github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts
Tiago Vila Verde cd964f1229
[Security Solution][Entity Analytics] APIs for Entity Store engine (#191986) 
This PR introduces the following API routes for setting up Entity Store
"engines":

<meta charset="utf-8"><b style="font-weight:normal;"
id="docs-internal-guid-9410c5d7-7fff-e873-6830-887939a306fb"><div
dir="ltr" style="margin-left:-0.75pt;" align="left">
Initialise Engine | POST /api/entity_store/engines/<entity_type>/init
-- | --
Start Engine | POST /api/entity_store/engines/<entity_type>/start
Stop Engine | POST /api/entity_store/engines/<entity_type>/stop
Delete Engine | DELETE /api/entity_store/engines/<entity_type>
Get engine | GET  /api/entity_store/engines/<entity_type>
List Engines | GET /api/entity_store/engines

</div></b>

The PR includes the following:
- Adding the `EntityManager` plugin (see elastic/obs-entities) as a
dependency of the Security Solution
 - The OpenAPI schemas for the new routes
 - The actual Kibana side endpoints
 - A `Saved Object` to track the installed engines
 - A new `EntityStoreDataClient`
 - A new feature flag `entityStoreEngineRoutesEnabled` 
 

### How to test

1. Add some host/user data
* Easiest is to use
[elastic/security-data-generator](https://github.com/elastic/security-documents-generator)
2. Make sure to add `entityStoreEngineRoutesEnabled` under
`xpack.securitySolution.enableExperimental` in your `kibana.dev.yml`
3. In kibana dev tools or your terminal, call the `INIT` route for
either `user` or `host`.
4. You should now see 2 transforms in kibana. Make sure to re-trigger
them if needed so they process the documents.
5. Check that new entities have been observed by querying the new
entities index via:
    *  `GET .entities.v1.latest.ea*/_search`
6. Check the other endpoints are working (`START`, `STOP`, `LIST`, etc)
7. Calling `DELETE` should remove the transforms



Implements https://github.com/elastic/security-team/issues/10230

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
2024-09-16 16:15:10 +01:00

2132 lines
74 KiB
TypeScript
Raw Blame History

/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: API client for quickstart
* version: Bundle (no version)
*/
import type { KbnClient } from '@kbn/test';
import type { ToolingLog } from '@kbn/tooling-log';
import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common';
import { replaceParams } from '@kbn/openapi-common/shared';
import { catchAxiosErrorFormatAndThrow } from '@kbn/securitysolution-utils';
import type { SetAlertAssigneesRequestBodyInput } from './detection_engine/alert_assignees/set_alert_assignees_route.gen';
import type {
SetAlertTagsRequestBodyInput,
SetAlertTagsResponse,
} from './detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen';
import type { CreateAlertsIndexResponse } from './detection_engine/index_management/create_index/create_index.gen';
import type { DeleteAlertsIndexResponse } from './detection_engine/index_management/delete_index/delete_index.gen';
import type { ReadAlertsIndexResponse } from './detection_engine/index_management/read_index/read_index.gen';
import type { ReadPrivilegesResponse } from './detection_engine/index_management/read_privileges/read_privileges.gen';
import type { BootstrapPrebuiltRulesResponse } from './detection_engine/prebuilt_rules/bootstrap_prebuilt_rules/bootstrap_prebuilt_rules.gen';
import type { InstallPrebuiltRulesAndTimelinesResponse } from './detection_engine/prebuilt_rules/install_prebuilt_rules_and_timelines/install_prebuilt_rules_and_timelines_route.gen';
import type { ReadPrebuiltRulesAndTimelinesStatusResponse } from './detection_engine/prebuilt_rules/read_prebuilt_rules_and_timelines_status/read_prebuilt_rules_and_timelines_status_route.gen';
import type {
PerformRulesBulkActionRequestQueryInput,
PerformRulesBulkActionRequestBodyInput,
PerformRulesBulkActionResponse,
} from './detection_engine/rule_management/bulk_actions/bulk_actions_route.gen';
import type {
BulkCreateRulesRequestBodyInput,
BulkCreateRulesResponse,
} from './detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.gen';
import type {
BulkDeleteRulesRequestBodyInput,
BulkDeleteRulesResponse,
BulkDeleteRulesPostRequestBodyInput,
BulkDeleteRulesPostResponse,
} from './detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.gen';
import type {
BulkPatchRulesRequestBodyInput,
BulkPatchRulesResponse,
} from './detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.gen';
import type {
BulkUpdateRulesRequestBodyInput,
BulkUpdateRulesResponse,
} from './detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.gen';
import type {
CreateRuleRequestBodyInput,
CreateRuleResponse,
} from './detection_engine/rule_management/crud/create_rule/create_rule_route.gen';
import type {
DeleteRuleRequestQueryInput,
DeleteRuleResponse,
} from './detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen';
import type {
PatchRuleRequestBodyInput,
PatchRuleResponse,
} from './detection_engine/rule_management/crud/patch_rule/patch_rule_route.gen';
import type {
ReadRuleRequestQueryInput,
ReadRuleResponse,
} from './detection_engine/rule_management/crud/read_rule/read_rule_route.gen';
import type {
UpdateRuleRequestBodyInput,
UpdateRuleResponse,
} from './detection_engine/rule_management/crud/update_rule/update_rule_route.gen';
import type {
ExportRulesRequestQueryInput,
ExportRulesRequestBodyInput,
} from './detection_engine/rule_management/export_rules/export_rules_route.gen';
import type {
FindRulesRequestQueryInput,
FindRulesResponse,
} from './detection_engine/rule_management/find_rules/find_rules_route.gen';
import type {
ImportRulesRequestQueryInput,
ImportRulesResponse,
} from './detection_engine/rule_management/import_rules/import_rules_route.gen';
import type { ReadTagsResponse } from './detection_engine/rule_management/read_tags/read_tags_route.gen';
import type {
GetRuleExecutionEventsRequestQueryInput,
GetRuleExecutionEventsRequestParamsInput,
GetRuleExecutionEventsResponse,
} from './detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_events/get_rule_execution_events_route.gen';
import type {
GetRuleExecutionResultsRequestQueryInput,
GetRuleExecutionResultsRequestParamsInput,
GetRuleExecutionResultsResponse,
} from './detection_engine/rule_monitoring/rule_execution_logs/get_rule_execution_results/get_rule_execution_results_route.gen';
import type {
RulePreviewRequestBodyInput,
RulePreviewResponse,
} from './detection_engine/rule_preview/rule_preview.gen';
import type {
CreateAlertsMigrationRequestBodyInput,
CreateAlertsMigrationResponse,
} from './detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen';
import type {
AlertsMigrationCleanupRequestBodyInput,
AlertsMigrationCleanupResponse,
} from './detection_engine/signals_migration/delete_signals_migration/delete_signals_migration.gen';
import type {
FinalizeAlertsMigrationRequestBodyInput,
FinalizeAlertsMigrationResponse,
} from './detection_engine/signals_migration/finalize_signals_migration/finalize_signals_migration.gen';
import type {
