From 850a704d4f7f8f6be61bd1a779e827b8e0e3bd4c Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Fri, 6 Jun 2025 16:22:21 -0400 Subject: [PATCH 01/22] First draft --- .../api/create_endpoint_list/create_endpoint_list.schema.yaml | 2 +- ...tion_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 3 +-- ...tion_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 3 +-- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml index cdc9004ce7e60..b1fd581b37a28 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: CreateEndpointList summary: Create an endpoint exception list - description: Create an endpoint exception list, which groups endpoint exception list items. If an endpoint exception list already exists, an empty response is returned. + description: Create an exception list for Elastic Endpoint exceptions or for rules that are associated with Elastic Endpoint rule exceptions. If an Elastic Endpoint exception list already exists, your request will return an empty response. responses: 200: description: Successful response diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 92f60194938e9..d04ab1ad05a38 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -969,8 +969,7 @@ security: - BasicAuth: [] tags: - description: >- - Endpoint Exceptions API allows you to manage detection rule endpoint - exceptions to prevent a rule from generating an alert from incoming events + The Endpoint Exceptions API allows you to manage exceptions for the Elastic Endpoint rule. Elastic Endpoint exceptions prevent the Elastic Endpoint rule from generating alerts from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API x-displayName: Security endpoint exceptions diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 33a0034c48070..be6233d6a6fdd 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -969,8 +969,7 @@ security: - BasicAuth: [] tags: - description: >- - Endpoint Exceptions API allows you to manage detection rule endpoint - exceptions to prevent a rule from generating an alert from incoming events + The Endpoint Exceptions API allows you to manage exceptions for the Elastic Endpoint rule. Elastic Endpoint exceptions prevent the Elastic Endpoint rule from generating alerts from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API x-displayName: Security endpoint exceptions From c1f9e449f4b7d3c519c3af1a6b9a118b9205a6bc Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Mon, 9 Jun 2025 13:54:24 -0400 Subject: [PATCH 02/22] More edits --- .../create_endpoint_list_item.schema.yaml | 2 +- .../delete_endpoint_list_item.schema.yaml | 2 +- .../find_endpoint_list_item.schema.yaml | 2 +- .../read_endpoint_list_item.schema.yaml | 2 +- .../update_endpoint_list_item.schema.yaml | 2 +- ...nt_exceptions_api_2023_10_31.bundled.schema.yaml | 13 +++++-------- ...nt_exceptions_api_2023_10_31.bundled.schema.yaml | 13 +++++-------- 7 files changed, 15 insertions(+), 21 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.schema.yaml index 6948df21afbbc..ac6072b9acf03 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: CreateEndpointListItem summary: Create an endpoint exception list item - description: Create an endpoint exception list item, and associate it with the endpoint exception list. + description: Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. requestBody: description: Exception list item's properties required: true diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml index ae1010573e5ef..48396dea89e8e 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: DeleteEndpointListItem summary: Delete an endpoint exception list item - description: Delete an endpoint exception list item using the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. parameters: - name: id in: query diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.schema.yaml index 400851ac52543..881c17868f677 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: FindEndpointListItems summary: Get endpoint exception list items - description: Get a list of all endpoint exception list items. + description: Get a list of all Elastic Endpoint exception list items. parameters: - name: filter in: query diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml index 0b64bac231df5..f8ad939153fc3 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: ReadEndpointListItem summary: Get an endpoint exception list item - description: Get the details of an endpoint exception list item using the `id` or `item_id` field. + description: Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. parameters: - name: id in: query diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml index 1fbe40d2b94ee..90dc3b14cc79f 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: UpdateEndpointListItem summary: Update an endpoint exception list item - description: Update an endpoint exception list item using the `id` or `item_id` field. + description: Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. requestBody: description: Exception list item's properties required: true diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index d04ab1ad05a38..7757be3f70b31 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -57,7 +57,7 @@ paths: /api/endpoint_list/items: delete: description: >- - Delete an endpoint exception list item using the `id` or `item_id` + Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: @@ -117,8 +117,7 @@ paths: - Security Endpoint Exceptions API get: description: >- - Get the details of an endpoint exception list item using the `id` or - `item_id` field. + Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -179,8 +178,7 @@ paths: - Security Endpoint Exceptions API post: description: >- - Create an endpoint exception list item, and associate it with the - endpoint exception list. + Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. operationId: CreateEndpointListItem requestBody: content: @@ -260,8 +258,7 @@ paths: - Security Endpoint Exceptions API put: description: >- - Update an endpoint exception list item using the `id` or `item_id` - field. + Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: UpdateEndpointListItem requestBody: content: @@ -346,7 +343,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: get: - description: Get a list of all endpoint exception list items. + description: Get a list of all Elastic Endpoint exception list items. operationId: FindEndpointListItems parameters: - description: > diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index be6233d6a6fdd..929749e4fa4b0 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -57,7 +57,7 @@ paths: /api/endpoint_list/items: delete: description: >- - Delete an endpoint exception list item using the `id` or `item_id` + Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: @@ -117,8 +117,7 @@ paths: - Security Endpoint Exceptions API get: description: >- - Get the details of an endpoint exception list item using the `id` or - `item_id` field. + Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -179,8 +178,7 @@ paths: - Security Endpoint Exceptions API post: description: >- - Create an endpoint exception list item, and associate it with the - endpoint exception list. + Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. operationId: CreateEndpointListItem requestBody: content: @@ -260,8 +258,7 @@ paths: - Security Endpoint Exceptions API put: description: >- - Update an endpoint exception list item using the `id` or `item_id` - field. + Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: UpdateEndpointListItem requestBody: content: @@ -346,7 +343,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: get: - description: Get a list of all endpoint exception list items. + description: Get a list of all Elastic Endpoint exception list items. operationId: FindEndpointListItems parameters: - description: > From 80429ae76ada1cea56221ed648a8afacf8f66c81 Mon Sep 17 00:00:00 2001 From: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> Date: Wed, 11 Jun 2025 12:45:29 -0400 Subject: [PATCH 03/22] Update x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml Co-authored-by: Ryland Herrick --- .../api/create_endpoint_list/create_endpoint_list.schema.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml index b1fd581b37a28..1f649cf570c19 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: CreateEndpointList summary: Create an endpoint exception list - description: Create an exception list for Elastic Endpoint exceptions or for rules that are associated with Elastic Endpoint rule exceptions. If an Elastic Endpoint exception list already exists, your request will return an empty response. + description: Create the exception list for Elastic Endpoint exceptions. If the Elastic Endpoint exception list already exists, your request will return an empty response. responses: 200: description: Successful response From 0a057bb6953d65cc4b1c14d4c22b68980c79da3d Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Wed, 11 Jun 2025 19:00:55 -0400 Subject: [PATCH 04/22] feedback --- .../api/create_endpoint_list/create_endpoint_list.schema.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml index 1f649cf570c19..4d04e14f8d058 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: CreateEndpointList summary: Create an endpoint exception list - description: Create the exception list for Elastic Endpoint exceptions. If the Elastic Endpoint exception list already exists, your request will return an empty response. + description: Create the exception list for Elastic Endpoint rule exceptions. When you create the exception list, it will have a `list_id` of `endpoint_list`. If the Elastic Endpoint exception list already exists, your request will return an empty response. responses: 200: description: Successful response From f8e64a14d0e9c4533ec17741125fd30f7a85086d Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Fri, 27 Jun 2025 11:21:14 -0400 Subject: [PATCH 05/22] Updated example --- .../api/model/exception_list_common.schema.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml index e1c2a9088e2a9..753d16992909b 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml @@ -17,7 +17,7 @@ components: type: string minLength: 1 format: nonempty - description: Exception list's human readable string identifier, e.g. `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: 'simple_list' ExceptionListType: From f3976fa08b09efab69c0001f37614ec1b5ef3b09 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 18:01:00 +0000 Subject: [PATCH 06/22] [CI] Auto-commit changed files from 'yarn openapi:bundle' --- ...eptions_api_2023_10_31.bundled.schema.yaml | 29 ++++++++++--------- ...eptions_api_2023_10_31.bundled.schema.yaml | 27 +++++++++-------- ...eptions_api_2023_10_31.bundled.schema.yaml | 4 +-- ...eptions_api_2023_10_31.bundled.schema.yaml | 4 +-- 4 files changed, 33 insertions(+), 31 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 7757be3f70b31..8b24178063334 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -14,9 +14,10 @@ paths: /api/endpoint_list: post: description: >- - Create an endpoint exception list, which groups endpoint exception list - items. If an endpoint exception list already exists, an empty response - is returned. + Create the exception list for Elastic Endpoint rule exceptions. When you + create the exception list, it will have a `list_id` of `endpoint_list`. + If the Elastic Endpoint exception list already exists, your request will + return an empty response. operationId: CreateEndpointList responses: '200': @@ -57,8 +58,8 @@ paths: /api/endpoint_list/items: delete: description: >- - Delete an Elastic Endpoint exception list item by using the `id` or `item_id` - field. + Delete an Elastic Endpoint exception list item by using the `id` or + `item_id` field. operationId: DeleteEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -117,7 +118,8 @@ paths: - Security Endpoint Exceptions API get: description: >- - Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. + Get the details of an Elastic Endpoint exception list item by using the + `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -178,7 +180,8 @@ paths: - Security Endpoint Exceptions API post: description: >- - Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. + Create an Elastic Endpoint exception list item, and associate it with + the Elastic Endpoint exception list. operationId: CreateEndpointListItem requestBody: content: @@ -258,7 +261,8 @@ paths: - Security Endpoint Exceptions API put: description: >- - Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. + Update an Elastic Endpoint exception list item by using the `id` or + `item_id` field. operationId: UpdateEndpointListItem requestBody: content: @@ -343,7 +347,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: get: - description: Get a list of all Elastic Endpoint exception list items. + description: Get a list of all Elastic Endpoint exception list items. operationId: FindEndpointListItems parameters: - description: > @@ -526,9 +530,7 @@ components: example: This list tracks allowlisted values. type: string ExceptionListHumanId: - description: >- - Exception list's human readable string identifier, e.g. - `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: simple_list format: nonempty minLength: 1 @@ -966,7 +968,8 @@ security: - BasicAuth: [] tags: - description: >- - The Endpoint Exceptions API allows you to manage exceptions for the Elastic Endpoint rule. Elastic Endpoint exceptions