elastic · hop-dev · Sep 2, 2025 · Aug 28, 2025 · Aug 28, 2025 · Aug 28, 2025
@@ -9,5 +9,4 @@ export * from './asset_criticality';
 export * from './risk_engine';
 export * from './entity_store';
 export * from './monitoring';
-
 export type { EntityAnalyticsPrivileges } from './common';
@@ -31,16 +31,16 @@ export const MonitoringEngineDescriptor = z.object({
   status: PrivilegeMonitoringEngineStatus,
 });
 
-export type EngineComponentResource = z.infer<typeof EngineComponentResource>;
-export const EngineComponentResource = z.enum(['privmon_engine', 'index', 'task']);
-export type EngineComponentResourceEnum = typeof EngineComponentResource.enum;
-export const EngineComponentResourceEnum = EngineComponentResource.enum;
+export type MonitoringEngineComponentResource = z.infer<typeof MonitoringEngineComponentResource>;
+export const MonitoringEngineComponentResource = z.enum(['privmon_engine', 'index', 'task']);
+export type MonitoringEngineComponentResourceEnum = typeof MonitoringEngineComponentResource.enum;
+export const MonitoringEngineComponentResourceEnum = MonitoringEngineComponentResource.enum;
 
-export type EngineComponentStatus = z.infer<typeof EngineComponentStatus>;
-export const EngineComponentStatus = z.object({
+export type MonitoringEngineComponentStatus = z.infer<typeof MonitoringEngineComponentStatus>;
+export const MonitoringEngineComponentStatus = z.object({
   id: z.string(),
   installed: z.boolean(),
-  resource: EngineComponentResource,
+  resource: MonitoringEngineComponentResource,
   health: z.enum(['green', 'yellow', 'red', 'unknown']).optional(),
   errors: z
     .array(

@@ -23,7 +23,7 @@ components:
         - disabled
         - not_installed
 
-    EngineComponentStatus:
+    MonitoringEngineComponentStatus:
       type: object
       required:
         - id
@@ -35,7 +35,7 @@ components:
         installed:
           type: boolean
         resource:
-          $ref: "#/components/schemas/EngineComponentResource"
+          $ref: "#/components/schemas/MonitoringEngineComponentResource"
         health:
           type: string
           enum:
@@ -53,7 +53,7 @@ components:
               message:
                 type: string
 
-    EngineComponentResource:
+    MonitoringEngineComponentResource:
       type: string
       enum:
         - privmon_engine

@@ -0,0 +1,11 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export * from './delete.gen';
+export * from './disable.gen';
+export * from './init.gen';
+export * from './schedule_now.gen';
@@ -5,4 +5,12 @@
  * 2.0.
  */
 