ReadAlertsMigrationStatusRequestQueryInput,
ReadAlertsMigrationStatusResponse,
} from './detection_engine/signals_migration/read_signals_migration_status/read_signals_migration_status.gen';
import type {
SearchAlertsRequestBodyInput,
SearchAlertsResponse,
} from './detection_engine/signals/query_signals/query_signals_route.gen';
import type {
SetAlertsStatusRequestBodyInput,
SetAlertsStatusResponse,
} from './detection_engine/signals/set_signal_status/set_signals_status_route.gen';
import type { SuggestUserProfilesRequestQueryInput } from './detection_engine/users/suggest_user_profiles_route.gen';
import type {
EndpointGetActionsDetailsRequestParamsInput,
EndpointGetActionsDetailsResponse,
} from './endpoint/actions/details/details.gen';
import type {
EndpointFileDownloadRequestParamsInput,
EndpointFileDownloadResponse,
} from './endpoint/actions/file_download/file_download.gen';
import type {
EndpointFileInfoRequestParamsInput,
EndpointFileInfoResponse,
} from './endpoint/actions/file_info/file_info.gen';
import type {
EndpointGetActionsListRequestQueryInput,
EndpointGetActionsListResponse,
} from './endpoint/actions/list/list.gen';
import type {
EndpointExecuteActionRequestBodyInput,
EndpointExecuteActionResponse,
} from './endpoint/actions/response_actions/execute/execute.gen';
import type {
EndpointGetFileActionRequestBodyInput,
EndpointGetFileActionResponse,
} from './endpoint/actions/response_actions/get_file/get_file.gen';
import type {
EndpointIsolateRedirectRequestBodyInput,
EndpointIsolateRedirectResponse,
} from './endpoint/actions/response_actions/isolate/deprecated_isolate.gen';
import type {
EndpointIsolateActionRequestBodyInput,
EndpointIsolateActionResponse,
} from './endpoint/actions/response_actions/isolate/isolate.gen';
import type {
EndpointKillProcessActionRequestBodyInput,
EndpointKillProcessActionResponse,
} from './endpoint/actions/response_actions/kill_process/kill_process.gen';
import type {
EndpointGetProcessesActionRequestBodyInput,
EndpointGetProcessesActionResponse,
} from './endpoint/actions/response_actions/running_procs/running_procs.gen';
import type {
EndpointScanActionRequestBodyInput,
EndpointScanActionResponse,
} from './endpoint/actions/response_actions/scan/scan.gen';
import type {
EndpointSuspendProcessActionRequestBodyInput,
EndpointSuspendProcessActionResponse,
} from './endpoint/actions/response_actions/suspend_process/suspend_process.gen';
import type {
EndpointUnisolateRedirectRequestBodyInput,
EndpointUnisolateRedirectResponse,
} from './endpoint/actions/response_actions/unisolate/deprecated_unisolate.gen';
import type {
EndpointUnisolateActionRequestBodyInput,
EndpointUnisolateActionResponse,
} from './endpoint/actions/response_actions/unisolate/unisolate.gen';
import type {
EndpointUploadActionRequestBodyInput,
EndpointUploadActionResponse,
} from './endpoint/actions/response_actions/upload/upload.gen';
import type { EndpointGetActionsStateResponse } from './endpoint/actions/state/state.gen';
import type {
EndpointGetActionsStatusRequestQueryInput,
EndpointGetActionsStatusResponse,
} from './endpoint/actions/status/status.gen';
import type {
GetEndpointMetadataListRequestQueryInput,
GetEndpointMetadataListResponse,
} from './endpoint/metadata/get_metadata.gen';
import type {
GetAgentPolicySummaryRequestQueryInput,
GetAgentPolicySummaryResponse,
} from './endpoint/policy/deprecated_agent_policy_summary.gen';
import type {
GetPolicyResponseRequestQueryInput,
GetPolicyResponseResponse,
} from './endpoint/policy/policy_response.gen';
import type {
CreateUpdateProtectionUpdatesNoteRequestParamsInput,
CreateUpdateProtectionUpdatesNoteRequestBodyInput,
CreateUpdateProtectionUpdatesNoteResponse,
GetProtectionUpdatesNoteRequestParamsInput,
GetProtectionUpdatesNoteResponse,
} from './endpoint/protection_updates_note/protection_updates_note.gen';
import type {
GetEndpointSuggestionsRequestParamsInput,
GetEndpointSuggestionsRequestBodyInput,
GetEndpointSuggestionsResponse,
} from './endpoint/suggestions/get_suggestions.gen';
import type {
BulkUpsertAssetCriticalityRecordsRequestBodyInput,
BulkUpsertAssetCriticalityRecordsResponse,
} from './entity_analytics/asset_criticality/bulk_upload_asset_criticality.gen';
import type {
CreateAssetCriticalityRecordRequestBodyInput,
CreateAssetCriticalityRecordResponse,
} from './entity_analytics/asset_criticality/create_asset_criticality.gen';
import type {
DeleteAssetCriticalityRecordRequestQueryInput,
DeleteAssetCriticalityRecordResponse,
} from './entity_analytics/asset_criticality/delete_asset_criticality.gen';
import type { AssetCriticalityGetPrivilegesResponse } from './entity_analytics/asset_criticality/get_asset_criticality_privileges.gen';
import type { GetAssetCriticalityStatusResponse } from './entity_analytics/asset_criticality/get_asset_criticality_status.gen';
import type {
GetAssetCriticalityRecordRequestQueryInput,
GetAssetCriticalityRecordResponse,
} from './entity_analytics/asset_criticality/get_asset_criticality.gen';
import type {
FindAssetCriticalityRecordsRequestQueryInput,
FindAssetCriticalityRecordsResponse,
} from './entity_analytics/asset_criticality/list_asset_criticality.gen';
import type {
InternalUploadAssetCriticalityRecordsResponse,
UploadAssetCriticalityRecordsResponse,
} from './entity_analytics/asset_criticality/upload_asset_criticality_csv.gen';
import type {
DeleteEntityStoreRequestQueryInput,
DeleteEntityStoreRequestParamsInput,
DeleteEntityStoreResponse,
} from './entity_analytics/entity_store/engine/delete.gen';
import type {
GetEntityStoreEngineRequestParamsInput,
GetEntityStoreEngineResponse,
} from './entity_analytics/entity_store/engine/get.gen';
import type {
InitEntityStoreRequestParamsInput,
InitEntityStoreRequestBodyInput,
InitEntityStoreResponse,
} from './entity_analytics/entity_store/engine/init.gen';
import type { ListEntityStoreEnginesResponse } from './entity_analytics/entity_store/engine/list.gen';
import type {
StartEntityStoreRequestParamsInput,
StartEntityStoreResponse,
} from './entity_analytics/entity_store/engine/start.gen';
import type {
GetEntityStoreStatsRequestParamsInput,
GetEntityStoreStatsResponse,
} from './entity_analytics/entity_store/engine/stats.gen';
import type {
StopEntityStoreRequestParamsInput,
StopEntityStoreResponse,
} from './entity_analytics/entity_store/engine/stop.gen';
import type { DisableRiskEngineResponse } from './entity_analytics/risk_engine/engine_disable_route.gen';
import type { EnableRiskEngineResponse } from './entity_analytics/risk_engine/engine_enable_route.gen';
import type { InitRiskEngineResponse } from './entity_analytics/risk_engine/engine_init_route.gen';
import type { ScheduleRiskEngineNowResponse } from './entity_analytics/risk_engine/engine_schedule_now_route.gen';
import type { ReadRiskEngineSettingsResponse } from './entity_analytics/risk_engine/engine_settings_route.gen';
import type { GetRiskEngineStatusResponse } from './entity_analytics/risk_engine/engine_status_route.gen';
import type {
DeprecatedTriggerRiskScoreCalculationRequestBodyInput,
DeprecatedTriggerRiskScoreCalculationResponse,
TriggerRiskScoreCalculationRequestBodyInput,
TriggerRiskScoreCalculationResponse,
} from './entity_analytics/risk_engine/entity_calculation_route.gen';
import type { RiskEngineGetPrivilegesResponse } from './entity_analytics/risk_engine/get_risk_engine_privileges.gen';
import type {
PreviewRiskScoreRequestBodyInput,
PreviewRiskScoreResponse,
} from './entity_analytics/risk_engine/preview_route.gen';
import type {
CleanDraftTimelinesRequestBodyInput,
CleanDraftTimelinesResponse,
} from './timeline/clean_draft_timelines/clean_draft_timelines_route.gen';
import type {
CreateTimelinesRequestBodyInput,
CreateTimelinesResponse,
} from './timeline/create_timelines/create_timelines_route.gen';
import type {
DeleteNoteRequestBodyInput,
DeleteNoteResponse,
} from './timeline/delete_note/delete_note_route.gen';
import type {
DeleteTimelinesRequestBodyInput,
DeleteTimelinesResponse,
} from './timeline/delete_timelines/delete_timelines_route.gen';
import type {
ExportTimelinesRequestQueryInput,
ExportTimelinesRequestBodyInput,
} from './timeline/export_timelines/export_timelines_route.gen';
import type {
GetDraftTimelinesRequestQueryInput,
GetDraftTimelinesResponse,
} from './timeline/get_draft_timelines/get_draft_timelines_route.gen';
import type { GetNotesRequestQueryInput } from './timeline/get_notes/get_notes_route.gen';
import type {
GetTimelineRequestQueryInput,
GetTimelineResponse,
} from './timeline/get_timeline/get_timeline_route.gen';
import type {
GetTimelinesRequestQueryInput,
GetTimelinesResponse,
} from './timeline/get_timelines/get_timelines_route.gen';
import type {
ImportTimelinesRequestBodyInput,
ImportTimelinesResponse,
} from './timeline/import_timelines/import_timelines_route.gen';
import type {
InstallPrepackedTimelinesRequestBodyInput,
InstallPrepackedTimelinesResponse,
} from './timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen';
import type {
PatchTimelineRequestBodyInput,
PatchTimelineResponse,
} from './timeline/patch_timelines/patch_timeline_route.gen';
import type {
PersistFavoriteRouteRequestBodyInput,
PersistFavoriteRouteResponse,
} from './timeline/persist_favorite/persist_favorite_route.gen';
import type {
PersistNoteRouteRequestBodyInput,
PersistNoteRouteResponse,
} from './timeline/persist_note/persist_note_route.gen';
import type {
PersistPinnedEventRouteRequestBodyInput,
PersistPinnedEventRouteResponse,
} from './timeline/pinned_events/pinned_events_route.gen';
import type {
ResolveTimelineRequestQueryInput,
ResolveTimelineResponse,
} from './timeline/resolve_timeline/resolve_timeline_route.gen';
export interface ClientOptions {
kbnClient: KbnClient;
log: ToolingLog;
}
export class Client {
readonly kbnClient: KbnClient;
readonly log: ToolingLog;
constructor(options: ClientOptions) {
this.kbnClient = options.kbnClient;
this.log = options.log;
}
/**
* Migrations favor data integrity over shard size. Consequently, unused or orphaned indices are artifacts of
the migration process. A successful migration will result in both the old and new indices being present.
As such, the old, orphaned index can (and likely should) be deleted.
While you can delete these indices manually,
the endpoint accomplishes this task by applying a deletion policy to the relevant index, causing it to be deleted
after 30 days. It also deletes other artifacts specific to the migration implementation.
*/
async alertsMigrationCleanup(props: AlertsMigrationCleanupProps) {
this.log.info(`${new Date().toISOString()} Calling API AlertsMigrationCleanup`);
return this.kbnClient
.request<AlertsMigrationCleanupResponse>({
path: '/api/detection_engine/signals/migration',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'DELETE',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async assetCriticalityGetPrivileges() {
this.log.info(`${new Date().toISOString()} Calling API AssetCriticalityGetPrivileges`);
return this.kbnClient
.request<AssetCriticalityGetPrivilegesResponse>({
path: '/internal/asset_criticality/privileges',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Ensures that the packages needed for prebuilt detection rules to work are installed and up to date
*/
async bootstrapPrebuiltRules() {
this.log.info(`${new Date().toISOString()} Calling API BootstrapPrebuiltRules`);
return this.kbnClient
.request<BootstrapPrebuiltRulesResponse>({
path: '/internal/detection_engine/prebuilt_rules/_bootstrap',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Create new detection rules in bulk.
*/
async bulkCreateRules(props: BulkCreateRulesProps) {
this.log.info(`${new Date().toISOString()} Calling API BulkCreateRules`);
return this.kbnClient
.request<BulkCreateRulesResponse>({
path: '/api/detection_engine/rules/_bulk_create',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Delete detection rules in bulk.
*/
async bulkDeleteRules(props: BulkDeleteRulesProps) {
this.log.info(`${new Date().toISOString()} Calling API BulkDeleteRules`);
return this.kbnClient
.request<BulkDeleteRulesResponse>({
path: '/api/detection_engine/rules/_bulk_delete',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'DELETE',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Deletes multiple rules.
*/
async bulkDeleteRulesPost(props: BulkDeleteRulesPostProps) {
this.log.info(`${new Date().toISOString()} Calling API BulkDeleteRulesPost`);
return this.kbnClient
.request<BulkDeleteRulesPostResponse>({
path: '/api/detection_engine/rules/_bulk_delete',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Update specific fields of existing detection rules using the `rule_id` or `id` field.
*/
async bulkPatchRules(props: BulkPatchRulesProps) {
this.log.info(`${new Date().toISOString()} Calling API BulkPatchRules`);
return this.kbnClient
.request<BulkPatchRulesResponse>({
path: '/api/detection_engine/rules/_bulk_update',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PATCH',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Update multiple detection rules using the `rule_id` or `id` field. The original rules are replaced, and all unspecified fields are deleted.
> info
> You cannot modify the `id` or `rule_id` values.
*/
async bulkUpdateRules(props: BulkUpdateRulesProps) {
this.log.info(`${new Date().toISOString()} Calling API BulkUpdateRules`);
return this.kbnClient
.request<BulkUpdateRulesResponse>({
path: '/api/detection_engine/rules/_bulk_update',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PUT',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Bulk upsert up to 1000 asset criticality records, creating or updating them as needed.
*/
async bulkUpsertAssetCriticalityRecords(props: BulkUpsertAssetCriticalityRecordsProps) {
this.log.info(`${new Date().toISOString()} Calling API BulkUpsertAssetCriticalityRecords`);
return this.kbnClient
.request<BulkUpsertAssetCriticalityRecordsResponse>({
path: '/api/asset_criticality/bulk',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Retrieves a clean draft timeline. If a draft timeline does not exist, it is created and returned.
*/
async cleanDraftTimelines(props: CleanDraftTimelinesProps) {
this.log.info(`${new Date().toISOString()} Calling API CleanDraftTimelines`);
return this.kbnClient
.request<CleanDraftTimelinesResponse>({
path: '/api/timeline/_draft',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async createAlertsIndex() {
this.log.info(`${new Date().toISOString()} Calling API CreateAlertsIndex`);
return this.kbnClient
.request<CreateAlertsIndexResponse>({
path: '/api/detection_engine/index',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Initiate a migration of detection alerts.
Migrations are initiated per index. While the process is neither destructive nor interferes with existing data, it may be resource-intensive. As such, it is recommended that you plan your migrations accordingly.
*/
async createAlertsMigration(props: CreateAlertsMigrationProps) {
this.log.info(`${new Date().toISOString()} Calling API CreateAlertsMigration`);
return this.kbnClient
.request<CreateAlertsMigrationResponse>({
path: '/api/detection_engine/signals/migration',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Create or update a criticality record for a specific asset.
*/
async createAssetCriticalityRecord(props: CreateAssetCriticalityRecordProps) {
this.log.info(`${new Date().toISOString()} Calling API CreateAssetCriticalityRecord`);
return this.kbnClient
.request<CreateAssetCriticalityRecordResponse>({
path: '/api/asset_criticality',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Create a new detection rule.
*/
async createRule(props: CreateRuleProps) {
this.log.info(`${new Date().toISOString()} Calling API CreateRule`);
return this.kbnClient
.request<CreateRuleResponse>({
path: '/api/detection_engine/rules',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async createTimelines(props: CreateTimelinesProps) {
this.log.info(`${new Date().toISOString()} Calling API CreateTimelines`);
return this.kbnClient
.request<CreateTimelinesResponse>({
path: '/api/timeline',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async createUpdateProtectionUpdatesNote(props: CreateUpdateProtectionUpdatesNoteProps) {
this.log.info(`${new Date().toISOString()} Calling API CreateUpdateProtectionUpdatesNote`);
return this.kbnClient
.request<CreateUpdateProtectionUpdatesNoteResponse>({
path: replaceParams(
'/api/endpoint/protection_updates_note/{package_policy_id}',
props.params
),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async deleteAlertsIndex() {
this.log.info(`${new Date().toISOString()} Calling API DeleteAlertsIndex`);
return this.kbnClient
.request<DeleteAlertsIndexResponse>({
path: '/api/detection_engine/index',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'DELETE',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Delete the asset criticality record for a specific asset if it exists.
*/
async deleteAssetCriticalityRecord(props: DeleteAssetCriticalityRecordProps) {
this.log.info(`${new Date().toISOString()} Calling API DeleteAssetCriticalityRecord`);
return this.kbnClient
.request<DeleteAssetCriticalityRecordResponse>({
path: '/api/asset_criticality',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'DELETE',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async deleteEntityStore(props: DeleteEntityStoreProps) {
this.log.info(`${new Date().toISOString()} Calling API DeleteEntityStore`);
return this.kbnClient
.request<DeleteEntityStoreResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'DELETE',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async deleteNote(props: DeleteNoteProps) {
this.log.info(`${new Date().toISOString()} Calling API DeleteNote`);
return this.kbnClient
.request<DeleteNoteResponse>({
path: '/api/note',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'DELETE',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Delete a detection rule using the `rule_id` or `id` field.
*/
async deleteRule(props: DeleteRuleProps) {
this.log.info(`${new Date().toISOString()} Calling API DeleteRule`);
return this.kbnClient
.request<DeleteRuleResponse>({
path: '/api/detection_engine/rules',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'DELETE',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async deleteTimelines(props: DeleteTimelinesProps) {
this.log.info(`${new Date().toISOString()} Calling API DeleteTimelines`);
return this.kbnClient
.request<DeleteTimelinesResponse>({
path: '/api/timeline',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'DELETE',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Calculates and persists Risk Scores for an entity, returning the calculated risk score.
*/
async deprecatedTriggerRiskScoreCalculation(props: DeprecatedTriggerRiskScoreCalculationProps) {
this.log.info(`${new Date().toISOString()} Calling API DeprecatedTriggerRiskScoreCalculation`);
return this.kbnClient
.request<DeprecatedTriggerRiskScoreCalculationResponse>({
path: '/api/risk_scores/calculation/entity',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async disableRiskEngine() {
this.log.info(`${new Date().toISOString()} Calling API DisableRiskEngine`);
return this.kbnClient
.request<DisableRiskEngineResponse>({
path: '/internal/risk_score/engine/disable',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async enableRiskEngine() {
this.log.info(`${new Date().toISOString()} Calling API EnableRiskEngine`);
return this.kbnClient
.request<EnableRiskEngineResponse>({
path: '/internal/risk_score/engine/enable',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Run a shell command on an endpoint.
*/
async endpointExecuteAction(props: EndpointExecuteActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointExecuteAction`);
return this.kbnClient
.request<EndpointExecuteActionResponse>({
path: '/api/endpoint/action/execute',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Download a file from an endpoint.
*/
async endpointFileDownload(props: EndpointFileDownloadProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointFileDownload`);
return this.kbnClient
.request<EndpointFileDownloadResponse>({
path: replaceParams(
'/api/endpoint/action/{action_id}/file/{file_id}/download',
props.params
),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get information for the specified file using the file ID.
*/
async endpointFileInfo(props: EndpointFileInfoProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointFileInfo`);
return this.kbnClient
.request<EndpointFileInfoResponse>({
path: replaceParams('/api/endpoint/action/{action_id}/file/{file_id}', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get the details of a response action using the action ID.
*/
async endpointGetActionsDetails(props: EndpointGetActionsDetailsProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointGetActionsDetails`);
return this.kbnClient
.request<EndpointGetActionsDetailsResponse>({
path: replaceParams('/api/endpoint/action/{action_id}', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get a list of all response actions.
*/
async endpointGetActionsList(props: EndpointGetActionsListProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointGetActionsList`);
return this.kbnClient
.request<EndpointGetActionsListResponse>({
path: '/api/endpoint/action',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get a response actions state, which reports whether encryption is enabled.
*/
async endpointGetActionsState() {
this.log.info(`${new Date().toISOString()} Calling API EndpointGetActionsState`);
return this.kbnClient
.request<EndpointGetActionsStateResponse>({
path: '/api/endpoint/action/state',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get the status of response actions for the specified agent IDs.
*/
async endpointGetActionsStatus(props: EndpointGetActionsStatusProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointGetActionsStatus`);
return this.kbnClient
.request<EndpointGetActionsStatusResponse>({
path: '/api/endpoint/action_status',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get a file from an endpoint.
*/
async endpointGetFileAction(props: EndpointGetFileActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointGetFileAction`);
return this.kbnClient
.request<EndpointGetFileActionResponse>({
path: '/api/endpoint/action/get_file',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get a list of all processes running on an endpoint.
*/
async endpointGetProcessesAction(props: EndpointGetProcessesActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointGetProcessesAction`);
return this.kbnClient
.request<EndpointGetProcessesActionResponse>({
path: '/api/endpoint/action/running_procs',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Isolate an endpoint from the network. The endpoint remains isolated until it's released.