prevent the Elastic Endpoint rule from generating alerts from incoming events + Endpoint Exceptions API allows you to manage detection rule endpoint + exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API x-displayName: Security endpoint exceptions diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 929749e4fa4b0..3954e62816e32 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -14,9 +14,10 @@ paths: /api/endpoint_list: post: description: >- - Create an endpoint exception list, which groups endpoint exception list - items. If an endpoint exception list already exists, an empty response - is returned. + Create the exception list for Elastic Endpoint rule exceptions. When you + create the exception list, it will have a `list_id` of `endpoint_list`. + If the Elastic Endpoint exception list already exists, your request will + return an empty response. operationId: CreateEndpointList responses: '200': @@ -57,8 +58,8 @@ paths: /api/endpoint_list/items: delete: description: >- - Delete an Elastic Endpoint exception list item by using the `id` or `item_id` - field. + Delete an Elastic Endpoint exception list item by using the `id` or + `item_id` field. operationId: DeleteEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -117,7 +118,8 @@ paths: - Security Endpoint Exceptions API get: description: >- - Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. + Get the details of an Elastic Endpoint exception list item by using the + `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -178,7 +180,8 @@ paths: - Security Endpoint Exceptions API post: description: >- - Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. + Create an Elastic Endpoint exception list item, and associate it with + the Elastic Endpoint exception list. operationId: CreateEndpointListItem requestBody: content: @@ -258,7 +261,8 @@ paths: - Security Endpoint Exceptions API put: description: >- - Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. + Update an Elastic Endpoint exception list item by using the `id` or + `item_id` field. operationId: UpdateEndpointListItem requestBody: content: @@ -526,9 +530,7 @@ components: example: This list tracks allowlisted values. type: string ExceptionListHumanId: - description: >- - Exception list's human readable string identifier, e.g. - `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: simple_list format: nonempty minLength: 1 @@ -966,7 +968,8 @@ security: - BasicAuth: [] tags: - description: >- - The Endpoint Exceptions API allows you to manage exceptions for the Elastic Endpoint rule. Elastic Endpoint exceptions prevent the Elastic Endpoint rule from generating alerts from incoming events + Endpoint Exceptions API allows you to manage detection rule endpoint + exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API x-displayName: Security endpoint exceptions diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml index d204554b865da..b17e6449cfa9b 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml @@ -2869,9 +2869,7 @@ components: example: This list tracks allowlisted values. type: string ExceptionListHumanId: - description: >- - Exception list's human readable string identifier, e.g. - `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: simple_list format: nonempty minLength: 1 diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml index 98bff7145de56..da43aa130dc14 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml @@ -2869,9 +2869,7 @@ components: example: This list tracks allowlisted values. type: string ExceptionListHumanId: - description: >- - Exception list's human readable string identifier, e.g. - `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: simple_list format: nonempty minLength: 1 From 2dbabeb492e75cb1036de803d2002496d6589cdb Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 18:21:36 +0000 Subject: [PATCH 07/22] [CI] Auto-commit changed files from 'make api-docs' --- oas_docs/output/kibana.serverless.yaml | 16 ++++++++-------- oas_docs/output/kibana.yaml | 16 ++++++++-------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 2520301e4ba31..9f4b8ed30c3d7 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -10148,7 +10148,7 @@ paths: - Security Detections API /api/endpoint_list: post: - description: Create an endpoint exception list, which groups endpoint exception list items. If an endpoint exception list already exists, an empty response is returned. + description: Create the exception list for Elastic Endpoint rule exceptions. When you create the exception list, it will have a `list_id` of `endpoint_list`. If the Elastic Endpoint exception list already exists, your request will return an empty response. operationId: CreateEndpointList responses: '200': @@ -10188,7 +10188,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items: delete: - description: Delete an endpoint exception list item using the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -10246,7 +10246,7 @@ paths: tags: - Security Endpoint Exceptions API get: - description: Get the details of an endpoint exception list item using the `id` or `item_id` field. + description: Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -10306,7 +10306,7 @@ paths: tags: - Security Endpoint Exceptions API post: - description: Create an endpoint exception list item, and associate it with the endpoint exception list. + description: Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. operationId: CreateEndpointListItem requestBody: content: @@ -10385,7 +10385,7 @@ paths: tags: - Security Endpoint Exceptions API put: - description: Update an endpoint exception list item using the `id` or `item_id` field. + description: Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: UpdateEndpointListItem requestBody: content: @@ -10470,7 +10470,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: get: - description: Get a list of all endpoint exception list items. + description: Get a list of all Elastic Endpoint exception list items. operationId: FindEndpointListItems parameters: - description: | @@ -65076,7 +65076,7 @@ components: example: This list tracks allowlisted values. type: string Security_Endpoint_Exceptions_API_ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: simple_list format: nonempty minLength: 1 @@ -67661,7 +67661,7 @@ components: example: This list tracks allowlisted values. type: string Security_Exceptions_API_ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: simple_list format: nonempty minLength: 1 diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index e610821b2f308..5dcf29942d2cc 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -12307,7 +12307,7 @@ paths: - saved objects /api/endpoint_list: post: - description: Create an