+export * from './monitoring_entity_source/monitoring_entity_source.gen';
+export * from './privileged_access_detection';
+export * from './engine';
+export * from './users';
+export * from './common.gen';
+export * from './health.gen';
+export * from './privileges.gen';
 export * from './search_indices.gen';
+export * from './create_index.gen';
@@ -0,0 +1,9 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export * from './install.gen';
+export * from './status.gen';
@@ -0,0 +1,13 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export * from './common.gen';
+export * from './create.gen';
+export * from './delete.gen';
+export * from './list.gen';
+export * from './update.gen';
+export * from './upload_csv.gen';
@@ -17,3 +17,4 @@ export * from './entity_calculation_route.gen';
 export * from './get_risk_engine_privileges.gen';
 export * from './engine_cleanup_route.gen';
 export * from './engine_configure_saved_object_route.gen';
+export * from './engine_schedule_now_route.gen';
@@ -263,18 +263,14 @@ import type {
   CreatePrivilegesImportIndexRequestBodyInput,
   CreatePrivilegesImportIndexResponse,
 } from './entity_analytics/monitoring/create_index.gen';
-import type {
-  SearchPrivilegesIndicesRequestQueryInput,
-  SearchPrivilegesIndicesResponse,
-} from './entity_analytics/monitoring/search_indices.gen';
 import type {
   DeleteMonitoringEngineRequestQueryInput,
   DeleteMonitoringEngineResponse,
-} from './entity_analytics/privilege_monitoring/engine/delete.gen';
-import type { DisableMonitoringEngineResponse } from './entity_analytics/privilege_monitoring/engine/disable.gen';
-import type { InitMonitoringEngineResponse } from './entity_analytics/privilege_monitoring/engine/init.gen';
-import type { ScheduleMonitoringEngineResponse } from './entity_analytics/privilege_monitoring/engine/schedule_now.gen';
-import type { PrivMonHealthResponse } from './entity_analytics/privilege_monitoring/health.gen';
+} from './entity_analytics/monitoring/engine/delete.gen';
+import type { DisableMonitoringEngineResponse } from './entity_analytics/monitoring/engine/disable.gen';
+import type { InitMonitoringEngineResponse } from './entity_analytics/monitoring/engine/init.gen';
+import type { ScheduleMonitoringEngineResponse } from './entity_analytics/monitoring/engine/schedule_now.gen';
+import type { PrivMonHealthResponse } from './entity_analytics/monitoring/health.gen';
 import type {
   CreateEntitySourceRequestBodyInput,
   CreateEntitySourceResponse,
@@ -286,28 +282,32 @@ import type {
   UpdateEntitySourceRequestParamsInput,
   UpdateEntitySourceRequestBodyInput,
   UpdateEntitySourceResponse,
-} from './entity_analytics/privilege_monitoring/monitoring_entity_source/monitoring_entity_source.gen';
-import type { InstallPrivilegedAccessDetectionPackageResponse } from './entity_analytics/privilege_monitoring/privileged_access_detection/install.gen';
-import type { GetPrivilegedAccessDetectionPackageStatusResponse } from './entity_analytics/privilege_monitoring/privileged_access_detection/status.gen';
-import type { PrivMonPrivilegesResponse } from './entity_analytics/privilege_monitoring/privileges.gen';
+} from './entity_analytics/monitoring/monitoring_entity_source/monitoring_entity_source.gen';
+import type { InstallPrivilegedAccessDetectionPackageResponse } from './entity_analytics/monitoring/privileged_access_detection/install.gen';
+import type { GetPrivilegedAccessDetectionPackageStatusResponse } from './entity_analytics/monitoring/privileged_access_detection/status.gen';
+import type { PrivMonPrivilegesResponse } from './entity_analytics/monitoring/privileges.gen';
+import type {
+  SearchPrivilegesIndicesRequestQueryInput,
+  SearchPrivilegesIndicesResponse,
+} from './entity_analytics/monitoring/search_indices.gen';
 import type {
   CreatePrivMonUserRequestBodyInput,
   CreatePrivMonUserResponse,
-} from './entity_analytics/privilege_monitoring/users/create.gen';
+} from './entity_analytics/monitoring/users/create.gen';
 import type {
   DeletePrivMonUserRequestParamsInput,
   DeletePrivMonUserResponse,
-} from './entity_analytics/privilege_monitoring/users/delete.gen';
+} from './entity_analytics/monitoring/users/delete.gen';
 import type {
   ListPrivMonUsersRequestQueryInput,
   ListPrivMonUsersResponse,
-} from './entity_analytics/privilege_monitoring/users/list.gen';
+} from './entity_analytics/monitoring/users/list.gen';
 import type {
   UpdatePrivMonUserRequestParamsInput,
   UpdatePrivMonUserRequestBodyInput,
   UpdatePrivMonUserResponse,
-} from './entity_analytics/privilege_monitoring/users/update.gen';
-import type { PrivmonBulkUploadUsersCSVResponse } from './entity_analytics/privilege_monitoring/users/upload_csv.gen';
+} from './entity_analytics/monitoring/users/update.gen';
+import type { PrivmonBulkUploadUsersCSVResponse } from './entity_analytics/monitoring/users/upload_csv.gen';
 import type { CleanUpRiskEngineResponse } from './entity_analytics/risk_engine/engine_cleanup_route.gen';
 import type {
   ConfigureRiskEngineSavedObjectRequestBodyInput,

@@ -9,7 +9,8 @@ export * from './asset_criticality/constants';
 export * from './risk_engine/constants';
 export * from './risk_score/constants';
 export * from './migrations/constants';
-export * from './privilege_monitoring/constants';
+export * from './privileged_user_monitoring/constants';
+export * from './entity_store/constants';
 
 export const API_VERSIONS = {
   public: {

@@ -5,14 +5,38 @@
  * 2.0.
  */
 
-export const PRIVMON_PUBLIC_URL = `/api/entity_analytics/monitoring` as const;
-export const PRIVMON_ENGINE_PUBLIC_URL = `${PRIVMON_PUBLIC_URL}/engine` as const;
-export const PRIVMON_USER_PUBLIC_CSV_UPLOAD_URL = `${PRIVMON_PUBLIC_URL}/users/_csv` as const;
-export const PRIVMON_PUBLIC_INIT = `${PRIVMON_PUBLIC_URL}/engine/init` as const;
-export const getPrivmonMonitoringSourceByIdUrl = (id: string) =>
-  `${PRIVMON_PUBLIC_URL}/entity_source/${id}` as const;
+// Static index names: may be more obvious and easier to manage.
+export const PRIVMON_BASE_INDEX_NAME = '.entity_analytics.monitoring';
+export const ML_ANOMALIES_INDEX = '.ml-anomalies-shared';
 
+// CSV Upload
 export const PRIVMON_USERS_CSV_MAX_SIZE_BYTES = 1024 * 1024; // 1MB
 export const PRIVMON_USERS_CSV_SIZE_TOLERANCE_BYTES = 1024 * 50; // ~= 50kb
 export const PRIVMON_USERS_CSV_MAX_SIZE_BYTES_WITH_TOLERANCE =
   PRIVMON_USERS_CSV_MAX_SIZE_BYTES + PRIVMON_USERS_CSV_SIZE_TOLERANCE_BYTES;
+
+const MONITORING_URL = `/api/entity_analytics/monitoring` as const;
+
+// Monitoring users URLs
+export const MONITORING_USERS_URL = `${MONITORING_URL}/users` as const;
+export const MONITORING_USERS_CSV_UPLOAD_URL = `${MONITORING_USERS_URL}/_csv` as const;
+export const MONITORING_USERS_LIST_URL = `${MONITORING_USERS_URL}/list` as const;
+
+// Monitoring entity source URLs
+export const MONITORING_ENTITY_SOURCE_URL = `${MONITORING_URL}/entity_source` as const;
+export const MONITORING_ENTITY_LIST_SOURCES_URL = `${MONITORING_ENTITY_SOURCE_URL}/list` as const;
+export const getPrivmonMonitoringSourceByIdUrl = (id: string) =>
+  `${MONITORING_ENTITY_SOURCE_URL}/${id}` as const;
+
+// Privilege Monitoring URLs
+const PRIVMON_URL = `${MONITORING_URL}/privileges` as const;
+export const PRIVMON_PRIVILEGE_CHECK_API = `${PRIVMON_URL}/privileges`;
+export const PRIVMON_INDICES_URL = `${PRIVMON_URL}/indices` as const;
+export const PRIVMON_HEALTH_URL = `${PRIVMON_URL}/health` as const;
+
+// Monitoring Engine URLs
+const MONITORING_ENGINE_URL = `${MONITORING_URL}/engine` as const;
+export const MONITORING_ENGINE_INIT_URL = `${MONITORING_ENGINE_URL}/init` as const;
+export const MONITORING_ENGINE_SCHEDULE_NOW_URL = `${MONITORING_ENGINE_URL}/schedule_now` as const;
+export const MONITORING_ENGINE_DELETE_URL = `${MONITORING_ENGINE_URL}/delete` as const;
+export const MONITORING_ENGINE_DISABLE_URL = `${MONITORING_ENGINE_URL}/disable` as const;
@@ -8,12 +8,16 @@
 import {
   ML_ANOMALIES_INDEX,
   RISK_SCORE_INDEX_PATTERN,
-  privilegedMonitorBaseIndexName,
+  PRIVMON_BASE_INDEX_NAME,
 } from '../constants';
 import { getAlertsIndex } from '../utils';
 
+// Default index for privileged monitoring users.
+export const defaultMonitoringUsersIndex = (namespace: string) =>
+  `entity_analytics.privileged_monitoring.${namespace}`;
+
 export const getPrivilegedMonitorUsersIndex = (namespace: string) =>
-  `${privilegedMonitorBaseIndexName}.users-${namespace}`;
+  `${PRIVMON_BASE_INDEX_NAME}.users-${namespace}`;
 
 // At the moment, this only includes the privileges required for reading dashboards.
 export const getPrivilegeUserMonitoringRequiredEsIndexPrivileges = (namespace: string) => ({