*/
async endpointIsolateAction(props: EndpointIsolateActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointIsolateAction`);
return this.kbnClient
.request<EndpointIsolateActionResponse>({
path: '/api/endpoint/action/isolate',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Isolate an endpoint from the network.
> info
> This URL will return a 308 permanent redirect to `POST <kibana host>:<port>/api/endpoint/action/isolate`.
*/
async endpointIsolateRedirect(props: EndpointIsolateRedirectProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointIsolateRedirect`);
return this.kbnClient
.request<EndpointIsolateRedirectResponse>({
path: '/api/endpoint/isolate',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Terminate a running process on an endpoint.
*/
async endpointKillProcessAction(props: EndpointKillProcessActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointKillProcessAction`);
return this.kbnClient
.request<EndpointKillProcessActionResponse>({
path: '/api/endpoint/action/kill_process',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Scan a specific file or directory on an endpoint for malware.
*/
async endpointScanAction(props: EndpointScanActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointScanAction`);
return this.kbnClient
.request<EndpointScanActionResponse>({
path: '/api/endpoint/action/scan',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Suspend a running process on an endpoint.
*/
async endpointSuspendProcessAction(props: EndpointSuspendProcessActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointSuspendProcessAction`);
return this.kbnClient
.request<EndpointSuspendProcessActionResponse>({
path: '/api/endpoint/action/suspend_process',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Release an isolated endpoint, allowing it to rejoin a network.
*/
async endpointUnisolateAction(props: EndpointUnisolateActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointUnisolateAction`);
return this.kbnClient
.request<EndpointUnisolateActionResponse>({
path: '/api/endpoint/action/unisolate',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Release an isolated endpoint, allowing it to rejoin a network.
> info
> This URL will return a 308 permanent redirect to `POST <kibana host>:<port>/api/endpoint/action/unisolate`.
*/
async endpointUnisolateRedirect(props: EndpointUnisolateRedirectProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointUnisolateRedirect`);
return this.kbnClient
.request<EndpointUnisolateRedirectResponse>({
path: '/api/endpoint/unisolate',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Upload a file to an endpoint.
*/
async endpointUploadAction(props: EndpointUploadActionProps) {
this.log.info(`${new Date().toISOString()} Calling API EndpointUploadAction`);
return this.kbnClient
.request<EndpointUploadActionResponse>({
path: '/api/endpoint/action/upload',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Export detection rules to an `.ndjson` file. The following configuration items are also included in the `.ndjson` file:
- Actions
- Exception lists
> info
> You cannot export prebuilt rules.
*/
async exportRules(props: ExportRulesProps) {
this.log.info(`${new Date().toISOString()} Calling API ExportRules`);
return this.kbnClient
.request({
path: '/api/detection_engine/rules/_export',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async exportTimelines(props: ExportTimelinesProps) {
this.log.info(`${new Date().toISOString()} Calling API ExportTimelines`);
return this.kbnClient
.request({
path: '/api/timeline/_export',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Finalize successful migrations of detection alerts. This replaces the original index's alias with the successfully migrated index's alias.
The endpoint is idempotent; therefore, it can safely be used to poll a given migration and, upon completion,
finalize it.
*/
async finalizeAlertsMigration(props: FinalizeAlertsMigrationProps) {
this.log.info(`${new Date().toISOString()} Calling API FinalizeAlertsMigration`);
return this.kbnClient
.request<FinalizeAlertsMigrationResponse>({
path: '/api/detection_engine/signals/finalize_migration',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* List asset criticality records, paging, sorting and filtering as needed.
*/
async findAssetCriticalityRecords(props: FindAssetCriticalityRecordsProps) {
this.log.info(`${new Date().toISOString()} Calling API FindAssetCriticalityRecords`);
return this.kbnClient
.request<FindAssetCriticalityRecordsResponse>({
path: '/api/asset_criticality/list',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Retrieve a paginated list of detection rules. By default, the first page is returned, with 20 results per page.
*/
async findRules(props: FindRulesProps) {
this.log.info(`${new Date().toISOString()} Calling API FindRules`);
return this.kbnClient
.request<FindRulesResponse>({
path: '/api/detection_engine/rules/_find',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getAgentPolicySummary(props: GetAgentPolicySummaryProps) {
this.log.info(`${new Date().toISOString()} Calling API GetAgentPolicySummary`);
return this.kbnClient
.request<GetAgentPolicySummaryResponse>({
path: '/api/endpoint/policy/summaries',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Get the criticality record for a specific asset.
*/
async getAssetCriticalityRecord(props: GetAssetCriticalityRecordProps) {
this.log.info(`${new Date().toISOString()} Calling API GetAssetCriticalityRecord`);
return this.kbnClient
.request<GetAssetCriticalityRecordResponse>({
path: '/api/asset_criticality',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getAssetCriticalityStatus() {
this.log.info(`${new Date().toISOString()} Calling API GetAssetCriticalityStatus`);
return this.kbnClient
.request<GetAssetCriticalityStatusResponse>({
path: '/internal/asset_criticality/status',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getDraftTimelines(props: GetDraftTimelinesProps) {
this.log.info(`${new Date().toISOString()} Calling API GetDraftTimelines`);
return this.kbnClient
.request<GetDraftTimelinesResponse>({
path: '/api/timeline/_draft',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getEndpointMetadataList(props: GetEndpointMetadataListProps) {
this.log.info(`${new Date().toISOString()} Calling API GetEndpointMetadataList`);
return this.kbnClient
.request<GetEndpointMetadataListResponse>({
path: '/api/endpoint/metadata',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getEndpointSuggestions(props: GetEndpointSuggestionsProps) {
this.log.info(`${new Date().toISOString()} Calling API GetEndpointSuggestions`);
return this.kbnClient
.request<GetEndpointSuggestionsResponse>({
path: replaceParams('/api/endpoint/suggestions/{suggestion_type}', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getEntityStoreEngine(props: GetEntityStoreEngineProps) {
this.log.info(`${new Date().toISOString()} Calling API GetEntityStoreEngine`);
return this.kbnClient
.request<GetEntityStoreEngineResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getEntityStoreStats(props: GetEntityStoreStatsProps) {
this.log.info(`${new Date().toISOString()} Calling API GetEntityStoreStats`);
return this.kbnClient
.request<GetEntityStoreStatsResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}/stats', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Gets notes
*/
async getNotes(props: GetNotesProps) {
this.log.info(`${new Date().toISOString()} Calling API GetNotes`);
return this.kbnClient
.request({
path: '/api/note',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getPolicyResponse(props: GetPolicyResponseProps) {
this.log.info(`${new Date().toISOString()} Calling API GetPolicyResponse`);
return this.kbnClient
.request<GetPolicyResponseResponse>({
path: '/api/endpoint/policy_response',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getProtectionUpdatesNote(props: GetProtectionUpdatesNoteProps) {
this.log.info(`${new Date().toISOString()} Calling API GetProtectionUpdatesNote`);
return this.kbnClient
.request<GetProtectionUpdatesNoteResponse>({
path: replaceParams(
'/api/endpoint/protection_updates_note/{package_policy_id}',
props.params
),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Returns the status of both the legacy transform-based risk engine, as well as the new risk engine
*/
async getRiskEngineStatus() {
this.log.info(`${new Date().toISOString()} Calling API GetRiskEngineStatus`);
return this.kbnClient
.request<GetRiskEngineStatusResponse>({
path: '/internal/risk_score/engine/status',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getRuleExecutionEvents(props: GetRuleExecutionEventsProps) {
this.log.info(`${new Date().toISOString()} Calling API GetRuleExecutionEvents`);
return this.kbnClient
.request<GetRuleExecutionEventsResponse>({
path: replaceParams(
'/internal/detection_engine/rules/{ruleId}/execution/events',
props.params
),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'PUT',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getRuleExecutionResults(props: GetRuleExecutionResultsProps) {
this.log.info(`${new Date().toISOString()} Calling API GetRuleExecutionResults`);
return this.kbnClient
.request<GetRuleExecutionResultsResponse>({
path: replaceParams(
'/internal/detection_engine/rules/{ruleId}/execution/results',
props.params
),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'PUT',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getTimeline(props: GetTimelineProps) {
this.log.info(`${new Date().toISOString()} Calling API GetTimeline`);
return this.kbnClient
.request<GetTimelineResponse>({
path: '/api/timeline',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getTimelines(props: GetTimelinesProps) {
this.log.info(`${new Date().toISOString()} Calling API GetTimelines`);
return this.kbnClient
.request<GetTimelinesResponse>({
path: '/api/timelines',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Import detection rules from an `.ndjson` file, including actions and exception lists. The request must include:
- The `Content-Type: multipart/form-data` HTTP header.