endpoint exception list, which groups endpoint exception list items. If an endpoint exception list already exists, an empty response is returned. + description: Create the exception list for Elastic Endpoint rule exceptions. When you create the exception list, it will have a `list_id` of `endpoint_list`. If the Elastic Endpoint exception list already exists, your request will return an empty response. operationId: CreateEndpointList responses: '200': @@ -12347,7 +12347,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items: delete: - description: Delete an endpoint exception list item using the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -12405,7 +12405,7 @@ paths: tags: - Security Endpoint Exceptions API get: - description: Get the details of an endpoint exception list item using the `id` or `item_id` field. + description: Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -12465,7 +12465,7 @@ paths: tags: - Security Endpoint Exceptions API post: - description: Create an endpoint exception list item, and associate it with the endpoint exception list. + description: Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. operationId: CreateEndpointListItem requestBody: content: @@ -12544,7 +12544,7 @@ paths: tags: - Security Endpoint Exceptions API put: - description: Update an endpoint exception list item using the `id` or `item_id` field. + description: Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. operationId: UpdateEndpointListItem requestBody: content: @@ -12629,7 +12629,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: get: - description: Get a list of all endpoint exception list items. + description: Get a list of all Elastic Endpoint exception list items. operationId: FindEndpointListItems parameters: - description: | @@ -74639,7 +74639,7 @@ components: example: This list tracks allowlisted values. type: string Security_Endpoint_Exceptions_API_ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: simple_list format: nonempty minLength: 1 @@ -77224,7 +77224,7 @@ components: example: This list tracks allowlisted values. type: string Security_Exceptions_API_ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `trusted-linux-processes`. + description: Exception list's human readable string identifier, e.g. `endpoint_list`. example: simple_list format: nonempty minLength: 1 From 1efdc6c453e7de23c86b114c5293e7174e1695d5 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 18:43:57 +0000 Subject: [PATCH 08/22] [CI] Auto-commit changed files from 'yarn openapi:generate' --- .../api/model/exception_list_common.gen.ts | 2 +- .../security_solution_endpoint_exceptions_api.gen.ts | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts index 1f4e41bdce711..f65803e676582 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts +++ b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts @@ -27,7 +27,7 @@ export type ExceptionListId = z.infer; export const ExceptionListId = z.string().min(1).superRefine(isNonEmptyString); /** - * Exception list's human readable string identifier, e.g. `trusted-linux-processes`. + * Exception list's human readable string identifier, e.g. `endpoint_list`. */ export type ExceptionListHumanId = z.infer; export const ExceptionListHumanId = z.string().min(1).superRefine(isNonEmptyString); diff --git a/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts b/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts index d8c06801ab5b9..cab463e98c9c7 100644 --- a/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts +++ b/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts @@ -32,7 +32,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) return { /** - * Create an endpoint exception list, which groups endpoint exception list items. If an endpoint exception list already exists, an empty response is returned. + * Create the exception list for Elastic Endpoint rule exceptions. When you create the exception list, it will have a `list_id` of `endpoint_list`. If the Elastic Endpoint exception list already exists, your request will return an empty response. */ createEndpointList(kibanaSpace: string = 'default') { return supertest @@ -42,7 +42,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); }, /** - * Create an endpoint exception list item, and associate it with the endpoint exception list. + * Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. */ createEndpointListItem(props: CreateEndpointListItemProps, kibanaSpace: string = 'default') { return supertest @@ -53,7 +53,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) .send(props.body as object); }, /** - * Delete an endpoint exception list item using the `id` or `item_id` field. + * Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. */ deleteEndpointListItem(props: DeleteEndpointListItemProps, kibanaSpace: string = 'default') { return supertest @@ -64,7 +64,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) .query(props.query); }, /** - * Get a list of all endpoint exception list items. + * Get a list of all Elastic Endpoint exception list items. */ findEndpointListItems(props: FindEndpointListItemsProps, kibanaSpace: string = 'default') { return supertest @@ -75,7 +75,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) .query(props.query); }, /** - * Get the details of an endpoint exception list item using the `id` or `item_id` field. + * Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. */ readEndpointListItem(props: ReadEndpointListItemProps, kibanaSpace: string = 'default') { return supertest @@ -86,7 +86,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) .query(props.query); }, /** - * Update an endpoint exception list item using the `id` or `item_id` field. + * Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. */ updateEndpointListItem(props: UpdateEndpointListItemProps, kibanaSpace: string = 'default') { return supertest From 9790ae0c6358575f1412db13814abd63673de5db Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Fri, 27 Jun 2025 15:41:54 -0400 Subject: [PATCH 09/22] ryland's input pt1 --- .../delete_endpoint_list_item.schema.