diff --git a/docs/api-generated/README.md b/docs/api-generated/README.md index 6eda1a4d2e9f1..3f453ea7a02af 100644 --- a/docs/api-generated/README.md +++ b/docs/api-generated/README.md @@ -14,6 +14,8 @@ or a similar tool that can generate HTML output from OAS. . Generate HTML output. For example: ``` + openapi-generator-cli generate -g html -i $GIT_HOME/kibana/x-pack/plugins/alerting/docs/openapi/bundled.yaml -o $GIT_HOME/kibana/docs/api-generated/rules -t $GIT_HOME/kibana/docs/api-generated/template + openapi-generator-cli generate -g html -i $GIT_HOME/kibana/x-pack/plugins/cases/docs/openapi/bundled.yaml -o $GIT_HOME/kibana/docs/api-generated/cases -t $GIT_HOME/kibana/docs/api-generated/template openapi-generator-cli generate -g html -i $GIT_HOME/kibana/x-pack/plugins/actions/docs/openapi/bundled.yaml -o $GIT_HOME/kibana/docs/api-generated/connectors -t $GIT_HOME/kibana/docs/api-generated/template @@ -23,6 +25,7 @@ or a similar tool that can generate HTML output from OAS. . Rename the output files. For example: ``` + mv $GIT_HOME/kibana/docs/api-generated/rules/index.html $GIT_HOME/kibana/docs/api-generated/rules/rule-apis-passthru.asciidoc mv $GIT_HOME/kibana/docs/api-generated/cases/index.html $GIT_HOME/kibana/docs/api-generated/cases/case-apis-passthru.asciidoc mv $GIT_HOME/kibana/docs/api-generated/connectors/index.html $GIT_HOME/kibana/docs/api-generated/connectors/connector-apis-passthru.asciidoc mv $GIT_HOME/kibana/docs/api-generated/machine-learning/index.html $GIT_HOME/kibana/docs/api-generated/machine-learning/ml-apis-passthru.adoc diff --git a/docs/api-generated/rules/rule-apis-passthru.asciidoc b/docs/api-generated/rules/rule-apis-passthru.asciidoc new file mode 100644 index 0000000000000..2b193c2c20201 --- /dev/null +++ b/docs/api-generated/rules/rule-apis-passthru.asciidoc @@ -0,0 +1,321 @@ +//// +This content is generated from the open API specification. +Any modifications made to this file will be overwritten. +//// + +++++ +
+

Access

+
    +
  1. APIKey KeyParamName:ApiKey KeyInQuery:false KeyInHeader:true
    2. +
  2. HTTP Basic Authentication
    3. +
+ +

Methods

+ [ Jump to Models ] + +

Table of Contents

+
+

Alerting

+ + +

Alerting

+
+
+ Up + 
get /s/{spaceId}/api/alerting/rules/_find
+
Retrieves information about rules. (findRules)
+
You must have read privileges for the appropriate Kibana features, depending on the consumer and rule_type_id of the rules you're seeking. For example, you must have privileges for the Management > Stack rules feature, Analytics > Discover and Machine Learning features, Observability features, or Security features. To find rules associated with the Stack Monitoring feature, use the monitoring_user built-in role.
+ +

Path parameters

+
+
spaceId (required)
+ +
Path Parameter — An identifier for the space. If /s/ and the identifier are omitted from the path, the default space is used. default: null
+
+ + + + +

Query parameters

+
+
default_search_operator (optional)
+ +
Query Parameter — The default operator to use for the simple_query_string. default: OR
fields (optional)
+ +
Query Parameter — The fields to return in the attributes key of the response. default: null
filter (optional)
+ +
Query Parameter — A KQL string that you filter with an attribute from your saved object. It should look like savedObjectType.attributes.title: "myTitle". However, if you used a direct attribute of a saved object, such as updatedAt, you must define your filter, for example, savedObjectType.updatedAt > 2018-12-22. default: null
has_reference (optional)
+ +
Query Parameter — Filters the rules that have a relation with the reference objects with a specific type and identifier. default: null
page (optional)
+ +
Query Parameter — The page number to return. default: 1
per_page (optional)
+ +
Query Parameter — The number of rules to return per page. default: 20
search (optional)
+ +
Query Parameter — An Elasticsearch simple_query_string query that filters the objects in the response. default: null
search_fields (optional)
+ +
Query Parameter — The fields to perform the simple_query_string parsed query against. default: null
sort_field (optional)
+ +
Query Parameter — Determines which field is used to sort the results. The field must exist in the attributes key of the response. default: null
sort_order (optional)
+ +
Query Parameter — Determines the sort order. default: desc
+
+ + +

