mirror of
https://github.com/elastic/kibana.git
synced 2025-06-28 11:05:39 -04:00
dd221a7be1
Fix https://github.com/elastic/kibana/issues/191534 The deprecation warning in the Kibana Saved Objects API main page was removed in https://github.com/elastic/kibana/pull/190654. This PR adds a section about when the APIs will be removed and what to use instead. The PR also includes updates to other API main pages that mention the SO APIs. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials VIew the [html diff](https://kibana_bk_191693.docs-preview.app.elstc.co/diff) for these changes:   The updated OpenAPI document looks like this in a Bump.sh preview:  --------- Co-authored-by: lcawl <lcawley@elastic.co>
41 lines
2.4 KiB
Text
41 lines
2.4 KiB
Text
[[osquery-manager-api]]
|
|
== Osquery manager API
|
|
|
|
experimental[] Run live queries, manage packs and saved queries
|
|
|
|
Use the osquery manager APIs for managing packs and saved queries.
|
|
|
|
The following osquery manager APIs are available:
|
|
|
|
* Live queries
|
|
** <<osquery-manager-live-queries-api-get-all, Get all live queries API>> to retrieve a list of live queries
|
|
** <<osquery-manager-live-queries-api-get, Get live query API>> to retrieve a single live query
|
|
** <<osquery-manager-live-queries-api-create, Create live query API>> to create a live query
|
|
** <<osquery-manager-live-queries-api-get-results, Get live query results API>> to retrieve the results of a single live query
|
|
* Packs
|
|
** <<osquery-manager-packs-api-get-all, Get all packs API>> to retrieve a list of packs
|
|
** <<osquery-manager-packs-api-get, Get pack API>> to retrieve a pack
|
|
** <<osquery-manager-packs-api-create, Create pack API>> to create a pack
|
|
** <<osquery-manager-packs-api-update, Update pack API>> to partially update an existing pack
|
|
** <<osquery-manager-packs-api-delete, Delete pack API>> to delete a pack
|
|
* Saved queries
|
|
** <<osquery-manager-saved-queries-api-get-all, Get all saved queries API>> to retrieve a list of saved queries
|
|
** <<osquery-manager-saved-queries-api-get, Get saved query API>> to retrieve a saved query
|
|
** <<osquery-manager-saved-queries-api-create, Create saved query API>> to create a saved query
|
|
** <<osquery-manager-saved-queries-api-update, Update saved query API>> to partially update an existing saved query
|
|
** <<osquery-manager-saved-queries-api-delete, Delete saved query API>> to delete a saved query
|
|
|
|
include::osquery-manager/live-queries/get.asciidoc[]
|
|
include::osquery-manager/live-queries/get-all.asciidoc[]
|
|
include::osquery-manager/live-queries/get-results.asciidoc[]
|
|
include::osquery-manager/live-queries/create.asciidoc[]
|
|
include::osquery-manager/packs/get.asciidoc[]
|
|
include::osquery-manager/packs/get-all.asciidoc[]
|
|
include::osquery-manager/packs/create.asciidoc[]
|
|
include::osquery-manager/packs/update.asciidoc[]
|
|
include::osquery-manager/packs/delete.asciidoc[]
|
|
include::osquery-manager/saved-queries/get.asciidoc[]
|
|
include::osquery-manager/saved-queries/get-all.asciidoc[]
|
|
include::osquery-manager/saved-queries/create.asciidoc[]
|
|
include::osquery-manager/saved-queries/update.asciidoc[]
|
|
include::osquery-manager/saved-queries/delete.asciidoc[]
|