|
||||
read_health:
|
||||
type: object
|
||||
description: The timestamp and status of the rule reading events.
|
||||
properties:
|
||||
status:
|
||||
type: string
|
||||
example: ok
|
||||
enum:
|
||||
- error
|
||||
- ok
|
||||
- warn
|
||||
timestamp:
|
||||
type: string
|
||||
format: date-time
|
||||
example: "2023-01-13T01:28:00.280Z"
|
||||
has_permanent_encryption_key:
|
||||
type: boolean
|
||||
description: If `false`, the encrypted saved object plugin does not have a permanent encryption key.
|
||||
example: true
|
||||
is_sufficiently_secure:
|
||||
type: boolean
|
||||
description: If `false`, security is enabled but TLS is not.
|
||||
example: true
|
||||
examples:
|
||||
getAlertingHealthResponse:
|
||||
$ref: '../components/examples/get_health_response.yaml'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
get:
|
||||
summary: Retrieve a rule by its identifier.
|
||||
summary: Retrieves a rule by its identifier.
|
||||
operationId: getRule
|
||||
description: >
|
||||
You must have `read` privileges for the appropriate Kibana features,
|
||||
|
|
@ -21,8 +21,22 @@ get:
|
|||
schema:
|
||||
$ref: '../components/schemas/rule_response_properties.yaml'
|
||||
examples:
|
||||
updateRuleResponse:
|
||||
getRuleResponse:
|
||||
$ref: '../components/examples/get_rule_response.yaml'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/404_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
|
||||
delete:
|
||||
summary: Deletes a rule.
|
||||
|
|
@ -42,6 +56,18 @@ delete:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/404_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
|
||||
|
|
@ -88,6 +114,18 @@ put:
|
|||
examples:
|
||||
updateRuleResponse:
|
||||
$ref: '../components/examples/update_rule_response.yaml'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/404_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
post:
|
||||
summary: Disable a rule.
|
||||
summary: Disables a rule.
|
||||
operationId: disableRule
|
||||
description: >
|
||||
You must have `all` privileges for the appropriate Kibana features,
|
||||
|
|
@ -15,6 +15,18 @@ post:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/404_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
post:
|
||||
summary: Enable a rule.
|
||||
summary: Enables a rule.
|
||||
operationId: enableRule
|
||||
description: >
|
||||
This API supports token-based authentication only.
|
||||
|
|
@ -16,6 +16,18 @@ post:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
'404':
|
||||
description: Object is not found.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
post:
|
||||
summary: Mute all alerts.
|
||||
summary: Mutes all alerts.
|
||||
operationId: muteAllAlerts
|
||||
description: >
|
||||
This API snoozes the notifications for the rule indefinitely. The rule
|
||||
|
|
@ -19,6 +19,12 @@ post:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
post:
|
||||
summary: Unmute all alerts.
|
||||
summary: Unmutes all alerts.
|
||||
operationId: unmuteAllAlerts
|
||||
description: >
|
||||
If the rule has its notifications snoozed indefinitely, this API cancels the snooze.
|
||||
|
|
@ -18,6 +18,12 @@ post:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
post:
|
||||
summary: Mute an alert.
|
||||
summary: Mutes an alert.
|
||||
operationId: muteAlert
|
||||
description: >
|
||||
You must have `all` privileges for the appropriate Kibana features,
|
||||
|
|
@ -18,6 +18,12 @@ post:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
post:
|
||||
summary: Unmute an alert.
|
||||
summary: Unmutes an alert.
|
||||
operationId: unmuteAlert
|
||||
description: >
|
||||
You must have `all` privileges for the appropriate Kibana features,
|
||||
|
|
@ -18,6 +18,12 @@ post:
|
|||
responses:
|
||||
'204':
|
||||
description: Indicates a successful call.
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,198 @@
|
|||
get:
|
||||
summary: Retrieves a list of rule types.
|
||||
operationId: getRuleTypes
|
||||
description: >
|
||||
If you have `read` privileges for one or more Kibana features, the API
|
||||
response contains information about the appropriate rule types. For example,
|
||||
there are rule types associated with the **Management > Stack Rules** feature,
|
||||
**Analytics > Discover** and **Machine Learning** features, **Observability**
|
||||
features, and **Security** features. To get rule types associated with the
|
||||
**Stack Monitoring** feature, use the `monitoring_user` built-in role.
|
||||
tags:
|
||||
- alerting
|
||||
parameters:
|
||||
- $ref: '../components/parameters/space_id.yaml'
|
||||
responses:
|
||||
'200':
|
||||
description: Indicates a successful call.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
action_groups:
|
||||
description: >
|
||||
An explicit list of groups for which the rule type can
|
||||
schedule actions, each with the action group's unique ID and
|
||||
human readable name. Rule actions validation uses this
|
||||
configuration to ensure that groups are valid.
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
id:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
action_variables:
|
||||
description: >
|
||||
A list of action variables that the rule type makes available
|
||||
via context and state in action parameter templates, and a
|
||||
short human readable description. When you create a rule in
|
||||
Kibana, it uses this information to prompt you for these
|
||||
variables in action parameter editors.
|
||||
type: object
|
||||
properties:
|
||||
context:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
description:
|
||||
type: string
|
||||
useWithTripleBracesInTemplates:
|
||||
type: boolean
|
||||
params:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
description:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
state:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
description:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
authorized_consumers:
|
||||
description: The list of the plugins IDs that have access to the rule type.
|
||||
type: object
|
||||
properties:
|
||||
alerts:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
apm:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
discover:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
infrastructure:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
logs:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
ml:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
monitoring:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
siem:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
stackAlerts:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
uptime:
|
||||
type: object
|
||||
properties:
|
||||
all:
|
||||
type: boolean
|
||||
read:
|
||||
type: boolean
|
||||
default_action_group_id:
|
||||
description: The default identifier for the rule type group.
|
||||
type: string
|
||||
does_set_recovery_context:
|
||||
description: Indicates whether the rule passes context variables to its recovery action.
|
||||
type: boolean
|
||||
enabled_in_license:
|
||||
description: Indicates whether the rule type is enabled or disabled based on the subscription.
|
||||
type: boolean
|
||||
id:
|
||||
description: The unique identifier for the rule type.
|
||||
type: string
|
||||
is_exportable:
|
||||
description: Indicates whether the rule type is exportable in **Stack Management > Saved Objects**.
|
||||
type: boolean
|
||||
minimum_license_required:
|
||||
description: The subscriptions required to use the rule type.
|
||||
type: string
|
||||
example: basic
|
||||
name:
|
||||
description: The descriptive name of the rule type.
|
||||
type: string
|
||||
producer:
|
||||
description: An identifier for the application that produces this rule type.
|
||||
type: string
|
||||
example: stackAlerts
|
||||
recovery_action_group:
|
||||
description: An action group to use when an alert goes from an active state to an inactive one.
|
||||
type: object
|
||||
properties:
|
||||
id:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
rule_task_timeout:
|
||||
type: string
|
||||
example: 5m
|
||||
examples:
|
||||
getRuleTypesResponse:
|
||||
$ref: '../components/examples/get_rule_types_response.yaml'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
|
|
@ -113,6 +113,12 @@ get:
|
|||
examples:
|
||||
findRulesResponse:
|
||||
$ref: '../components/examples/find_rules_response.yaml'
|
||||
'401':
|
||||
description: Authorization information is missing or invalid.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '../components/schemas/401_response.yaml'
|
||||
servers:
|
||||
- url: https://localhost:5601
|
||||
servers:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue