Skip to content

[9.0] [Detection Engine][Docs] Updating examples to meet old ascii docs (#207558) #209941

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
yctercero merged 1 commit into from
Feb 6, 2025
Merged

[9.0] [Detection Engine][Docs] Updating examples to meet old ascii docs (#207558) #209941

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
277 changes: 261 additions & 16 deletions oas_docs/output/kibana.serverless.yaml
View file
Open in desktop

Large diffs are not rendered by default.

358 changes: 340 additions & 18 deletions oas_docs/output/kibana.yaml
View file
Open in desktop

Large diffs are not rendered by default.

15 changes: 3 additions & 12 deletions ...ity_solution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,20 +15,14 @@
*/

import { z } from '@kbn/zod';
import { isNonEmptyString } from '@kbn/zod-helpers';

import { AlertIds } from '../../model/alert.gen';
import { NonEmptyString } from '../../model/primitives.gen';

export type AlertAssignees = z.infer<typeof AlertAssignees>;
export const AlertAssignees = z.object({
/**
* A list of users ids to assign.
*/
add: z.array(NonEmptyString),
/**
* A list of users ids to unassign.
*/
remove: z.array(NonEmptyString),
add: z.array(z.string().min(1).superRefine(isNonEmptyString)),
remove: z.array(z.string().min(1).superRefine(isNonEmptyString)),
});

export type SetAlertAssigneesRequestBody = z.infer<typeof SetAlertAssigneesRequestBody>;
Expand All @@ -37,9 +31,6 @@ export const SetAlertAssigneesRequestBody = z.object({
* Details about the assignees to assign and unassign.
*/
assignees: AlertAssignees,
/**
* List of alerts ids to assign and unassign passed assignees.
*/
ids: AlertIds,
});
export type SetAlertAssigneesRequestBodyInput = z.input<typeof SetAlertAssigneesRequestBody>;
46 changes: 41 additions & 5 deletions ...olution/common/api/detection_engine/alert_assignees/set_alert_assignees_route.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,42 @@ paths:
description: Details about the assignees to assign and unassign.
ids:
$ref: '../../model/alert.schema.yaml#/components/schemas/AlertIds'
description: List of alerts ids to assign and unassign passed assignees.
examples:
add:
value:
assignees:
add: ['u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0']
remove: []
ids: ['681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6']
remove:
value:
assignees:
add: []
remove: ['u_MxY0jbrft7EcfC6iNZSUGeI_n6iYrSwZj5mWF5EqmSU_0']
ids: ['681c2a707335aa7df5f349b70013d87254746191712ecf0ced9b3e2d538503a6']
responses:
200:
description: Indicates a successful call.
content:
application/ndjson:
examples:
add:
value:
took: 76,
timed_out: false,
total: 1,
updated: 1,
deleted: 0,
batches: 1,
version_conflicts: 0,
noops: 0,
retries:
- bulk: 0,
- search: 0
throttled_millis: 0,
requests_per_second: -1,
throttled_until_millis: 0,
failures: []
400:
description: Invalid request.

Expand All @@ -46,10 +78,14 @@ components:
add:
type: array
items:
$ref: '../../model/primitives.schema.yaml#/components/schemas/NonEmptyString'
description: A list of users ids to assign.
type: string
format: nonempty
minLength: 1
description: A list of users ids to assign.
remove:
type: array
items:
$ref: '../../model/primitives.schema.yaml#/components/schemas/NonEmptyString'
description: A list of users ids to unassign.
type: string
format: nonempty
minLength: 1
description: A list of users ids to unassign.
3 changes: 3 additions & 0 deletions ...rity_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ import { z } from '@kbn/zod';

import { AlertIds, AlertTags } from '../../../model/alert.gen';

/**
* Object with list of tags to add and remove.
*/
export type SetAlertTags = z.infer<typeof SetAlertTags>;
export const SetAlertTags = z.object({
tags_to_add: AlertTags,
Expand Down
32 changes: 32 additions & 0 deletions ...solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,19 @@ paths:
required:
- ids
- tags
examples:
add:
value:
tags:
tags_to_add: ['Duplicate']
tags_to_remove: []
ids: ['549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e']
remove:
value:
tags:
tags_to_add: []
tags_to_remove: ['Duplicate']
ids: ['549c7129c76cbd554aba1bd638f8a49dde95088f5832e50218358e7eca1cf16e']
responses:
200:
description: Successful response
Expand All @@ -39,6 +52,24 @@ paths:
type: object
additionalProperties: true
description: Elasticsearch update by query response
examples:
success:
value:
took: 68,
timed_out: false,
total: 1,
updated: 1,
deleted: 0,
batches: 1,
version_conflicts: 0,
noops: 0,
retries:
bulk: 0,
search: 0
throttled_millis: 0,
requests_per_second: -1,
throttled_until_millis: 0,
failures: []
400:
description: Invalid input data response
content:
Expand All @@ -63,6 +94,7 @@ paths:
components:
schemas:
SetAlertTags:
description: Object with list of tags to add and remove.
type: object
properties:
tags_to_add:
Expand Down
5 changes: 5 additions & 0 deletions ...y_solution/common/api/detection_engine/index_management/read_index/read_index.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,11 @@ paths:
type: boolean
nullable: true
required: [name, index_mapping_outdated]
examples:
success:
value:
index_mapping_outdated: false
name: '.alerts-security.alerts-default'
401:
description: Unsuccessful authentication response
content:
Expand Down
36 changes: 36 additions & 0 deletions .../common/api/detection_engine/index_management/read_privileges/read_privileges.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,42 @@ paths:
has_encryption_key:
type: boolean
required: [is_authenticated, has_encryption_key]
examples:
success:
value:
username: elastic
has_all_requested: true
cluster:
all: true
monitor_ml: true
manage_transform: true
manage_index_templates: true
monitor_transform: true
manage_ml: true
monitor: true
manage_pipeline: true
manage_api_key: true
manage_security: true
manage_own_api_key: true
manage: true
index:
.alerts-security.alerts-default:
all: true
create: true
create_doc: true
create_index: true
delete: true
delete_index: true
index: true
maintenance: true
manage: true
monitor: true
read: true
view_index_metadata: true
write: true
application: {}
is_authenticated: true
has_encryption_key: true
401:
description: Unsuccessful authentication response
content:
Expand Down
54 changes: 54 additions & 0 deletions ...olution/common/api/detection_engine/signals/query_signals/query_signals_route.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,35 @@ paths:
sort:
$ref: '#/components/schemas/AlertsSort'
description: Elasticsearch query and aggregation request
examples:
query:
value:
size: 0
query:
bool:
filter:
- bool:
must: []
filter:
- match_phrase:
kibana.alert.workflow_status: open
should: []
must_not:
- exists:
field: kibana.alert.building_block_type
- range:
'@timestamp':
gte: 2025-01-17T08:00:00.000Z
lte: 2025-01-18T07:59:59.999Z
aggs:
alertsByGrouping:
terms:
field: host.name
size: 10
missingFields:
missing:
field: host.name
runtime_mappings: {}
responses:
200:
description: Successful response
Expand All @@ -57,6 +86,31 @@ paths:
type: object
additionalProperties: true
description: Elasticsearch search response
examples:
success:
value:
took: 0
timed_out: false
_shards:
total: 1
successful: 1
skipped: 0
failed: 0
hits:
total:
value: 5
relation: eq
max_score: null
hits: []
aggregations:
alertsByGrouping:
doc_count_error_upper_bound: 0
sum_other_doc_count: 0
buckets:
- key: Host-f43kkddfyc
doc_count: 5
missingFields:
doc_count: 0
400:
description: Invalid input data response
content:
Expand Down
7 changes: 5 additions & 2 deletions ...ion/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,16 @@
*/

import { z } from '@kbn/zod';
import { isNonEmptyString } from '@kbn/zod-helpers';

import { NonEmptyString } from '../../../model/primitives.gen';
import { AlertStatus } from '../../../model/alert.gen';

export type SetAlertsStatusByIds = z.infer<typeof SetAlertsStatusByIds>;
export const SetAlertsStatusByIds = z.object({
signal_ids: z.array(NonEmptyString).min(1),
/**
* List of alert `id`s.
*/
signal_ids: z.array(z.string().min(1).superRefine(isNonEmptyString)).min(1),
status: AlertStatus,
});

Expand Down
76 changes: 75 additions & 1 deletion ...ommon/api/detection_engine/signals/set_signal_status/set_signals_status_route.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,42 @@ paths:
oneOf:
- $ref: '#/components/schemas/SetAlertsStatusByIds'
- $ref: '#/components/schemas/SetAlertsStatusByQuery'
examples:
byId:
value:
status: closed
signal_ids: ['80e1383f856e67c1b7f7a1634744fa6d66b6e2ef7aa26d226e57afb5a7b2b4a1']
byQuery:
value:
conflicts: proceed
status: closed
query:
bool:
must: []
filter:
- range:
'@timestamp':
gte: 2024-10-23T07:00:00.000Z
lte: 2025-01-21T20:12:11.704Z
format: strict_date_optional_time
- bool:
filter:
bool:
must: []
filter:
- match_phrase:
kibana.alert.workflow_status: open
- range:
'@timestamp':
gte: 2024-10-23T07:00:00.000Z
lte: 2025-01-21T20:12:11.704Z
format: strict_date_optional_time
should: []
must_not:
- exists:
field: kibana.alert.building_block_type
should: []
must_not: []
responses:
200:
description: Successful response
Expand All @@ -30,6 +66,41 @@ paths:
type: object
additionalProperties: true
description: Elasticsearch update by query response
examples:
byId:
value:
took: 81
timed_out: false
total: 1
updated: 1
deleted: 0
batches: 1
version_conflicts: 0
noops: 0
retries:
bulk: 0
search: 0
throttled_millis: 0
requests_per_second: -1
throttled_until_millis: 0
failures: []
byQuery:
value:
took: 100
timed_out: false
total: 17
updated: 17
deleted: 0
batches: 1
version_conflicts: 0
noops: 0
retries:
bulk: 0
search: 0
throttled_millis: 0
requests_per_second: -1
throttled_until_millis: 0
failures: []
400:
description: Invalid input data response
content:
Expand Down Expand Up @@ -58,8 +129,11 @@ components:
properties:
signal_ids:
type: array
description: List of alert `id`s.
items:
$ref: '../../../model/primitives.schema.yaml#/components/schemas/NonEmptyString'
type: string
format: nonempty
minLength: 1
minItems: 1
status:
$ref: '../../../model/alert.schema.yaml#/components/schemas/AlertStatus'
Expand Down
Loading