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml index 48396dea89e8e..fd00102687740 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: DeleteEndpointListItem summary: Delete an endpoint exception list item - description: Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item specified by the `id` or `item_id` field. parameters: - name: id in: query From fab1c9659d271340916737ba99ed55cd9a4d92f9 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 19:59:17 +0000 Subject: [PATCH 10/22] [CI] Auto-commit changed files from 'yarn openapi:bundle' --- ...ution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 2 +- ...ution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 8b24178063334..cf4fa3d018a80 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -58,7 +58,7 @@ paths: /api/endpoint_list/items: delete: description: >- - Delete an Elastic Endpoint exception list item by using the `id` or + Delete an Elastic Endpoint exception list item specified by the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 3954e62816e32..1022795624185 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -58,7 +58,7 @@ paths: /api/endpoint_list/items: delete: description: >- - Delete an Elastic Endpoint exception list item by using the `id` or + Delete an Elastic Endpoint exception list item specified by the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: From 4d20fe3744fcde92b3a7d163844096896a9b43f8 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 20:17:43 +0000 Subject: [PATCH 11/22] [CI] Auto-commit changed files from 'make api-docs' --- oas_docs/output/kibana.serverless.yaml | 2 +- oas_docs/output/kibana.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 9f4b8ed30c3d7..8eb5abdedb578 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -10188,7 +10188,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items: delete: - description: Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item specified by the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: - description: Either `id` or `item_id` must be specified diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index 5dcf29942d2cc..8166affbbd1de 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -12347,7 +12347,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items: delete: - description: Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item specified by the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: - description: Either `id` or `item_id` must be specified From 508cf23a69a5ef42fb47dc2f21ca7bc8b4daef3a Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Fri, 27 Jun 2025 16:38:30 -0400 Subject: [PATCH 12/22] update other descriptions --- .../delete_endpoint_list_item.schema.yaml | 2 +- .../read_endpoint_list_item/read_endpoint_list_item.schema.yaml | 2 +- .../update_endpoint_list_item.schema.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml index fd00102687740..a9ea7cf18230f 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: DeleteEndpointListItem summary: Delete an endpoint exception list item - description: Delete an Elastic Endpoint exception list item specified by the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. parameters: - name: id in: query diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml index f8ad939153fc3..51f56a515eb6c 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: ReadEndpointListItem summary: Get an endpoint exception list item - description: Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Get the details of an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. parameters: - name: id in: query diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml index 90dc3b14cc79f..afda2fcc192a4 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml @@ -9,7 +9,7 @@ paths: x-codegen-enabled: true operationId: UpdateEndpointListItem summary: Update an endpoint exception list item - description: Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. requestBody: description: Exception list item's properties required: true From ff13657211d9fad05abd8bb6a75cdaac016ff811 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 20:55:52 +0000 Subject: [PATCH 13/22] [CI] Auto-commit changed files from 'yarn openapi:bundle' --- ...endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 8 ++++---- ...endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index cf4fa3d018a80..9ed3ab6483729 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -58,7 +58,7 @@ paths: /api/endpoint_list/items: delete: description: >- - Delete an Elastic Endpoint exception list item specified by the `id` or + Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: @@ -118,8 +118,8 @@ paths: - Security Endpoint Exceptions API get: description: >- - Get the details of an Elastic Endpoint exception list item by using the - `id` or `item_id` field. + Get the details of an Elastic Endpoint exception list item, specified by + the `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -261,7 +261,7 @@ paths: - Security Endpoint Exceptions API put: description: >- - Update an Elastic Endpoint exception list item by using the `id` or + Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: UpdateEndpointListItem requestBody: diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 1022795624185..c320533426a4b 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -58,7 +58,7 @@ paths: /api/endpoint_list/items: delete: description: >- - Delete an Elastic Endpoint exception list item specified by the `id` or + Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: @@ -118,8 +118,8 @@ paths: - Security Endpoint Exceptions API get: description: >- - Get the details of an Elastic Endpoint exception list item by using the - `id` or `item_id` field. + Get the details of an Elastic Endpoint exception list item, specified by + the `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -261,7 +261,7 @@ paths: - Security Endpoint Exceptions API put: description: >- - Update an Elastic Endpoint exception list item by using the `id` or + Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: UpdateEndpointListItem requestBody: From 54ca1f1a49d7386c8ed6d1ac581c5eb26750fc28 Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Fri, 27 Jun 2025 17:02:17 -0400 Subject: [PATCH 14/22] Ryland's input pt. 2 --- .../api/model/exception_list_common.schema.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml index 753d16992909b..6f445bbc25d78 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml @@ -17,7 +17,7 @@ components: type: string minLength: 1 format: nonempty - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: 'simple_list' ExceptionListType: From ef76f824eeab9a18a3976b3de8ea914ad886a897 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 21:20:47 +0000 Subject: [PATCH 15/22] [CI] Auto-commit changed files from 'yarn openapi:bundle' --- ...ution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 2 +- ...ution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 2 +- ...urity_solution_exceptions_api_2023_10_31.bundled.schema.yaml | 2 +- ...urity_solution_exceptions_api_2023_10_31.bundled.schema.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 9ed3ab6483729..a715cc135307a 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -530,7 +530,7 @@ components: example: This list tracks allowlisted values. type: string ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: simple_list format: nonempty minLength: 1 diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index c320533426a4b..7eb1557b12718 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -530,7 +530,7 @@ components: example: This list tracks allowlisted values. type: string ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: simple_list format: nonempty minLength: 1 diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml index b17e6449cfa9b..b8150110f0510 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml @@ -2869,7 +2869,7 @@ components: example: This list tracks allowlisted values. type: string ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: simple_list format: nonempty minLength: 1 diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml index da43aa130dc14..b42b1f64de794 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/security_solution_exceptions_api_2023_10_31.bundled.schema.yaml @@ -2869,7 +2869,7 @@ components: example: This list tracks allowlisted values. type: string ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: simple_list format: nonempty minLength: 1 From b311c5495ea021a03de044d37ef05b1251842eea Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 21:39:58 +0000 Subject: [PATCH 16/22] [CI] Auto-commit changed files from 'make api-docs' --- oas_docs/output/kibana.serverless.yaml | 10 +++++----- oas_docs/output/kibana.yaml | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 8eb5abdedb578..07b97666a3ad8 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -10188,7 +10188,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items: delete: - description: Delete an Elastic Endpoint exception list item specified by the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -10246,7 +10246,7 @@ paths: tags: - Security Endpoint Exceptions API get: - description: Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Get the details of an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -10385,7 +10385,7 @@ paths: tags: - Security Endpoint Exceptions API put: - description: Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: UpdateEndpointListItem requestBody: content: @@ -65076,7 +65076,7 @@ components: example: This list tracks allowlisted values. type: string Security_Endpoint_Exceptions_API_ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: simple_list format: nonempty minLength: 1 @@ -67661,7 +67661,7 @@ components: example: This list tracks allowlisted values. type: string Security_Exceptions_API_ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: simple_list format: nonempty minLength: 1 diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index 8166affbbd1de..ff63b54bd5d2a 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -12347,7 +12347,7 @@ paths: - Security Endpoint Exceptions API /api/endpoint_list/items: delete: - description: Delete an Elastic Endpoint exception list item specified by the `id` or `item_id` field. + description: Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: DeleteEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -12405,7 +12405,7 @@ paths: tags: - Security Endpoint Exceptions API get: - description: Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Get the details of an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: ReadEndpointListItem parameters: - description: Either `id` or `item_id` must be specified @@ -12544,7 +12544,7 @@ paths: tags: - Security Endpoint Exceptions API put: - description: Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. + description: Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. operationId: UpdateEndpointListItem requestBody: content: @@ -74639,7 +74639,7 @@ components: example: This list tracks allowlisted values. type: string Security_Endpoint_Exceptions_API_ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: simple_list format: nonempty minLength: 1 @@ -77224,7 +77224,7 @@ components: example: This list tracks allowlisted values. type: string Security_Exceptions_API_ExceptionListHumanId: - description: Exception list's human readable string identifier, e.g. `endpoint_list`. + description: The exception list's human readable string identifier, `endpoint_list`. example: simple_list format: nonempty minLength: 1 From b4cac47404b8b4eb5ec983c0874d7c625613ded3 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 27 Jun 2025 22:03:42 +0000 Subject: [PATCH 17/22] [CI] Auto-commit changed files from 'yarn openapi:generate' --- .../api/model/exception_list_common.gen.ts | 2 +- .../security_solution_endpoint_exceptions_api.gen.ts | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts index f65803e676582..e2d4b402c11de 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts +++ b/x-pack/solutions/security/packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts @@ -27,7 +27,7 @@ export type ExceptionListId = z.infer; export const ExceptionListId = z.string().min(1).superRefine(isNonEmptyString); /** - * Exception list's human readable string identifier, e.g. `endpoint_list`. + * The exception list's human readable string identifier, `endpoint_list`. */ export type ExceptionListHumanId = z.infer; export const ExceptionListHumanId = z.string().min(1).superRefine(isNonEmptyString); diff --git a/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts b/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts index cab463e98c9c7..9827e48ad5a00 100644 --- a/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts +++ b/x-pack/test/api_integration/services/security_solution_endpoint_exceptions_api.gen.ts @@ -53,7 +53,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) .send(props.body as object); }, /** - * Delete an Elastic Endpoint exception list item by using the `id` or `item_id` field. + * Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. */ deleteEndpointListItem(props: DeleteEndpointListItemProps, kibanaSpace: string = 'default') { return supertest @@ -75,7 +75,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) .query(props.query); }, /** - * Get the details of an Elastic Endpoint exception list item by using the `id` or `item_id` field. + * Get the details of an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. */ readEndpointListItem(props: ReadEndpointListItemProps, kibanaSpace: string = 'default') { return supertest @@ -86,7 +86,7 @@ export function SecuritySolutionApiProvider({ getService }: FtrProviderContext) .query(props.query); }, /** - * Update an Elastic Endpoint exception list item by using the `id` or `item_id` field. + * Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. */ updateEndpointListItem(props: UpdateEndpointListItemProps, kibanaSpace: string = 'default') { return supertest From 43cc040ec802d77fd3fbc7c495593416d5c3c2d7 Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Mon, 30 Jun 2025 10:45:06 -0400 Subject: [PATCH 18/22] Updates operation summaries --- .../api/create_endpoint_list/create_endpoint_list.schema.yaml | 2 +- .../create_endpoint_list_item.schema.yaml | 2 +- .../delete_endpoint_list_item.schema.yaml | 2 +- .../find_endpoint_list_item/find_endpoint_list_item.schema.yaml | 2 +- .../read_endpoint_list_item/read_endpoint_list_item.schema.yaml | 2 +- .../update_endpoint_list_item.schema.yaml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml index 4d04e14f8d058..5f91b017e4bb1 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list/create_endpoint_list.schema.yaml @@ -8,7 +8,7 @@ paths: x-labels: [serverless, ess] x-codegen-enabled: true operationId: CreateEndpointList - summary: Create an endpoint exception list + summary: Create an Elastic Endpoint rule exception list description: Create the exception list for Elastic Endpoint rule exceptions. When you create the exception list, it will have a `list_id` of `endpoint_list`. If the Elastic Endpoint exception list already exists, your request will return an empty response. responses: 200: diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.schema.yaml index ac6072b9acf03..6b2b4cee0e2d6 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/create_endpoint_list_item/create_endpoint_list_item.schema.yaml @@ -8,7 +8,7 @@ paths: x-labels: [serverless, ess] x-codegen-enabled: true operationId: CreateEndpointListItem - summary: Create an endpoint exception list item + summary: Create an Elastic Endpoint rule exception list item description: Create an Elastic Endpoint exception list item, and associate it with the Elastic Endpoint exception list. requestBody: description: Exception list item's properties diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml index a9ea7cf18230f..976e578cc7bd8 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/delete_endpoint_list_item/delete_endpoint_list_item.schema.yaml @@ -8,7 +8,7 @@ paths: x-labels: [serverless, ess] x-codegen-enabled: true operationId: DeleteEndpointListItem - summary: Delete an endpoint exception list item + summary: Delete an Elastic Endpoint exception list item description: Delete an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. parameters: - name: id diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.schema.yaml index 881c17868f677..eb80087940495 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/find_endpoint_list_item/find_endpoint_list_item.schema.yaml @@ -8,7 +8,7 @@ paths: x-labels: [serverless, ess] x-codegen-enabled: true operationId: FindEndpointListItems - summary: Get endpoint exception list items + summary: Get Elastic Endpoint exception list items description: Get a list of all Elastic Endpoint exception list items. parameters: - name: filter diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml index 51f56a515eb6c..31a9ebc7b452c 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/read_endpoint_list_item/read_endpoint_list_item.schema.yaml @@ -8,7 +8,7 @@ paths: x-labels: [serverless, ess] x-codegen-enabled: true operationId: ReadEndpointListItem - summary: Get an endpoint exception list item + summary: Get an Elastic Endpoint rule exception list item description: Get the details of an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. parameters: - name: id diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml index afda2fcc192a4..e2b108f5e493e 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/api/update_endpoint_list_item/update_endpoint_list_item.schema.yaml @@ -8,7 +8,7 @@ paths: x-labels: [serverless, ess] x-codegen-enabled: true operationId: UpdateEndpointListItem - summary: Update an endpoint exception list item + summary: Update an Elastic Endpoint rule exception list item description: Update an Elastic Endpoint exception list item, specified by the `id` or `item_id` field. requestBody: description: Exception list item's properties From d00545eca7d78f85d6200c3aaf440012301be5d8 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Mon, 30 Jun 2025 15:02:26 +0000 Subject: [PATCH 19/22] [CI] Auto-commit changed files from 'yarn openapi:bundle' --- ...int_exceptions_api_2023_10_31.bundled.schema.yaml | 12 ++++++------ ...int_exceptions_api_2023_10_31.bundled.schema.yaml | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index a715cc135307a..bb597542306c6 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -52,7 +52,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Create an endpoint exception list + summary: Create an Elastic Endpoint rule exception list tags: - Security Endpoint Exceptions API /api/endpoint_list/items: @@ -113,7 +113,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Delete an endpoint exception list item + summary: Delete an Elastic Endpoint exception list item tags: - Security Endpoint Exceptions API get: @@ -175,7 +175,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Get an endpoint exception list item + summary: Get an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API post: @@ -256,7 +256,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Create an endpoint exception list item + summary: Create an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API put: @@ -342,7 +342,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Update an endpoint exception list item + summary: Update an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: @@ -449,7 +449,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Get endpoint exception list items + summary: Get Elastic Endpoint exception list items tags: - Security Endpoint Exceptions API components: diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 7eb1557b12718..7ddaa51de56ff 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -52,7 +52,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Create an endpoint exception list + summary: Create an Elastic Endpoint rule exception list tags: - Security Endpoint Exceptions API /api/endpoint_list/items: @@ -113,7 +113,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Delete an endpoint exception list item + summary: Delete an Elastic Endpoint exception list item tags: - Security Endpoint Exceptions API get: @@ -175,7 +175,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Get an endpoint exception list item + summary: Get an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API post: @@ -256,7 +256,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Create an endpoint exception list item + summary: Create an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API put: @@ -342,7 +342,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Update an endpoint exception list item + summary: Update an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: @@ -449,7 +449,7 @@ paths: schema: $ref: '#/components/schemas/SiemErrorResponse' description: Internal server error - summary: Get endpoint exception list items + summary: Get Elastic Endpoint exception list items tags: - Security Endpoint Exceptions API components: From 965000ec1f113fa1ade806183ce34034bbc3dab8 Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Mon, 30 Jun 2025 11:16:47 -0400 Subject: [PATCH 20/22] Updates section titles --- .../scripts/openapi_bundle.