- A link to the `.ndjson` file containing the rules.
*/
async importRules(props: ImportRulesProps) {
this.log.info(`${new Date().toISOString()} Calling API ImportRules`);
return this.kbnClient
.request<ImportRulesResponse>({
path: '/api/detection_engine/rules/_import',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.attachment,
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async importTimelines(props: ImportTimelinesProps) {
this.log.info(`${new Date().toISOString()} Calling API ImportTimelines`);
return this.kbnClient
.request<ImportTimelinesResponse>({
path: '/api/timeline/_import',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async initEntityStore(props: InitEntityStoreProps) {
this.log.info(`${new Date().toISOString()} Calling API InitEntityStore`);
return this.kbnClient
.request<InitEntityStoreResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}/init', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Initializes the Risk Engine by creating the necessary indices and mappings, removing old transforms, and starting the new risk engine
*/
async initRiskEngine() {
this.log.info(`${new Date().toISOString()} Calling API InitRiskEngine`);
return this.kbnClient
.request<InitRiskEngineResponse>({
path: '/internal/risk_score/engine/init',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Install and update all Elastic prebuilt detection rules and Timelines.
*/
async installPrebuiltRulesAndTimelines() {
this.log.info(`${new Date().toISOString()} Calling API InstallPrebuiltRulesAndTimelines`);
return this.kbnClient
.request<InstallPrebuiltRulesAndTimelinesResponse>({
path: '/api/detection_engine/rules/prepackaged',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PUT',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async installPrepackedTimelines(props: InstallPrepackedTimelinesProps) {
this.log.info(`${new Date().toISOString()} Calling API InstallPrepackedTimelines`);
return this.kbnClient
.request<InstallPrepackedTimelinesResponse>({
path: '/api/timeline/_prepackaged',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async internalUploadAssetCriticalityRecords(props: InternalUploadAssetCriticalityRecordsProps) {
this.log.info(`${new Date().toISOString()} Calling API InternalUploadAssetCriticalityRecords`);
return this.kbnClient
.request<InternalUploadAssetCriticalityRecordsResponse>({
path: '/internal/asset_criticality/upload_csv',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
body: props.attachment,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async listEntityStoreEngines() {
this.log.info(`${new Date().toISOString()} Calling API ListEntityStoreEngines`);
return this.kbnClient
.request<ListEntityStoreEnginesResponse>({
path: '/api/entity_store/engines',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Update specific fields of an existing detection rule using the `rule_id` or `id` field.
*/
async patchRule(props: PatchRuleProps) {
this.log.info(`${new Date().toISOString()} Calling API PatchRule`);
return this.kbnClient
.request<PatchRuleResponse>({
path: '/api/detection_engine/rules',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PATCH',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Updates an existing timeline. This API is used to update the title, description, date range, pinned events, pinned queries, and/or pinned saved queries of an existing timeline.
*/
async patchTimeline(props: PatchTimelineProps) {
this.log.info(`${new Date().toISOString()} Calling API PatchTimeline`);
return this.kbnClient
.request<PatchTimelineResponse>({
path: '/api/timeline',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PATCH',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Apply a bulk action, such as bulk edit, duplicate, or delete, to multiple detection rules. The bulk action is applied to all rules that match the query or to the rules listed by their IDs.
*/
async performRulesBulkAction(props: PerformRulesBulkActionProps) {
this.log.info(`${new Date().toISOString()} Calling API PerformRulesBulkAction`);
return this.kbnClient
.request<PerformRulesBulkActionResponse>({
path: '/api/detection_engine/rules/_bulk_action',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async persistFavoriteRoute(props: PersistFavoriteRouteProps) {
this.log.info(`${new Date().toISOString()} Calling API PersistFavoriteRoute`);
return this.kbnClient
.request<PersistFavoriteRouteResponse>({
path: '/api/timeline/_favorite',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PATCH',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async persistNoteRoute(props: PersistNoteRouteProps) {
this.log.info(`${new Date().toISOString()} Calling API PersistNoteRoute`);
return this.kbnClient
.request<PersistNoteRouteResponse>({
path: '/api/note',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PATCH',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async persistPinnedEventRoute(props: PersistPinnedEventRouteProps) {
this.log.info(`${new Date().toISOString()} Calling API PersistPinnedEventRoute`);
return this.kbnClient
.request<PersistPinnedEventRouteResponse>({
path: '/api/pinned_event',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PATCH',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Calculates and returns a list of Risk Scores, sorted by identifier_type and risk score.
*/
async previewRiskScore(props: PreviewRiskScoreProps) {
this.log.info(`${new Date().toISOString()} Calling API PreviewRiskScore`);
return this.kbnClient
.request<PreviewRiskScoreResponse>({
path: '/internal/risk_score/preview',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async readAlertsIndex() {
this.log.info(`${new Date().toISOString()} Calling API ReadAlertsIndex`);
return this.kbnClient
.request<ReadAlertsIndexResponse>({
path: '/api/detection_engine/index',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Retrieve indices that contain detection alerts of a particular age, along with migration information for each of those indices.
*/
async readAlertsMigrationStatus(props: ReadAlertsMigrationStatusProps) {
this.log.info(`${new Date().toISOString()} Calling API ReadAlertsMigrationStatus`);
return this.kbnClient
.request<ReadAlertsMigrationStatusResponse>({
path: '/api/detection_engine/signals/migration_status',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Retrieve the status of all Elastic prebuilt detection rules and Timelines.
*/
async readPrebuiltRulesAndTimelinesStatus() {
this.log.info(`${new Date().toISOString()} Calling API ReadPrebuiltRulesAndTimelinesStatus`);
return this.kbnClient
.request<ReadPrebuiltRulesAndTimelinesStatusResponse>({
path: '/api/detection_engine/rules/prepackaged/_status',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Retrieves whether or not the user is authenticated, and the user's Kibana
space and index privileges, which determine if the user can create an
index for the Elastic Security alerts generated by
detection engine rules.
*/
async readPrivileges() {
this.log.info(`${new Date().toISOString()} Calling API ReadPrivileges`);
return this.kbnClient
.request<ReadPrivilegesResponse>({
path: '/api/detection_engine/privileges',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async readRiskEngineSettings() {
this.log.info(`${new Date().toISOString()} Calling API ReadRiskEngineSettings`);
return this.kbnClient
.request<ReadRiskEngineSettingsResponse>({
path: '/internal/risk_score/engine/settings',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Retrieve a detection rule using the `rule_id` or `id` field.
*/
async readRule(props: ReadRuleProps) {
this.log.info(`${new Date().toISOString()} Calling API ReadRule`);
return this.kbnClient
.request<ReadRuleResponse>({
path: '/api/detection_engine/rules',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* List all unique tags from all detection rules.
*/
async readTags() {
this.log.info(`${new Date().toISOString()} Calling API ReadTags`);
return this.kbnClient
.request<ReadTagsResponse>({
path: '/api/detection_engine/tags',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async resolveTimeline(props: ResolveTimelineProps) {
this.log.info(`${new Date().toISOString()} Calling API ResolveTimeline`);
return this.kbnClient
.request<ResolveTimelineResponse>({
path: '/api/timeline/resolve',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'GET',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async riskEngineGetPrivileges() {
this.log.info(`${new Date().toISOString()} Calling API RiskEngineGetPrivileges`);
return this.kbnClient
.request<RiskEngineGetPrivilegesResponse>({
path: '/internal/risk_engine/privileges',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'GET',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async rulePreview(props: RulePreviewProps) {
this.log.info(`${new Date().toISOString()} Calling API RulePreview`);
return this.kbnClient
.request<RulePreviewResponse>({
path: '/api/detection_engine/rules/preview',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async scheduleRiskEngineNow() {
this.log.info(`${new Date().toISOString()} Calling API ScheduleRiskEngineNow`);
return this.kbnClient
.request<ScheduleRiskEngineNowResponse>({
path: '/api/risk_score/engine/schedule_now',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Find and/or aggregate detection alerts that match the given query.
*/
async searchAlerts(props: SearchAlertsProps) {
this.log.info(`${new Date().toISOString()} Calling API SearchAlerts`);
return this.kbnClient
.request<SearchAlertsResponse>({
path: '/api/detection_engine/signals/search',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Assign users to detection alerts, and unassign them from alerts.
> info
> You cannot add and remove the same assignee in the same request.
*/
async setAlertAssignees(props: SetAlertAssigneesProps) {
this.log.info(`${new Date().toISOString()} Calling API SetAlertAssignees`);
return this.kbnClient
.request({
path: '/api/detection_engine/signals/assignees',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Set the status of one or more detection alerts.
*/
async setAlertsStatus(props: SetAlertsStatusProps) {
this.log.info(`${new Date().toISOString()} Calling API SetAlertsStatus`);
return this.kbnClient
.request<SetAlertsStatusResponse>({
path: '/api/detection_engine/signals/status',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* And tags to detection alerts, and remove them from alerts.
> info
> You cannot add and remove the same alert tag in the same request.
*/
async setAlertTags(props: SetAlertTagsProps) {
this.log.info(`${new Date().toISOString()} Calling API SetAlertTags`);
return this.kbnClient
.request<SetAlertTagsResponse>({
path: '/api/detection_engine/signals/tags',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async startEntityStore(props: StartEntityStoreProps) {
this.log.info(`${new Date().toISOString()} Calling API StartEntityStore`);
return this.kbnClient
.request<StartEntityStoreResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}/start', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
async stopEntityStore(props: StopEntityStoreProps) {
this.log.info(`${new Date().toISOString()} Calling API StopEntityStore`);
return this.kbnClient
.request<StopEntityStoreResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}/stop', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'POST',
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Suggests user profiles.
*/
async suggestUserProfiles(props: SuggestUserProfilesProps) {
this.log.info(`${new Date().toISOString()} Calling API SuggestUserProfiles`);
return this.kbnClient
.request({
path: '/internal/detection_engine/users/_find',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
query: props.query,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Calculates and persists Risk Scores for an entity, returning the calculated risk score.
*/
async triggerRiskScoreCalculation(props: TriggerRiskScoreCalculationProps) {
this.log.info(`${new Date().toISOString()} Calling API TriggerRiskScoreCalculation`);
return this.kbnClient
.request<TriggerRiskScoreCalculationResponse>({
path: '/internal/risk_score/calculation/entity',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
/**
* Update a detection rule using the `rule_id` or `id` field. The original rule is replaced, and all unspecified fields are deleted.
> info
> You cannot modify the `id` or `rule_id` values.
*/
async updateRule(props: UpdateRuleProps) {
this.log.info(`${new Date().toISOString()} Calling API UpdateRule`);
return this.kbnClient
.request<UpdateRuleResponse>({
path: '/api/detection_engine/rules',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
},
method: 'PUT',
body: props.body,
})
.catch(catchAxiosErrorFormatAndThrow);
}
async uploadAssetCriticalityRecords(props: UploadAssetCriticalityRecordsProps) {
this.log.info(`${new Date().toISOString()} Calling API UploadAssetCriticalityRecords`);
return this.kbnClient
.request<UploadAssetCriticalityRecordsResponse>({
path: '/api/asset_criticality/upload_csv',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
method: 'POST',
body: props.attachment,
})
.catch(catchAxiosErrorFormatAndThrow);
}
}
export interface AlertsMigrationCleanupProps {
body: AlertsMigrationCleanupRequestBodyInput;
}
export interface BulkCreateRulesProps {
body: BulkCreateRulesRequestBodyInput;
}
export interface BulkDeleteRulesProps {
body: BulkDeleteRulesRequestBodyInput;
}
export interface BulkDeleteRulesPostProps {
body: BulkDeleteRulesPostRequestBodyInput;
}
export interface BulkPatchRulesProps {
body: BulkPatchRulesRequestBodyInput;
}
export interface BulkUpdateRulesProps {
body: BulkUpdateRulesRequestBodyInput;
}
export interface BulkUpsertAssetCriticalityRecordsProps {
body: BulkUpsertAssetCriticalityRecordsRequestBodyInput;
}
export interface CleanDraftTimelinesProps {
body: CleanDraftTimelinesRequestBodyInput;
}
export interface CreateAlertsMigrationProps {
body: CreateAlertsMigrationRequestBodyInput;
}
export interface CreateAssetCriticalityRecordProps {
body: CreateAssetCriticalityRecordRequestBodyInput;
}
export interface CreateRuleProps {
body: CreateRuleRequestBodyInput;
}
export interface CreateTimelinesProps {
body: CreateTimelinesRequestBodyInput;
}
export interface CreateUpdateProtectionUpdatesNoteProps {
params: CreateUpdateProtectionUpdatesNoteRequestParamsInput;
body: CreateUpdateProtectionUpdatesNoteRequestBodyInput;
}
export interface DeleteAssetCriticalityRecordProps {
query: DeleteAssetCriticalityRecordRequestQueryInput;
}
export interface DeleteEntityStoreProps {
query: DeleteEntityStoreRequestQueryInput;
params: DeleteEntityStoreRequestParamsInput;
}
export interface DeleteNoteProps {
body: DeleteNoteRequestBodyInput;
}
export interface DeleteRuleProps {
query: DeleteRuleRequestQueryInput;
}
export interface DeleteTimelinesProps {
body: DeleteTimelinesRequestBodyInput;
}
export interface DeprecatedTriggerRiskScoreCalculationProps {
body: DeprecatedTriggerRiskScoreCalculationRequestBodyInput;
}
export interface EndpointExecuteActionProps {
body: EndpointExecuteActionRequestBodyInput;
}
export interface EndpointFileDownloadProps {
params: EndpointFileDownloadRequestParamsInput;
}
export interface EndpointFileInfoProps {
params: EndpointFileInfoRequestParamsInput;
}
export interface EndpointGetActionsDetailsProps {
params: EndpointGetActionsDetailsRequestParamsInput;
}
export interface EndpointGetActionsListProps {
query: EndpointGetActionsListRequestQueryInput;
}
export interface EndpointGetActionsStatusProps {
query: EndpointGetActionsStatusRequestQueryInput;
}
export interface EndpointGetFileActionProps {
body: EndpointGetFileActionRequestBodyInput;
}
export interface EndpointGetProcessesActionProps {
body: EndpointGetProcessesActionRequestBodyInput;
}
export interface EndpointIsolateActionProps {
body: EndpointIsolateActionRequestBodyInput;
}
export interface EndpointIsolateRedirectProps {
body: EndpointIsolateRedirectRequestBodyInput;
}
export interface EndpointKillProcessActionProps {
body: EndpointKillProcessActionRequestBodyInput;
}
export interface EndpointScanActionProps {
body: EndpointScanActionRequestBodyInput;
}
export interface EndpointSuspendProcessActionProps {
body: EndpointSuspendProcessActionRequestBodyInput;
}
export interface EndpointUnisolateActionProps {
body: EndpointUnisolateActionRequestBodyInput;
}
export interface EndpointUnisolateRedirectProps {
body: EndpointUnisolateRedirectRequestBodyInput;
}
export interface EndpointUploadActionProps {
body: EndpointUploadActionRequestBodyInput;
}
export interface ExportRulesProps {
query: ExportRulesRequestQueryInput;
body: ExportRulesRequestBodyInput;
}
export interface ExportTimelinesProps {
query: ExportTimelinesRequestQueryInput;
body: ExportTimelinesRequestBodyInput;
}
export interface FinalizeAlertsMigrationProps {
body: FinalizeAlertsMigrationRequestBodyInput;
}
export interface FindAssetCriticalityRecordsProps {
query: FindAssetCriticalityRecordsRequestQueryInput;
}
export interface FindRulesProps {
query: FindRulesRequestQueryInput;
}
export interface GetAgentPolicySummaryProps {
query: GetAgentPolicySummaryRequestQueryInput;
}
export interface GetAssetCriticalityRecordProps {
query: GetAssetCriticalityRecordRequestQueryInput;
}
export interface GetDraftTimelinesProps {
query: GetDraftTimelinesRequestQueryInput;
}
export interface GetEndpointMetadataListProps {
query: GetEndpointMetadataListRequestQueryInput;
}
export interface GetEndpointSuggestionsProps {
params: GetEndpointSuggestionsRequestParamsInput;
body: GetEndpointSuggestionsRequestBodyInput;
}
export interface GetEntityStoreEngineProps {
params: GetEntityStoreEngineRequestParamsInput;
}
export interface GetEntityStoreStatsProps {
params: GetEntityStoreStatsRequestParamsInput;
}
export interface GetNotesProps {
query: GetNotesRequestQueryInput;
}
export interface GetPolicyResponseProps {
query: GetPolicyResponseRequestQueryInput;
}
export interface GetProtectionUpdatesNoteProps {
params: GetProtectionUpdatesNoteRequestParamsInput;
}
export interface GetRuleExecutionEventsProps {
query: GetRuleExecutionEventsRequestQueryInput;
params: GetRuleExecutionEventsRequestParamsInput;
}
export interface GetRuleExecutionResultsProps {
query: GetRuleExecutionResultsRequestQueryInput;
params: GetRuleExecutionResultsRequestParamsInput;
}
export interface GetTimelineProps {
query: GetTimelineRequestQueryInput;
}
export interface GetTimelinesProps {
query: GetTimelinesRequestQueryInput;
}
export interface ImportRulesProps {
query: ImportRulesRequestQueryInput;
attachment: FormData;
}
export interface ImportTimelinesProps {
body: ImportTimelinesRequestBodyInput;
}
export interface InitEntityStoreProps {
params: InitEntityStoreRequestParamsInput;
body: InitEntityStoreRequestBodyInput;
}
export interface InstallPrepackedTimelinesProps {
body: InstallPrepackedTimelinesRequestBodyInput;
}
export interface InternalUploadAssetCriticalityRecordsProps {
attachment: FormData;
}
export interface PatchRuleProps {
body: PatchRuleRequestBodyInput;
}
export interface PatchTimelineProps {
body: PatchTimelineRequestBodyInput;
}
export interface PerformRulesBulkActionProps {
query: PerformRulesBulkActionRequestQueryInput;
body: PerformRulesBulkActionRequestBodyInput;
}
export interface PersistFavoriteRouteProps {
body: PersistFavoriteRouteRequestBodyInput;
}
export interface PersistNoteRouteProps {
body: PersistNoteRouteRequestBodyInput;
}
export interface PersistPinnedEventRouteProps {
body: PersistPinnedEventRouteRequestBodyInput;
}
export interface PreviewRiskScoreProps {
body: PreviewRiskScoreRequestBodyInput;
}
export interface ReadAlertsMigrationStatusProps {
query: ReadAlertsMigrationStatusRequestQueryInput;
}
export interface ReadRuleProps {
query: ReadRuleRequestQueryInput;
}
export interface ResolveTimelineProps {
query: ResolveTimelineRequestQueryInput;
}
export interface RulePreviewProps {
body: RulePreviewRequestBodyInput;
}
export interface SearchAlertsProps {
body: SearchAlertsRequestBodyInput;
}
export interface SetAlertAssigneesProps {
body: SetAlertAssigneesRequestBodyInput;
}
export interface SetAlertsStatusProps {
body: SetAlertsStatusRequestBodyInput;
}
export interface SetAlertTagsProps {
body: SetAlertTagsRequestBodyInput;
}
export interface StartEntityStoreProps {
params: StartEntityStoreRequestParamsInput;
}
export interface StopEntityStoreProps {
params: StopEntityStoreRequestParamsInput;
}
export interface SuggestUserProfilesProps {
query: SuggestUserProfilesRequestQueryInput;
}
export interface TriggerRiskScoreCalculationProps {
body: TriggerRiskScoreCalculationRequestBodyInput;
}
export interface UpdateRuleProps {
body: UpdateRuleRequestBodyInput;
}
export interface UploadAssetCriticalityRecordsProps {
attachment: FormData;
}
Reference in a new issue View git blame Copy permalink