[Security Solution] Improve bulk actions API reference docs#228712
Merged
maximpn merged 5 commits intoelastic:mainfrom Jul 28, 2025
Merged
[Security Solution] Improve bulk actions API reference docs#228712maximpn merged 5 commits intoelastic:mainfrom
maximpn merged 5 commits intoelastic:mainfrom
Conversation
maximpn
added
release_note:skip
maximpn
added
the
Feature:Rule Management
Contributor
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Contributor
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Contributor
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
elastic-vault-github-plugin-prod
bot
requested review from
a team
as code owners
approksiu
reviewed
Jul 21, 2025
| ids: | ||
| description: Array of rule IDs. Array of rule IDs to which a bulk action will be applied. Only valid when query property is undefined. | ||
| description: | | ||
| Array of saved object rule IDs to which a bulk action will be applied. Rule signature ID `rule_id` is supported. |
There was a problem hiding this comment.
@maximpn what do you mean by signature?
Contributor
Author
There was a problem hiding this comment.
Since every rule may have two distinct unique identifiers id and rule_id we distinguish them as Saved Object Identifier and Rule Signature Identifier. The latter came from prebuilt rules but custom rules have it anyway. In the codebase multiple functions accept an id/ids and it's hard to say whether id or rule_id identifier should be provided. So we came up with RuleObjectId and RuleSignatureId types to distinguish between these two. For example export rules API endpoint uses a list of rule_id to export specific rule and rule signature is mentioned there.
The problem in the documentation is that rule id and rule_id might be really confusing. The first one means Saved Object ID and the second one means Rule Signature ID. Unfortunately it's not clear from our API reference documentation.
@approksiu Do you think we should stick to some better name or omit rule signature mention from the API reference docs?
There was a problem hiding this comment.
Better to omit if possible, could we phrase like "use rule_id field"? We could add that it corresponds to the unique rule identifier across all rules.
Contributor
Author
There was a problem hiding this comment.
I've adjusted the texts to be
- bulk actions
Array of rule `id`s to which a bulk action will be applied. Do not use rule's `rule_id` here. Only valid when query property is undefined.
- rules export
Array of objects with a rule's `rule_id` field. Do not use rule's `id` here. Exports all rules when unspecified.
Does it look good for you?
maximpn
force-pushed
the
explain-ids-in-api-reference-docs
branch
from
d5d3ac3 to
1f87fa1
Compare
Contributor
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]
History
cc @maximpn |
Contributor
|
Starting backport for target branches: 8.18, 8.19, 9.0, 9.1 https://github.com/elastic/kibana/actions/runs/16580843090 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jul 28, 2025
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jul 28, 2025
Contributor
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
1 task
kibanamachine
added a commit
that referenced
this pull request
Jul 28, 2025
…28712) (#229720) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] Improve bulk actions API reference docs (#228712)](#228712) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-28T21:33:13Z","message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Management","Team:Detection Rule Management","backport:version","v8.18.0","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Solution] Improve bulk actions API reference docs","number":228712,"url":"https://github.com/elastic/kibana/pull/228712","mergeCommit":{"message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","9.1","8.19"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/228712","number":228712,"mergeCommit":{"message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d"}}]}] BACKPORT--> Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
kibanamachine
added a commit
that referenced
this pull request
Jul 28, 2025
…228712) (#229719) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution] Improve bulk actions API reference docs (#228712)](#228712) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-28T21:33:13Z","message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Management","Team:Detection Rule Management","backport:version","v8.18.0","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Solution] Improve bulk actions API reference docs","number":228712,"url":"https://github.com/elastic/kibana/pull/228712","mergeCommit":{"message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","9.1","8.19"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/228712","number":228712,"mergeCommit":{"message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d"}}]}] BACKPORT--> Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
maximpn
added a commit
to maximpn/kibana
that referenced
this pull request
Jul 30, 2025
…228712) ## Summary This PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used. (cherry picked from commit 642f6b3) # Conflicts: # oas_docs/output/kibana.serverless.yaml # oas_docs/output/kibana.yaml # x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.schema.yaml # x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml # x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml
maximpn
added a commit
to maximpn/kibana
that referenced
this pull request
Jul 30, 2025
…228712) ## Summary This PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used. (cherry picked from commit 642f6b3) # Conflicts: # oas_docs/output/kibana.serverless.yaml # oas_docs/output/kibana.yaml # x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.schema.yaml # x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml # x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added
the
backport missing
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
maximpn
added a commit
that referenced
this pull request
Jul 31, 2025
…28712) (#229992) # Backport This will backport the following commits from `main` to `9.0`: - [[Security Solution] Improve bulk actions API reference docs (#228712)](#228712) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-28T21:33:13Z","message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Management","Team:Detection Rule Management","backport:version","v8.18.0","v9.2.0","v9.1.1","v8.19.1"],"title":"[Security Solution] Improve bulk actions API reference docs","number":228712,"url":"https://github.com/elastic/kibana/pull/228712","mergeCommit":{"message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/228712","number":228712,"mergeCommit":{"message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d"}},{"branch":"9.1","label":"v9.1.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/229720","number":229720,"state":"MERGED","mergeCommit":{"sha":"055164ffbfafe4e5d0036a5fb02c0de708278e40","message":"[9.1] [Security Solution] Improve bulk actions API reference docs (#228712) (#229720)\n\n# Backport\n\nThis will backport the following commits from `main` to `9.1`:\n- [[Security Solution] Improve bulk actions API reference docs\n(#228712)](https://github.com/elastic/kibana/pull/228712)\n\n\n\n### Questions ?\nPlease refer to the [Backport tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>"}},{"branch":"8.19","label":"v8.19.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/229719","number":229719,"state":"MERGED","mergeCommit":{"sha":"318e91ad64bd45623693add648026170033ea142","message":"[8.19] [Security Solution] Improve bulk actions API reference docs (#228712) (#229719)\n\n# Backport\n\nThis will backport the following commits from `main` to `8.19`:\n- [[Security Solution] Improve bulk actions API reference docs\n(#228712)](https://github.com/elastic/kibana/pull/228712)\n\n\n\n### Questions ?\nPlease refer to the [Backport tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>"}}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
maximpn
added a commit
that referenced
this pull request
Jul 31, 2025
…228712) (#229993) # Backport This will backport the following commits from `main` to `8.18`: - [[Security Solution] Improve bulk actions API reference docs (#228712)](#228712) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-28T21:33:13Z","message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Management","Team:Detection Rule Management","backport:version","v8.18.0","v9.2.0","v9.1.1","v8.19.1"],"title":"[Security Solution] Improve bulk actions API reference docs","number":228712,"url":"https://github.com/elastic/kibana/pull/228712","mergeCommit":{"message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/228712","number":228712,"mergeCommit":{"message":"[Security Solution] Improve bulk actions API reference docs (#228712)\n\n## Summary\n\nThis PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.","sha":"642f6b328be19a4e542a57c9cdfd6874e6c5978d"}},{"branch":"9.1","label":"v9.1.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/229720","number":229720,"state":"MERGED","mergeCommit":{"sha":"055164ffbfafe4e5d0036a5fb02c0de708278e40","message":"[9.1] [Security Solution] Improve bulk actions API reference docs (#228712) (#229720)\n\n# Backport\n\nThis will backport the following commits from `main` to `9.1`:\n- [[Security Solution] Improve bulk actions API reference docs\n(#228712)](https://github.com/elastic/kibana/pull/228712)\n\n\n\n### Questions ?\nPlease refer to the [Backport tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>"}},{"branch":"8.19","label":"v8.19.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/229719","number":229719,"state":"MERGED","mergeCommit":{"sha":"318e91ad64bd45623693add648026170033ea142","message":"[8.19] [Security Solution] Improve bulk actions API reference docs (#228712) (#229719)\n\n# Backport\n\nThis will backport the following commits from `main` to `8.19`:\n- [[Security Solution] Improve bulk actions API reference docs\n(#228712)](https://github.com/elastic/kibana/pull/228712)\n\n\n\n### Questions ?\nPlease refer to the [Backport tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>"}}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
kibanamachine
added
v8.18.5
and removed
backport missing
delanni
pushed a commit
to delanni/kibana
that referenced
this pull request
Aug 5, 2025
…228712) ## Summary This PR improves description on rule bulk action `ids` to make it clear rule's saved object ID is used.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR improves description on rule bulk action
idsto make it clear rule's saved object ID is used.