Return type

+
+ findRules_200_response + +
+ + + +

Example data

+
Content-Type: application/json
+ 
{
+  "per_page" : 2,
+  "total" : 7,
+  "data" : [ {
+    "throttle" : "10m",
+    "created_at" : "2022-12-05T23:36:58.284Z",
+    "last_run" : {
+      "alerts_count" : {
+        "new" : 0,
+        "ignored" : 6,
+        "recovered" : 1,
+        "active" : 5
+      },
+      "outcome_msg" : "outcome_msg",
+      "warning" : "warning",
+      "outcome" : "succeeded"
+    },
+    "params" : {
+      "key" : ""
+    },
+    "created_by" : "elastic",
+    "enabled" : true,
+    "muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
+    "rule_type_id" : "monitoring_alert_cluster_health",
+    "tags" : [ "tags", "tags" ],
+    "api_key_owner" : "elastic",
+    "schedule" : {
+      "interval" : "1m"
+    },
+    "notify_when" : "onActiveAlert",
+    "next_run" : "2022-12-06T00:14:43.818Z",
+    "updated_at" : "2022-12-05T23:36:58.284Z",
+    "execution_status" : {
+      "last_execution_date" : "2022-12-06T00:13:43.89Z",
+      "last_duration" : 55,
+      "status" : "ok"
+    },
+    "name" : "cluster_health_rule",
+    "updated_by" : "elastic",
+    "scheduled_task_id" : "b530fed0-74f5-11ed-9801-35303b735aef",
+    "id" : "b530fed0-74f5-11ed-9801-35303b735aef",
+    "mute_all" : false,
+    "actions" : [ {
+      "id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
+      "params" : {
+        "key" : ""
+      },
+      "group" : "default"
+    }, {
+      "id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
+      "params" : {
+        "key" : ""
+      },
+      "group" : "default"
+    } ],
+    "consumer" : "alerts"
+  }, {
+    "throttle" : "10m",
+    "created_at" : "2022-12-05T23:36:58.284Z",
+    "last_run" : {
+      "alerts_count" : {
+        "new" : 0,
+        "ignored" : 6,
+        "recovered" : 1,
+        "active" : 5
+      },
+      "outcome_msg" : "outcome_msg",
+      "warning" : "warning",
+      "outcome" : "succeeded"
+    },
+    "params" : {
+      "key" : ""
+    },
+    "created_by" : "elastic",
+    "enabled" : true,
+    "muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
+    "rule_type_id" : "monitoring_alert_cluster_health",
+    "tags" : [ "tags", "tags" ],
+    "api_key_owner" : "elastic",
+    "schedule" : {
+      "interval" : "1m"
+    },
+    "notify_when" : "onActiveAlert",
+    "next_run" : "2022-12-06T00:14:43.818Z",
+    "updated_at" : "2022-12-05T23:36:58.284Z",
+    "execution_status" : {
+      "last_execution_date" : "2022-12-06T00:13:43.89Z",
+      "last_duration" : 55,
+      "status" : "ok"
+    },
+    "name" : "cluster_health_rule",
+    "updated_by" : "elastic",
+    "scheduled_task_id" : "b530fed0-74f5-11ed-9801-35303b735aef",
+    "id" : "b530fed0-74f5-11ed-9801-35303b735aef",
+    "mute_all" : false,
+    "actions" : [ {
+      "id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
+      "params" : {
+        "key" : ""
+      },
+      "group" : "default"
+    }, {
+      "id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
+      "params" : {
+        "key" : ""
+      },
+      "group" : "default"
+    } ],
+    "consumer" : "alerts"
+  } ],
+  "page" : 5
+}
+ +

Produces

+ This API call produces the following media types according to the Accept request header; + the media type will be conveyed by the Content-Type response header. + + +

Responses

+

200

+ Indicates a successful call. + findRules_200_response +
+
+ +

Models

+ [ Jump to Methods ] + +

Table of Contents

+
    +
  1. findRules_200_response -
    2. +
  2. findRules_200_response_data_inner -
    3. +
  3. findRules_200_response_data_inner_actions_inner -
    4. +
  4. findRules_200_response_data_inner_execution_status -
    5. +
  5. findRules_200_response_data_inner_last_run -
    6. +
  6. findRules_200_response_data_inner_last_run_alerts_count -
    7. +
  7. findRules_200_response_data_inner_schedule -
    8. +
  8. findRules_has_reference_parameter -
    9. +
  9. findRules_search_fields_parameter -
    10. +
+ +
+

findRules_200_response - Up

+
+
+
data (optional)
array[findRules_200_response_data_inner]
+
page (optional)
Integer
+
per_page (optional)
Integer
+
total (optional)
Integer
+
+
+
+

findRules_200_response_data_inner - Up

+
+
+
actions (optional)
array[findRules_200_response_data_inner_actions_inner]
+
api_key_owner (optional)
String
+
consumer (optional)
String The application or feature that owns the rule. For example, alerts, apm, discover, infrastructure, logs, metrics, ml, monitoring, securitySolution, siem, stackAlerts, or uptime.
+
created_at (optional)
Date The date and time that the rule as created. format: date-time
+
created_by (optional)
String The identifier for the user that created the rule.
+
enabled (optional)
Boolean Indicates whether the rule is currently enabled.
+
execution_status (optional)
findRules_200_response_data_inner_execution_status
+
id (optional)
String The identifier for the rule.
+
last_run (optional)
findRules_200_response_data_inner_last_run
+
muted_alert_ids (optional)
array[String]
+
mute_all (optional)
Boolean
+
name (optional)
String The name of the rule.
+
next_run (optional)
Date format: date-time
+
notify_when (optional)
String Indicates how often alerts generate actions.
+
Enum:
+
onActionGroupChange
onActiveAlert
onThrottleInterval
+
params (optional)
map[String, oas_any_type_not_mapped] The parameters for the rule.
+
rule_type_id (optional)
String The identifier for the type of rule. For example, .es-query, .index-threshold, logs.alert.document.count, monitoring_alert_cluster_health, siem.thresholdRule, or xpack.ml.anomaly_detection_alert.
+
schedule (optional)
findRules_200_response_data_inner_schedule
+
scheduled_task_id (optional)
String
+
tags (optional)
array[String] The tags for the rule.
+
throttle (optional)
String The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if notify_when is set to onThrottleInterval. It is specified in seconds, minutes, hours, or days.
+
updated_at (optional)
String The date and time that the rule was updated most recently.
+
updated_by (optional)
String The identifier for the user that updated this rule most recently.
+
+
+
+

findRules_200_response_data_inner_actions_inner - Up

+
+
+
group (optional)
String The group name for the actions.
+
id (optional)
String The identifier for the connector saved object.
+
params (optional)
map[String, oas_any_type_not_mapped] The parameters for the action, which are sent to the connector.
+
+
+
+

findRules_200_response_data_inner_execution_status - Up

+
+
+
status (optional)
String
+
last_execution_date (optional)
Date format: date-time
+
last_duration (optional)
Integer
+
+
+
+

findRules_200_response_data_inner_last_run - Up

+
+
+
alerts_count (optional)
findRules_200_response_data_inner_last_run_alerts_count
+
outcome_msg (optional)
String
+
warning (optional)
String
+
outcome (optional)
String
+
+
+
+

findRules_200_response_data_inner_last_run_alerts_count - Up

+
+
+
new (optional)
Integer
+
ignored (optional)
Integer
+
recovered (optional)
Integer
+
active (optional)
Integer
+
+
+
+

findRules_200_response_data_inner_schedule - Up

+
The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days.
+
+
interval (optional)
String
+
+
+
+

findRules_has_reference_parameter - Up

+
+
+
id (optional)
String
+
type (optional)
String
+
+
+
+

findRules_search_fields_parameter - Up

+
+
+
+
+
+++++ diff --git a/docs/api-generated/rules/rule-apis.asciidoc b/docs/api-generated/rules/rule-apis.asciidoc new file mode 100644 index 0000000000000..fb963582fb6da --- /dev/null +++ b/docs/api-generated/rules/rule-apis.asciidoc @@ -0,0 +1,10 @@ +[[rule-apis]] +== Alert and rule APIs + +preview::[] + +//// +This file includes content that has been generated from https://github.com/elastic/kibana/tree/main/x-pack/plugins/alerting/docs/openapi. Any modifications required must be done in that open API specification. +//// + +include::rule-apis-passthru.asciidoc[] \ No newline at end of file diff --git a/docs/api/alerting/find_rules.asciidoc b/docs/api/alerting/find_rules.asciidoc index 5c224ef1d07aa..0879cc77770aa 100644 --- a/docs/api/alerting/find_rules.asciidoc +++ b/docs/api/alerting/find_rules.asciidoc @@ -6,6 +6,12 @@ Retrieve a paginated set of rules based on condition. +[NOTE] +==== +For the most up-to-date API details, refer to the +{kib-repo}/tree/{branch}/x-pack/plugins/alerting/docs/openapi[open API specification]. For a preview, check out <>. +==== + [[find-rules-api-request]] === {api-request-title} @@ -105,40 +111,49 @@ The API returns the following: -------------------------------------------------- { "page": 1, - "per_page": 10, "total": 1, - "data": [ - { - "id": "0a037d60-6b62-11eb-9e0d-85d233e3ee35", - "notify_when": "onActionGroupChange", + "per_page": 10, + "data": [{ + "id": "b530fed0-74f5-11ed-9801-35303b735aef", + "name": "cluster_health_rule", + "consumer": "alerts", + "enabled": true, + "tags": ["cluster","health"], + "throttle": null, + "schedule": {"interval":"1m"}, + "params": {}, + "rule_type_id": "monitoring_alert_cluster_health", + "created_by": "elastic", + "updated_by": "elastic", + "created_at": "2022-12-05T23:36:58.284Z", + "updated_at": "2022-12-05T23:36:58.284Z", + "api_key_owner": "elastic", + "notify_when": "onActiveAlert", + "mute_all": false, + "muted_alert_ids": [], + "scheduled_task_id": "b530fed0-74f5-11ed-9801-35303b735aef", + "execution_status": { + "status": "ok", + "last_execution_date": "2022-12-06T00:09:31.882Z", + "last_duration": 42 + }, + "actions": [{ + "group": "default", + "id": "9dca3e00-74f5-11ed-9801-35303b735aef", "params": { - "aggType": "avg", - }, - "consumer": "alerts", - "rule_type_id": "test.rule.type", - "schedule": { - "interval": "1m" + "level": "info", + "message": "{{context.internalFullMessage}}" }, - "actions": [], - "tags": [], - "name": "my test rule", - "enabled": true, - "throttle": null, - "api_key_owner": "elastic", - "created_by": "elastic", - "updated_by": "elastic", - "mute_all": false, - "muted_alert_ids": [], - "updated_at": "2021-02-10T05:37:19.086Z", - "created_at": "2021-02-10T05:37:19.086Z", - "scheduled_task_id": "0b092d90-6b62-11eb-9e0d-85d233e3ee35", - "execution_status": { - "last_execution_date": "2021-02-10T17:55:14.262Z", - "status": "ok", - "last_duration": 384 - } - } - ] + "connector_type_id": ".server-log" + }], + "last_run":{ + "alerts_count": {"new": 0,"ignored": 0,"recovered": 0,"active": 0}, + "outcome_msg": null, + "warning": null, + "outcome": "succeeded" + }, + "next_run": "2022-12-06T00:10:31.811Z" + }] } -------------------------------------------------- diff --git a/docs/apis.asciidoc b/docs/apis.asciidoc index 197022e16f588..d85d9ce3f35eb 100644 --- a/docs/apis.asciidoc +++ b/docs/apis.asciidoc @@ -13,4 +13,5 @@ version of the specification is 3.0. For more information, go to https://openapi include::api-generated/cases/case-apis.asciidoc[] include::api-generated/connectors/connector-apis.asciidoc[] -include::api-generated/machine-learning/ml-apis.asciidoc[] \ No newline at end of file +include::api-generated/machine-learning/ml-apis.asciidoc[] +include::api-generated/rules/rule-apis.asciidoc[] \ No newline at end of file diff --git a/x-pack/plugins/alerting/docs/openapi/README.md b/x-pack/plugins/alerting/docs/openapi/README.md new file mode 100644 index 0000000000000..e7174d84de08f --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/README.md @@ -0,0 +1,34 @@ +# OpenAPI (Experimental) + +The current self-contained spec file is [as JSON](https://raw.githubusercontent.com/elastic/kibana/master/x-pack/plugins/cases/common/openapi/bundled.json) or [as YAML](https://raw.githubusercontent.com/elastic/kibana/master/x-pack/plugins/cases/common/openapi/bundled.yaml) and can be used for online tools like those found at https://openapi.tools/. +This spec is experimental and may be incomplete or change later. + +A guide about the openApi specification can be found at [https://swagger.io/docs/specification/about/](https://swagger.io/docs/specification/about/). + +## The `openapi` folder + +* `entrypoint.yaml` is the overview file which pulls together all the paths and components. +* [Paths](paths/README.md): this defines each endpoint. A path can have one operation per http method. +* [Components](components/README.md): Reusable components + +## Tools + +It is possible to validate the docs before bundling them with the following +command in the `x-pack/plugins/alerting/docs/openapi/` folder: + + ``` + npx swagger-cli validate entrypoint.yaml + ``` + +Then you can generate the `bundled` files by running the following commands: + + ``` + npx @redocly/cli bundle entrypoint.yaml --output bundled.yaml --ext yaml + npx @redocly/cli bundle entrypoint.yaml --output bundled.json --ext json + ``` + +You can run additional linting with the following command: + + ``` + npx @redocly/cli lint bundled.json + ``` diff --git a/x-pack/plugins/alerting/docs/openapi/bundled.json b/x-pack/plugins/alerting/docs/openapi/bundled.json new file mode 100644 index 0000000000000..f5aa50c5d45e0 --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/bundled.json @@ -0,0 +1,508 @@ +{ + "openapi": "3.0.1", + "info": { + "title": "Alerting", + "description": "OpenAPI schema for alerting endpoints", + "version": "0.1", + "contact": { + "name": "Alerting Team" + }, + "license": { + "name": "Elastic License 2.0", + "url": "https://www.elastic.co/licensing/elastic-license" + } + }, + "tags": [ + { + "name": "alerting", + "description": "Alerting APIs enable you to create and manage rules and alerts." + } + ], + "servers": [ + { + "url": "http://localhost:5601", + "description": "local" + } + ], + "paths": { + "/s/{spaceId}/api/alerting/rules/_find": { + "get": { + "summary": "Retrieves information about rules.", + "operationId": "findRules", + "description": "You must have `read` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rules you're seeking. For example, you must have privileges for the **Management > Stack rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, or **Security** features. To find rules associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role.\n", + "tags": [ + "alerting" + ], + "parameters": [ + { + "$ref": "#/components/parameters/space_id" + }, + { + "name": "default_search_operator", + "in": "query", + "description": "The default operator to use for the simple_query_string.", + "schema": { + "type": "string", + "default": "OR" + }, + "example": "OR" + }, + { + "name": "fields", + "in": "query", + "description": "The fields to return in the `attributes` key of the response.", + "schema": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "name": "filter", + "in": "query", + "description": "A KQL string that you filter with an attribute from your saved object. It should look like `savedObjectType.attributes.title: \"myTitle\"`. However, if you used a direct attribute of a saved object, such as `updatedAt`, you must define your filter, for example, `savedObjectType.updatedAt > 2018-12-22`.\n", + "schema": { + "type": "string" + } + }, + { + "name": "has_reference", + "in": "query", + "description": "Filters the rules that have a relation with the reference objects with a specific type and identifier.", + "schema": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "type": { + "type": "string" + } + } + } + }, + { + "name": "page", + "in": "query", + "description": "The page number to return.", + "schema": { + "type": "integer", + "default": 1 + }, + "example": 1 + }, + { + "name": "per_page", + "in": "query", + "description": "The number of rules to return per page.", + "schema": { + "type": "integer", + "default": 20 + }, + "example": 20 + }, + { + "name": "search", + "in": "query", + "description": "An Elasticsearch simple_query_string query that filters the objects in the response.", + "schema": { + "type": "string" + } + }, + { + "name": "search_fields", + "in": "query", + "description": "The fields to perform the simple_query_string parsed query against.", + "schema": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "array", + "items": { + "type": "string" + } + } + ] + } + }, + { + "name": "sort_field", + "in": "query", + "description": "Determines which field is used to sort the results. The field must exist in the `attributes` key of the response.\n", + "schema": { + "type": "string" + } + }, + { + "name": "sort_order", + "in": "query", + "description": "Determines the sort order.", + "schema": { + "type": "string", + "enum": [ + "asc", + "desc" + ], + "default": "desc" + }, + "example": "asc" + } + ], + "responses": { + "200": { + "description": "Indicates a successful call.", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "data": { + "type": "array", + "items": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "object", + "properties": { + "group": { + "type": "string", + "description": "The group name for the actions.", + "example": "default" + }, + "id": { + "type": "string", + "description": "The identifier for the connector saved object.", + "example": "9dca3e00-74f5-11ed-9801-35303b735aef" + }, + "params": { + "type": "object", + "description": "The parameters for the action, which are sent to the connector.", + "additionalProperties": true + } + } + } + }, + "api_key_owner": { + "type": "string", + "nullable": true, + "example": "elastic" + }, + "consumer": { + "type": "string", + "description": "The application or feature that owns the rule. For example, `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or `uptime`.", + "example": "alerts" + }, + "created_at": { + "type": "string", + "description": "The date and time that the rule as created.", + "format": "date-time", + "example": "2022-12-05T23:36:58.284Z" + }, + "created_by": { + "type": "string", + "description": "The identifier for the user that created the rule.", + "nullable": true, + "example": "elastic" + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the rule is currently enabled.", + "example": true + }, + "execution_status": { + "type": "object", + "properties": { + "status": { + "type": "string", + "example": "ok" + }, + "last_execution_date": { + "type": "string", + "format": "date-time", + "example": "2022-12-06T00:13:43.890Z" + }, + "last_duration": { + "type": "integer", + "example": 55 + } + } + }, + "id": { + "type": "string", + "description": "The identifier for the rule.", + "example": "b530fed0-74f5-11ed-9801-35303b735aef" + }, + "last_run": { + "type": "object", + "properties": { + "alerts_count": { + "type": "object", + "properties": { + "new": { + "type": "integer", + "nullable": true + }, + "ignored": { + "type": "integer", + "nullable": true + }, + "recovered": { + "type": "integer", + "nullable": true + }, + "active": { + "type": "integer", + "nullable": true + } + } + }, + "outcome_msg": { + "type": "string", + "nullable": true, + "example": null + }, + "warning": { + "type": "string", + "nullable": true, + "example": null + }, + "outcome": { + "type": "string", + "example": "succeeded" + } + } + }, + "muted_alert_ids": { + "type": "array", + "items": { + "type": "string" + } + }, + "mute_all": { + "type": "boolean", + "example": false + }, + "name": { + "type": "string", + "description": "The name of the rule.", + "example": "cluster_health_rule" + }, + "next_run": { + "type": "string", + "format": "date-time", + "nullable": true, + "example": "2022-12-06T00:14:43.818Z" + }, + "notify_when": { + "type": "string", + "description": "Indicates how often alerts generate actions.", + "enum": [ + "onActionGroupChange", + "onActiveAlert", + "onThrottleInterval" + ], + "example": "onActiveAlert" + }, + "params": { + "type": "object", + "description": "The parameters for the rule.", + "additionalProperties": true + }, + "rule_type_id": { + "type": "string", + "description": "The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`.", + "example": "monitoring_alert_cluster_health" + }, + "schedule": { + "type": "object", + "description": "The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days.", + "properties": { + "interval": { + "type": "string", + "example": "1m" + } + } + }, + "scheduled_task_id": { + "type": "string", + "example": "b530fed0-74f5-11ed-9801-35303b735aef" + }, + "tags": { + "type": "array", + "description": "The tags for the rule.", + "items": { + "type": "string" + } + }, + "throttle": { + "type": "string", + "description": "The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days.", + "nullable": true, + "example": "10m" + }, + "updated_at": { + "type": "string", + "description": "The date and time that the rule was updated most recently.", + "example": "2022-12-05T23:36:58.284Z" + }, + "updated_by": { + "type": "string", + "description": "The identifier for the user that updated this rule most recently.", + "nullable": true, + "example": "elastic" + } + } + } + }, + "page": { + "type": "integer" + }, + "per_page": { + "type": "integer" + }, + "total": { + "type": "integer" + } + } + }, + "examples": { + "findRulesResponse": { + "$ref": "#/components/examples/find_rules_response" + } + } + } + } + } + }, + "servers": [ + { + "url": "https://localhost:5601" + } + ] + }, + "servers": [ + { + "url": "https://localhost:5601" + } + ] + } + }, + "components": { + "securitySchemes": { + "basicAuth": { + "type": "http", + "scheme": "basic" + }, + "apiKeyAuth": { + "type": "apiKey", + "in": "header", + "name": "ApiKey" + } + }, + "parameters": { + "space_id": { + "in": "path", + "name": "spaceId", + "description": "An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used.", + "required": true, + "schema": { + "type": "string", + "example": "default" + } + } + }, + "examples": { + "find_rules_response": { + "summary": "Retrieve information about a rule.", + "value": { + "page": 1, + "total": 1, + "per_page": 10, + "data": [ + { + "id": "3583a470-74f6-11ed-9801-35303b735aef", + "consumer": "alerts", + "tags": [ + "cpu" + ], + "name": "my alert", + "enabled": true, + "throttle": null, + "schedule": { + "interval": "1m" + }, + "params": { + "aggType": "avg", + "termSize": 6, + "thresholdComparator": ">", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "groupBy": "top", + "threshold": [ + 1000 + ], + "index": [ + "test-index" + ], + "timeField": "@timestamp", + "aggField": "sheet.version", + "termField": "name.keyword" + }, + "rule_type_id": ".index-threshold", + "created_by": "elastic", + "updated_by": "elastic", + "created_at": "2022-12-05T23:40:33.132Z", + "updated_at": "2022-12-05T23:40:33.132Z", + "api_key_owner": "elastic", + "notify_when": "onActionGroupChange", + "mute_all": false, + "muted_alert_ids": [], + "scheduled_task_id": "3583a470-74f6-11ed-9801-35303b735aef", + "execution_status": { + "status": "ok", + "last_execution_date": "2022-12-06T01:44:23.983Z", + "last_duration": 48 + }, + "actions": [ + { + "id": "9dca3e00-74f5-11ed-9801-35303b735aef", + "group": "threshold met", + "params": { + "level": "info", + "message": "alert {{alertName}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}", + "connector_type_id": ".server-log" + } + } + ], + "last_run": { + "alerts_count": { + "new": 0, + "ignored": 0, + "recovered": 0, + "active": 0 + }, + "outcome_msg": null, + "warning": null, + "outcome": "succeeded" + }, + "next_run": "2022-12-06T01:45:23.912Z" + } + ] + } + } + } + }, + "security": [ + { + "basicAuth": [] + }, + { + "apiKeyAuth": [] + } + ] +} \ No newline at end of file diff --git a/x-pack/plugins/alerting/docs/openapi/bundled.yaml b/x-pack/plugins/alerting/docs/openapi/bundled.yaml new file mode 100644 index 0000000000000..d8ae1f576af8d --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/bundled.yaml @@ -0,0 +1,361 @@ +openapi: 3.0.1 +info: + title: Alerting + description: OpenAPI schema for alerting endpoints + version: '0.1' + contact: + name: Alerting Team + license: + name: Elastic License 2.0 + url: https://www.elastic.co/licensing/elastic-license +tags: + - name: alerting + description: Alerting APIs enable you to create and manage rules and alerts. +servers: + - url: http://localhost:5601 + description: local +paths: + /s/{spaceId}/api/alerting/rules/_find: + get: + summary: Retrieves information about rules. + operationId: findRules + description: | + You must have `read` privileges for the appropriate Kibana features, depending on the `consumer` and `rule_type_id` of the rules you're seeking. For example, you must have privileges for the **Management > Stack rules** feature, **Analytics > Discover** and **Machine Learning** features, **Observability** features, or **Security** features. To find rules associated with the **Stack Monitoring** feature, use the `monitoring_user` built-in role. + tags: + - alerting + parameters: + - $ref: '#/components/parameters/space_id' + - name: default_search_operator + in: query + description: The default operator to use for the simple_query_string. + schema: + type: string + default: OR + example: OR + - name: fields + in: query + description: The fields to return in the `attributes` key of the response. + schema: + type: array + items: + type: string + - name: filter + in: query + description: | + A KQL string that you filter with an attribute from your saved object. It should look like `savedObjectType.attributes.title: "myTitle"`. However, if you used a direct attribute of a saved object, such as `updatedAt`, you must define your filter, for example, `savedObjectType.updatedAt > 2018-12-22`. + schema: + type: string + - name: has_reference + in: query + description: Filters the rules that have a relation with the reference objects with a specific type and identifier. + schema: + type: object + properties: + id: + type: string + type: + type: string + - name: page + in: query + description: The page number to return. + schema: + type: integer + default: 1 + example: 1 + - name: per_page + in: query + description: The number of rules to return per page. + schema: + type: integer + default: 20 + example: 20 + - name: search + in: query + description: An Elasticsearch simple_query_string query that filters the objects in the response. + schema: + type: string + - name: search_fields + in: query + description: The fields to perform the simple_query_string parsed query against. + schema: + oneOf: + - type: string + - type: array + items: + type: string + - name: sort_field + in: query + description: | + Determines which field is used to sort the results. The field must exist in the `attributes` key of the response. + schema: + type: string + - name: sort_order + in: query + description: Determines the sort order. + schema: + type: string + enum: + - asc + - desc + default: desc + example: asc + responses: + '200': + description: Indicates a successful call. + content: + application/json: + schema: + type: object + properties: + data: + type: array + items: + type: object + properties: + actions: + type: array + items: + type: object + properties: + group: + type: string + description: The group name for the actions. + example: default + id: + type: string + description: The identifier for the connector saved object. + example: 9dca3e00-74f5-11ed-9801-35303b735aef + params: + type: object + description: The parameters for the action, which are sent to the connector. + additionalProperties: true + api_key_owner: + type: string + nullable: true + example: elastic + consumer: + type: string + description: The application or feature that owns the rule. For example, `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + example: alerts + created_at: + type: string + description: The date and time that the rule as created. + format: date-time + example: '2022-12-05T23:36:58.284Z' + created_by: + type: string + description: The identifier for the user that created the rule. + nullable: true + example: elastic + enabled: + type: boolean + description: Indicates whether the rule is currently enabled. + example: true + execution_status: + type: object + properties: + status: + type: string + example: ok + last_execution_date: + type: string + format: date-time + example: '2022-12-06T00:13:43.890Z' + last_duration: + type: integer + example: 55 + id: + type: string + description: The identifier for the rule. + example: b530fed0-74f5-11ed-9801-35303b735aef + last_run: + type: object + properties: + alerts_count: + type: object + properties: + new: + type: integer + nullable: true + ignored: + type: integer + nullable: true + recovered: + type: integer + nullable: true + active: + type: integer + nullable: true + outcome_msg: + type: string + nullable: true + example: null + warning: + type: string + nullable: true + example: null + outcome: + type: string + example: succeeded + muted_alert_ids: + type: array + items: + type: string + mute_all: + type: boolean + example: false + name: + type: string + description: The name of the rule. + example: cluster_health_rule + next_run: + type: string + format: date-time + nullable: true + example: '2022-12-06T00:14:43.818Z' + notify_when: + type: string + description: Indicates how often alerts generate actions. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + example: onActiveAlert + params: + type: object + description: The parameters for the rule. + additionalProperties: true + rule_type_id: + type: string + description: The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`. + example: monitoring_alert_cluster_health + schedule: + type: object + description: The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days. + properties: + interval: + type: string + example: 1m + scheduled_task_id: + type: string + example: b530fed0-74f5-11ed-9801-35303b735aef + tags: + type: array + description: The tags for the rule. + items: + type: string + throttle: + type: string + description: The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days. + nullable: true + example: 10m + updated_at: + type: string + description: The date and time that the rule was updated most recently. + example: '2022-12-05T23:36:58.284Z' + updated_by: + type: string + description: The identifier for the user that updated this rule most recently. + nullable: true + example: elastic + page: + type: integer + per_page: + type: integer + total: + type: integer + examples: + findRulesResponse: + $ref: '#/components/examples/find_rules_response' + servers: + - url: https://localhost:5601 + servers: + - url: https://localhost:5601 +components: + securitySchemes: + basicAuth: + type: http + scheme: basic + apiKeyAuth: + type: apiKey + in: header + name: ApiKey + parameters: + space_id: + in: path + name: spaceId + description: An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used. + required: true + schema: + type: string + example: default + examples: + find_rules_response: + summary: Retrieve information about a rule. + value: + page: 1 + total: 1 + per_page: 10 + data: + - id: 3583a470-74f6-11ed-9801-35303b735aef + consumer: alerts + tags: + - cpu + name: my alert + enabled: true + throttle: null + schedule: + interval: 1m + params: + aggType: avg + termSize: 6 + thresholdComparator: '>' + timeWindowSize: 5 + timeWindowUnit: m + groupBy: top + threshold: + - 1000 + index: + - test-index + timeField: '@timestamp' + aggField: sheet.version + termField: name.keyword + rule_type_id: .index-threshold + created_by: elastic + updated_by: elastic + created_at: '2022-12-05T23:40:33.132Z' + updated_at: '2022-12-05T23:40:33.132Z' + api_key_owner: elastic + notify_when: onActionGroupChange + mute_all: false + muted_alert_ids: [] + scheduled_task_id: 3583a470-74f6-11ed-9801-35303b735aef + execution_status: + status: ok + last_execution_date: '2022-12-06T01:44:23.983Z' + last_duration: 48 + actions: + - id: 9dca3e00-74f5-11ed-9801-35303b735aef + group: threshold met + params: + level: info + message: |- + alert {{alertName}} is active for group {{context.group}}: + + - Value: {{context.value}} + - Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}} + - Timestamp: {{context.date}} + connector_type_id: .server-log + last_run: + alerts_count: + new: 0 + ignored: 0 + recovered: 0 + active: 0 + outcome_msg: null + warning: null + outcome: succeeded + next_run: '2022-12-06T01:45:23.912Z' +security: + - basicAuth: [] + - apiKeyAuth: [] diff --git a/x-pack/plugins/alerting/docs/openapi/components/examples/find_rules_response.yaml b/x-pack/plugins/alerting/docs/openapi/components/examples/find_rules_response.yaml new file mode 100644 index 0000000000000..d93a03d9d40ab --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/components/examples/find_rules_response.yaml @@ -0,0 +1,60 @@ +summary: Retrieve information about a rule. +value: + page: 1 + total: 1 + per_page: 10 + data: + - id: 3583a470-74f6-11ed-9801-35303b735aef + consumer: alerts + tags: + - cpu + name: my alert + enabled: true + throttle: null + schedule: + interval: 1m + params: + aggType: avg + termSize: 6 + thresholdComparator: ">" + timeWindowSize: 5 + timeWindowUnit: m + groupBy: top + threshold: + - 1000 + index: + - test-index + timeField: "@timestamp" + aggField: sheet.version + termField: name.keyword + rule_type_id: .index-threshold + created_by: elastic + updated_by: elastic + created_at: '2022-12-05T23:40:33.132Z' + updated_at: '2022-12-05T23:40:33.132Z' + api_key_owner: elastic + notify_when: onActionGroupChange + mute_all: false + muted_alert_ids: [] + scheduled_task_id: 3583a470-74f6-11ed-9801-35303b735aef + execution_status: + status: ok + last_execution_date: '2022-12-06T01:44:23.983Z' + last_duration: 48 + actions: + - id: 9dca3e00-74f5-11ed-9801-35303b735aef + group: threshold met + params: + level: info + message: "alert {{alertName}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}" + connector_type_id: .server-log + last_run: + alerts_count: + new: 0 + ignored: 0 + recovered: 0 + active: 0 + outcome_msg: null + warning: null + outcome: succeeded + next_run: '2022-12-06T01:45:23.912Z' diff --git a/x-pack/plugins/alerting/docs/openapi/components/headers/kbn_xsrf.yaml b/x-pack/plugins/alerting/docs/openapi/components/headers/kbn_xsrf.yaml new file mode 100644 index 0000000000000..3d8dfae634e68 --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/components/headers/kbn_xsrf.yaml @@ -0,0 +1,5 @@ +schema: + type: string +in: header +name: kbn-xsrf +required: true diff --git a/x-pack/plugins/alerting/docs/openapi/components/parameters/space_id.yaml b/x-pack/plugins/alerting/docs/openapi/components/parameters/space_id.yaml new file mode 100644 index 0000000000000..0a9fba457e3e7 --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/components/parameters/space_id.yaml @@ -0,0 +1,7 @@ +in: path +name: spaceId +description: An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used. +required: true +schema: + type: string + example: default diff --git a/x-pack/plugins/alerting/docs/openapi/entrypoint.yaml b/x-pack/plugins/alerting/docs/openapi/entrypoint.yaml new file mode 100644 index 0000000000000..05a3d79ec62a9 --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/entrypoint.yaml @@ -0,0 +1,72 @@ +openapi: 3.0.1 +info: + title: Alerting + description: OpenAPI schema for alerting endpoints + version: '0.1' + contact: + name: Alerting Team + license: + name: Elastic License 2.0 + url: https://www.elastic.co/licensing/elastic-license +tags: + - name: alerting + description: Alerting APIs enable you to create and manage rules and alerts. +servers: + - url: 'http://localhost:5601' + description: local +paths: +# '/s/{spaceId}/api/alerting/rule/{ruleId}': +# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}.yaml' +# '/s/{spaceId}/api/alerting/rule/{ruleId}/_disable': +# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@_disable.yaml' +# '/s/{spaceId}/api/alerting/rule/{ruleId}/_enable': +# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@_enable.yaml' + '/s/{spaceId}/api/alerting/rules/_find': + $ref: 'paths/s@{spaceid}@api@alerting@rules@_find.yaml' +# '/s/{spaceId}/api/alerting/_health': +# $ref: paths/s@{spaceid}@api@alerting@_health.yaml +# '/s/{spaceId}/api/alerting/rule_types': +# $ref: 'paths/s@{spaceid}@api@alerting@rule_types.yaml' +# '/s/{spaceId}/api/alerting/rule/{ruleId}/_mute_all': +# $ref: 'paths/s@{spaceid}@api@rule@{ruleid}@_mute_all.yaml' +# '/s/{spaceId}/api/alerting/rule/{ruleId}/_unmute_all': +# $ref: 'paths/s@{spaceid}@api@rule@{ruleid}@_unmute_all.yaml' +# '/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_mute': +# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_mute.yaml' +# '/s/{spaceId}/api/alerting/rule/{ruleId}/alert/{alertId}/_unmute': +# $ref: 'paths/s@{spaceid}@api@alerting@rule@{ruleid}@alert@{alertid}@_unmute.yaml' + +# Deprecated APIs +# '/s/{spaceId}/api/alerts/alert/{alertId}': +# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}.yaml' +# '/s/{spaceId}/api/alerts/alert/{alertId}/_disable': +# $ref: 'paths/s@{spaceid}@api@alertss@alert@{alertid}@_disable.yaml' +# '/s/{spaceId}/api/alerts/alert/{alertId}/_enable': +# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@_enable.yaml' +# '/s/{spaceId}/api/alerts/alert/{alertId}/_mute_all': +# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@_mute_all.yaml' +# '/s/{spaceId}/api/alerts/alert/{alertId}/_unmute_all': +# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@_unmute_all.yaml' +# '/s/{spaceId}/api/alerts/alerts/_find': +# $ref: 'paths/s@{spaceid}@api@alerts@_find.yaml' +# '/s/{spaceId}/api/alerts/alerts/_health': +# $ref: 'paths/s@{spaceid}@api@alerts@_health.yaml' +# '/s/{spaceId}/api/alerts/alerts/list_alert_types': +# $ref: 'paths/s@{spaceid}@api@alerts@list_alert_types.yaml' +# '/s/{spaceId}/api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute': +# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@alert_instance@{alertinstanceid}@_mute.yaml' +# '/s/{spaceId}/api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute': +# $ref: 'paths/s@{spaceid}@api@alerts@alert@{alertid}@alert_instance@{alertinstanceid}@_unmute.yaml' + +components: + securitySchemes: + basicAuth: + type: http + scheme: basic + apiKeyAuth: + type: apiKey + in: header + name: ApiKey +security: + - basicAuth: [] + - apiKeyAuth: [] diff --git a/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rules@_find.yaml b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rules@_find.yaml new file mode 100644 index 0000000000000..a6d0969efe614 --- /dev/null +++ b/x-pack/plugins/alerting/docs/openapi/paths/s@{spaceid}@api@alerting@rules@_find.yaml @@ -0,0 +1,266 @@ +get: + summary: Retrieves information about rules. + operationId: findRules + description: > + You must have `read` privileges for the appropriate Kibana features, + depending on the `consumer` and `rule_type_id` of the rules you're seeking. + For example, you must have privileges for the **Management > Stack rules** + feature, **Analytics > Discover** and **Machine Learning** features, + **Observability** features, or **Security** features. To find rules + associated with the **Stack Monitoring** feature, use the `monitoring_user` + built-in role. + tags: + - alerting + parameters: + - $ref: '../components/parameters/space_id.yaml' + - name: default_search_operator + in: query + description: The default operator to use for the simple_query_string. + schema: + type: string + default: OR + example: OR + - name: fields + in: query + description: The fields to return in the `attributes` key of the response. + schema: + type: array + items: + type: string + - name: filter + in: query + description: > + A KQL string that you filter with an attribute from your saved object. + It should look like `savedObjectType.attributes.title: "myTitle"`. + However, if you used a direct attribute of a saved object, such as + `updatedAt`, you must define your filter, for example, + `savedObjectType.updatedAt > 2018-12-22`. + schema: + type: string + - name: has_reference + in: query + description: Filters the rules that have a relation with the reference objects with a specific type and identifier. + schema: + type: object + properties: + id: + type: string + type: + type: string + - name: page + in: query + description: The page number to return. + schema: + type: integer + default: 1 + example: 1 + - name: per_page + in: query + description: The number of rules to return per page. + schema: + type: integer + default: 20 + example: 20 + - name: search + in: query + description: An Elasticsearch simple_query_string query that filters the objects in the response. + schema: + type: string + - name: search_fields + in: query + description: The fields to perform the simple_query_string parsed query against. + schema: + oneOf: + - type: string + - type: array + items: + type: string + - name: sort_field + in: query + description: > + Determines which field is used to sort the results. The field must exist + in the `attributes` key of the response. + schema: + type: string + - name: sort_order + in: query + description: Determines the sort order. + schema: + type: string + enum: + - asc + - desc + default: desc + example: asc + responses: + '200': + description: Indicates a successful call. + content: + application/json: + schema: + type: object + properties: + data: + type: array + items: + type: object + properties: + actions: + type: array + items: + type: object + properties: + group: + type: string + description: The group name for the actions. + example: default + id: + type: string + description: The identifier for the connector saved object. + example: 9dca3e00-74f5-11ed-9801-35303b735aef + params: + type: object + description: The parameters for the action, which are sent to the connector. + additionalProperties: true + api_key_owner: + type: string + nullable: true + example: elastic + consumer: + type: string + description: The application or feature that owns the rule. For example, `alerts`, `apm`, `discover`, `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + example: alerts + created_at: + type: string + description: The date and time that the rule as created. + format: date-time + example: '2022-12-05T23:36:58.284Z' + created_by: + type: string + description: The identifier for the user that created the rule. + nullable: true + example: elastic + enabled: + type: boolean + description: Indicates whether the rule is currently enabled. + example: true + execution_status: + type: object + properties: + status: + type: string + example: ok + last_execution_date: + type: string + format: date-time + example: '2022-12-06T00:13:43.890Z' + last_duration: + type: integer + example: 55 + id: + type: string + description: The identifier for the rule. + example: b530fed0-74f5-11ed-9801-35303b735aef + last_run: + type: object + properties: + alerts_count: + type: object + properties: + new: + type: integer + nullable: true + ignored: + type: integer + nullable: true + recovered: + type: integer + nullable: true + active: + type: integer + nullable: true + outcome_msg: + type: string + nullable: true + example: null + warning: + type: string + nullable: true + example: null + outcome: + type: string + example: succeeded + muted_alert_ids: + type: array + items: + type: string + mute_all: + type: boolean + example: false + name: + type: string + description: The name of the rule. + example: cluster_health_rule + next_run: + type: string + format: date-time + nullable: true + example: '2022-12-06T00:14:43.818Z' + notify_when: + type: string + description: Indicates how often alerts generate actions. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + example: onActiveAlert + params: + type: object + description: The parameters for the rule. + additionalProperties: true + rule_type_id: + type: string + description: The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`. + example: monitoring_alert_cluster_health + schedule: + type: object + description: The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days. + properties: + interval: + type: string + example: 1m + scheduled_task_id: + type: string + example: b530fed0-74f5-11ed-9801-35303b735aef + tags: + type: array + description: The tags for the rule. + items: + type: string + throttle: + type: string + description: The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days. + nullable: true + example: 10m + updated_at: + type: string + description: The date and time that the rule was updated most recently. + example: '2022-12-05T23:36:58.284Z' + updated_by: + type: string + description: The identifier for the user that updated this rule most recently. + nullable: true + example: elastic + page: + type: integer + per_page: + type: integer + total: + type: integer + examples: + findRulesResponse: + $ref: '../components/examples/find_rules_response.yaml' + servers: + - url: https://localhost:5601 +servers: + - url: https://localhost:5601 \ No newline at end of file