github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-28 11:05:39 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs/api/osquery-manager/packs/update.asciidoc
natasha-moore-elastic 0215ed3a0f
[DOCS] Adds shards object to Create pack and Update pack API (#166363) 
## Summary

- Resolves https://github.com/elastic/security-docs/issues/3822 

Adds the `shards` object schema definition to Create pack and Update
pack API, and to the Create pack request example.

- Related dev PR: https://github.com/elastic/kibana/pull/166178
2023-09-18 14:55:57 +01:00

76 lines
1.7 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[[osquery-manager-packs-api-update]]
=== Update pack API
++++
<titleabbrev>Update pack</titleabbrev>
++++
experimental[] Update packs.
WARNING: You are unable to update a prebuilt pack (`read_only = true`).
[[osquery-manager-packs-api-update-request]]
==== Request
`PUT <kibana host>:<port>/api/osquery/packs/<id>`
`PUT <kibana host>:<port>/s/<space_id>/api/osquery/packs/<id>`
[[osquery-manager-packs-api-update-path-params]]
==== Path parameters
`space_id`::
(Optional, string) The space identifier. When `space_id` is not provided in the URL, the default space is used.
`id`::
(Required, string) The ID of the pack you want to update.
[[osquery-manager-packs-api-update-body-params]]
==== Request body
`name`:: (Optional, string) The pack name.
`description`:: (Optional, string) The pack description.
`enabled`:: (Optional, boolean) Enables the pack.
`policy_ids`:: (Optional, array) A list of agent policy IDs.
`shards`:: (Optional, object) An object with shard configuration for policies included in the pack. For each policy, set the shard configuration to a percentage (1100) of target hosts.
`queries`:: (Required, object) An object of queries.
[[osquery-manager-packs-api-update-request-codes]]
==== Response code
`200`::
Indicates a successful call.
[[osquery-manager-packs-api-update-example]]
==== Examples
Update a name of the <my_pack> pack:
[source,sh]
--------------------------------------------------
$ curl -X PUT api/osquery/packs/<id> \
{
"name": "updated_my_pack_name",
}
--------------------------------------------------
// KIBANA
The API returns the pack saved object:
[source,sh]
--------------------------------------------------
{
"data": {...}
}
--------------------------------------------------
Reference in a new issue View git blame Copy permalink