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/scripts/openapi_bundle.js b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/scripts/openapi_bundle.js index c54e162b6462e..c7d0bd2ddbc89 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/scripts/openapi_bundle.js +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/scripts/openapi_bundle.js @@ -29,7 +29,7 @@ const ROOT = resolve(__dirname, '..'); tags: [ { name: 'Security Endpoint Exceptions API', - 'x-displayName': 'Security endpoint exceptions', + 'x-displayName': 'Security Elastic Endpoint exceptions', description: "Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.", }, @@ -54,7 +54,7 @@ const ROOT = resolve(__dirname, '..'); tags: [ { name: 'Security Endpoint Exceptions API', - 'x-displayName': 'Security endpoint exceptions', + 'x-displayName': 'Security Elastic Endpoint exceptions', description: "Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met.", }, From 4ef09728e2cb747ef2fbe7c352f97ee3869050bc Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Mon, 30 Jun 2025 15:36:07 +0000 Subject: [PATCH 21/22] [CI] Auto-commit changed files from 'yarn openapi:bundle' --- ...ution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 2 +- ...ution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index bb597542306c6..ce5df63434956 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -972,4 +972,4 @@ tags: exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API - x-displayName: Security endpoint exceptions + x-displayName: Security Elastic Endpoint exceptions diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml index 7ddaa51de56ff..f347eb89214b7 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/security_solution_endpoint_exceptions_api_2023_10_31.bundled.schema.yaml @@ -972,4 +972,4 @@ tags: exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API - x-displayName: Security endpoint exceptions + x-displayName: Security Elastic Endpoint exceptions From 2730a7eceb066cf3d500d37239ae8209ab2d3f69 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Mon, 30 Jun 2025 15:54:57 +0000 Subject: [PATCH 22/22] [CI] Auto-commit changed files from 'make api-docs' --- oas_docs/output/kibana.serverless.yaml | 14 +++++++------- oas_docs/output/kibana.yaml | 14 +++++++------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 16818c3d057a0..48c3df88ce75c 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -147,7 +147,7 @@ tags: x-displayName: Security detections - description: Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API - x-displayName: Security endpoint exceptions + x-displayName: Security Elastic Endpoint exceptions - description: Interact with and manage endpoints running the Elastic Defend integration. name: Security Endpoint Management API x-displayName: Security endpoint management @@ -10183,7 +10183,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Create an endpoint exception list + summary: Create an Elastic Endpoint rule exception list tags: - Security Endpoint Exceptions API /api/endpoint_list/items: @@ -10242,7 +10242,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Delete an endpoint exception list item + summary: Delete an Elastic Endpoint exception list item tags: - Security Endpoint Exceptions API get: @@ -10302,7 +10302,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Get an endpoint exception list item + summary: Get an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API post: @@ -10381,7 +10381,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Create an endpoint exception list item + summary: Create an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API put: @@ -10465,7 +10465,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Update an endpoint exception list item + summary: Update an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: @@ -10570,7 +10570,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Get endpoint exception list items + summary: Get Elastic Endpoint exception list items tags: - Security Endpoint Exceptions API /api/endpoint/action: diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index f8906ef509028..053b82b1fd500 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -174,7 +174,7 @@ tags: x-displayName: Security detections - description: Endpoint Exceptions API allows you to manage detection rule endpoint exceptions to prevent a rule from generating an alert from incoming events even when the rule's other criteria are met. name: Security Endpoint Exceptions API - x-displayName: Security endpoint exceptions + x-displayName: Security Elastic Endpoint exceptions - description: Interact with and manage endpoints running the Elastic Defend integration. name: Security Endpoint Management API x-displayName: Security endpoint management @@ -12342,7 +12342,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Create an endpoint exception list + summary: Create an Elastic Endpoint rule exception list tags: - Security Endpoint Exceptions API /api/endpoint_list/items: @@ -12401,7 +12401,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Delete an endpoint exception list item + summary: Delete an Elastic Endpoint exception list item tags: - Security Endpoint Exceptions API get: @@ -12461,7 +12461,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Get an endpoint exception list item + summary: Get an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API post: @@ -12540,7 +12540,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Create an endpoint exception list item + summary: Create an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API put: @@ -12624,7 +12624,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Update an endpoint exception list item + summary: Update an Elastic Endpoint rule exception list item tags: - Security Endpoint Exceptions API /api/endpoint_list/items/_find: @@ -12729,7 +12729,7 @@ paths: schema: $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse' description: Internal server error - summary: Get endpoint exception list items + summary: Get Elastic Endpoint exception list items tags: - Security Endpoint Exceptions API /api/endpoint/action: