diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml
index 8a284eb062a53..6291b2d9d64e8 100644
--- a/oas_docs/output/kibana.serverless.yaml
+++ b/oas_docs/output/kibana.serverless.yaml
@@ -43444,3229 +43444,92 @@ paths:
items:
items:
anyOf:
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
- type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
- type: string
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: true
- type: object
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
- maxItems: 100
- type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- password:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
- maxItems: 10000
- type: array
- page:
- type: number
- perPage:
- type: number
- total:
- type: number
- required:
- - items
- - total
- - page
- - perPage
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Get outputs
- tags:
- - Fleet outputs
- x-metaTags:
- - content: Kibana, Elastic Cloud Serverless
- name: product_name
- post:
- description: |-
- **Spaces method and path for this operation:**
-
- post /s/{space_id}/api/fleet/outputs
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-all.
- operationId: post-fleet-outputs
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- requestBody:
- content:
- application/json:
- schema:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- ssl:
- additionalProperties: false
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: false
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
- type: string
- shipper:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- ssl:
- additionalProperties: false
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
- type: string
- required:
- - name
- - type
- - hosts
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: false
- type: object
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
- maxItems: 100
- type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: false
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: false
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- password:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: false
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
- type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
- type: string
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: true
- type: object
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
- maxItems: 100
- type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- password:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
- required:
- - item
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Create output
- tags:
- - Fleet outputs
- x-metaTags:
- - content: Kibana, Elastic Cloud Serverless
- name: product_name
- /api/fleet/outputs/{outputId}:
- delete:
- description: |-
- **Spaces method and path for this operation:**
-
- delete /s/{space_id}/api/fleet/outputs/{outputId}
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Delete output by ID.
[Required authorization] Route required privileges: fleet-settings-all.
- operationId: delete-fleet-outputs-outputid
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- - in: path
- name: outputId
- required: true
- schema:
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- id:
- type: string
- required:
- - id
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- '404':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: Not found.
- summary: Delete output
- tags:
- - Fleet outputs
- x-metaTags:
- - content: Kibana, Elastic Cloud Serverless
- name: product_name
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/outputs/{outputId}
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Get output by ID.
[Required authorization] Route required privileges: fleet-settings-read OR fleet-agent-policies-read.
- operationId: get-fleet-outputs-outputid
- parameters:
- - in: path
- name: outputId
- required: true
- schema:
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
- type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
- type: string
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: true
- type: object
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
- maxItems: 100
- type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- password:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_kafka'
+ maxItems: 10000
+ type: array
+ page:
+ type: number
+ perPage:
+ type: number
+ total:
+ type: number
+ required:
+ - items
+ - total
+ - page
+ - perPage
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Get outputs
+ tags:
+ - Fleet outputs
+ x-metaTags:
+ - content: Kibana, Elastic Cloud Serverless
+ name: product_name
+ post:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ post /s/{space_id}/api/fleet/outputs
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-settings-all.
+ operationId: post-fleet-outputs
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ requestBody:
+ content:
+ application/json:
+ schema:
+ anyOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_new_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_new_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_new_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_new_output_kafka'
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ anyOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_kafka'
required:
- item
description: 'OK: A successful request.'
@@ -46691,22 +43554,23 @@ paths:
- message
- attributes
description: A bad request.
- summary: Get output
+ summary: Create output
tags:
- Fleet outputs
x-metaTags:
- content: Kibana, Elastic Cloud Serverless
name: product_name
- put:
+ /api/fleet/outputs/{outputId}:
+ delete:
description: |-
**Spaces method and path for this operation:**
- put /s/{space_id}/api/fleet/outputs/{outputId}
+ delete /s/{space_id}/api/fleet/outputs/{outputId}
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
- Update output by ID.
[Required authorization] Route required privileges: fleet-settings-all OR fleet-agent-policies-all.
- operationId: put-fleet-outputs-outputid
+ Delete output by ID.
[Required authorization] Route required privileges: fleet-settings-all.
+ operationId: delete-fleet-outputs-outputid
parameters:
- description: A required header to protect against CSRF attacks
in: header
@@ -46720,152 +43584,155 @@ paths:
required: true
schema:
type: string
- requestBody:
- content:
- application/json:
- schema:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- type: boolean
- is_default_monitoring:
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- ssl:
- additionalProperties: false
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ '404':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: Not found.
+ summary: Delete output
+ tags:
+ - Fleet outputs
+ x-metaTags:
+ - content: Kibana, Elastic Cloud Serverless
+ name: product_name
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/outputs/{outputId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Get output by ID.
[Required authorization] Route required privileges: fleet-settings-read OR fleet-agent-policies-read.
+ operationId: get-fleet-outputs-outputid
+ parameters:
+ - in: path
+ name: outputId
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ anyOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_kafka'
+ required:
+ - item
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Get output
+ tags:
+ - Fleet outputs
+ x-metaTags:
+ - content: Kibana, Elastic Cloud Serverless
+ name: product_name
+ put:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ put /s/{space_id}/api/fleet/outputs/{outputId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Update output by ID.
[Required authorization] Route required privileges: fleet-settings-all OR fleet-agent-policies-all.
+ operationId: put-fleet-outputs-outputid
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ - in: path
+ name: outputId
+ required: true
+ schema:
+ type: string
+ requestBody:
+ content:
+ application/json:
+ schema:
+ anyOf:
- additionalProperties: false
type: object
properties:
@@ -46900,12 +43767,6 @@ paths:
type: boolean
is_preconfigured:
type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
name:
type: string
preset:
@@ -46923,18 +43784,6 @@ paths:
additionalProperties: false
type: object
properties:
- service_token:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
ssl:
additionalProperties: false
type: object
@@ -46951,9 +43800,6 @@ paths:
required:
- id
- type: string
- service_token:
- nullable: true
- type: string
shipper:
additionalProperties: false
nullable: true
@@ -47021,13 +43867,9 @@ paths:
- certificate
- strict
type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
type:
enum:
- - remote_elasticsearch
+ - elasticsearch
type: string
write_to_logs_streams:
nullable: true
@@ -47051,6 +43893,7 @@ paths:
type: string
hosts:
items:
+ format: uri
type: string
maxItems: 10
minItems: 1
@@ -47065,8 +43908,22 @@ paths:
type: boolean
is_preconfigured:
type: boolean
+ kibana_api_key:
+ nullable: true
+ type: string
+ kibana_url:
+ nullable: true
+ type: string
name:
type: string
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
+ type: string
proxy_id:
nullable: true
type: string
@@ -47074,6 +43931,18 @@ paths:
additionalProperties: false
type: object
properties:
+ service_token:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
ssl:
additionalProperties: false
type: object
@@ -47090,6 +43959,9 @@ paths:
required:
- id
- type: string
+ service_token:
+ nullable: true
+ type: string
shipper:
additionalProperties: false
nullable: true
@@ -47157,10 +44029,17 @@ paths:
- certificate
- strict
type: string
+ sync_integrations:
+ type: boolean
+ sync_uninstalled_integrations:
+ type: boolean
type:
enum:
- - logstash
+ - remote_elasticsearch
type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
- additionalProperties: false
type: object
properties:
@@ -47169,82 +44048,15 @@ paths:
type: string
maxItems: 1000
type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
ca_sha256:
nullable: true
type: string
ca_trusted_fingerprint:
nullable: true
type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
config_yaml:
nullable: true
type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: false
- type: object
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
- maxItems: 100
- type: array
hosts:
items:
type: string
@@ -47254,95 +44066,22 @@ paths:
id:
type: string
is_default:
- default: false
type: boolean
is_default_monitoring:
- default: false
type: boolean
is_internal:
type: boolean
is_preconfigured:
type: boolean
- key:
- type: string
name:
type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
proxy_id:
nullable: true
type: string
- random:
- additionalProperties: false
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: false
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
secrets:
additionalProperties: false
type: object
- properties:
- password:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
+ properties:
ssl:
additionalProperties: false
type: object
@@ -47359,8 +44098,6 @@ paths:
required:
- id
- type: string
- required:
- - key
shipper:
additionalProperties: false
nullable: true
@@ -47414,810 +44151,333 @@ paths:
properties:
certificate:
type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - compression_level
- - connection_type
- - username
- - password
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
- type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
+ certificate_authorities:
+ items:
type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ type:
+ enum:
+ - logstash
+ type: string
+ - additionalProperties: false
+ type: object
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ auth_type:
+ enum:
+ - none
+ - user_pass
+ - ssl
+ - kerberos
+ type: string
+ broker_timeout:
+ type: number
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ client_id:
+ type: string
+ compression:
+ enum:
+ - gzip
+ - snappy
+ - lz4
+ - none
+ type: string
+ compression_level:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: number
+ - not: {}
+ config_yaml:
+ nullable: true
+ type: string
+ connection_type:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - enum:
+ - plaintext
+ - encryption
+ type: string
+ - not: {}
+ hash:
+ additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ random:
+ type: boolean
+ headers:
+ items:
+ additionalProperties: false
type: object
properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
+ key:
type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
+ value:
type: string
required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: true
+ - key
+ - value
+ maxItems: 100
+ type: array
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ key:
+ type: string
+ name:
+ type: string
+ partition:
+ enum:
+ - random
+ - round_robin
+ - hash
+ type: string
+ password:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - not: {}
+ - anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ proxy_id:
+ nullable: true
+ type: string
+ random:
+ additionalProperties: false
+ type: object
+ properties:
+ group_events:
+ type: number
+ required_acks:
+ enum:
+ - 1
+ - 0
+ - -1
+ type: integer
+ round_robin:
+ additionalProperties: false
+ type: object
+ properties:
+ group_events:
+ type: number
+ sasl:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ mechanism:
+ enum:
+ - PLAIN
+ - SCRAM-SHA-256
+ - SCRAM-SHA-512
+ type: string
+ secrets:
+ additionalProperties: false
+ type: object
+ properties:
+ password:
+ anyOf:
+ - additionalProperties: false
type: object
properties:
- key:
+ hash:
type: string
- value:
+ id:
type: string
required:
- - key
- - value
- maxItems: 100
- type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- password:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
+ - id
+ - type: string
+ ssl:
+ additionalProperties: false
+ type: object
+ properties:
+ key:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ required:
+ - key
+ shipper:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
+ required:
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ certificate:
+ type: string
+ certificate_authorities:
+ items:
type: string
- required:
- - name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ timeout:
+ type: number
+ topic:
+ type: string
+ type:
+ enum:
+ - kafka
+ type: string
+ username:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ version:
+ type: string
+ required:
+ - name
+ - compression_level
+ - connection_type
+ - username
+ - password
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ anyOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_kafka'
required:
- item
description: 'OK: A successful request.'
@@ -70798,26 +67058,219 @@ components:
type: object
properties:
data_view:
- description: The data view object.
+ description: The data view object.
+ type: object
+ properties:
+ allowNoIndex:
+ $ref: '#/components/schemas/Data_views_allownoindex'
+ fieldAttrs:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_fieldattrs'
+ type: object
+ fieldFormats:
+ $ref: '#/components/schemas/Data_views_fieldformats'
+ fields:
+ type: object
+ id:
+ type: string
+ name:
+ description: The data view name.
+ type: string
+ namespaces:
+ $ref: '#/components/schemas/Data_views_namespaces'
+ runtimeFieldMap:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_runtimefieldmap'
+ type: object
+ sourceFilters:
+ $ref: '#/components/schemas/Data_views_sourcefilters'
+ timeFieldName:
+ $ref: '#/components/schemas/Data_views_timefieldname'
+ title:
+ $ref: '#/components/schemas/Data_views_title'
+ type:
+ $ref: '#/components/schemas/Data_views_type'
+ typeMeta:
+ $ref: '#/components/schemas/Data_views_typemeta'
+ version:
+ type: string
+ required:
+ - title
+ override:
+ default: false
+ description: Override an existing data view if a data view with the provided title already exists.
+ type: boolean
+ required:
+ - data_view
+ Data_views_data_view_response_object:
+ title: Data view response properties
+ type: object
+ properties:
+ data_view:
+ type: object
+ properties:
+ allowNoIndex:
+ $ref: '#/components/schemas/Data_views_allownoindex'
+ fieldAttrs:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_fieldattrs'
+ type: object
+ fieldFormats:
+ $ref: '#/components/schemas/Data_views_fieldformats'
+ fields:
+ type: object
+ id:
+ example: ff959d40-b880-11e8-a6d9-e546fe2bba5f
+ type: string
+ name:
+ description: The data view name.
+ type: string
+ namespaces:
+ $ref: '#/components/schemas/Data_views_namespaces'
+ runtimeFieldMap:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_runtimefieldmap'
+ type: object
+ sourceFilters:
+ $ref: '#/components/schemas/Data_views_sourcefilters'
+ timeFieldName:
+ $ref: '#/components/schemas/Data_views_timefieldname'
+ title:
+ $ref: '#/components/schemas/Data_views_title'
+ typeMeta:
+ $ref: '#/components/schemas/Data_views_typemeta_response'
+ version:
+ example: WzQ2LDJd
+ type: string
+ Data_views_fieldattrs:
+ description: A map of field attributes by field name.
+ type: object
+ properties:
+ count:
+ description: Popularity count for the field.
+ type: integer
+ customDescription:
+ description: Custom description for the field.
+ maxLength: 300
+ type: string
+ customLabel:
+ description: Custom label for the field.
+ type: string
+ Data_views_fieldformats:
+ description: A map of field formats by field name.
+ type: object
+ Data_views_namespaces:
+ description: An array of space identifiers for sharing the data view between multiple spaces.
+ items:
+ default: default
+ type: string
+ type: array
+ Data_views_runtimefieldmap:
+ description: A map of runtime field definitions by field name.
+ type: object
+ properties:
+ script:
+ type: object
+ properties:
+ source:
+ description: Script for the runtime field.
+ type: string
+ type:
+ description: Mapping type of the runtime field.
+ type: string
+ required:
+ - script
+ - type
+ Data_views_sourcefilters:
+ description: The array of field names you want to filter out in Discover.
+ items:
+ type: object
+ properties:
+ value:
+ type: string
+ required:
+ - value
+ type: array
+ Data_views_swap_data_view_request_object:
+ title: Data view reference swap request
+ type: object
+ properties:
+ delete:
+ description: Deletes referenced saved object if all references are removed.
+ type: boolean
+ forId:
+ description: Limit the affected saved objects to one or more by identifier.
+ oneOf:
+ - type: string
+ - items:
+ type: string
+ type: array
+ forType:
+ description: Limit the affected saved objects by type.
+ type: string
+ fromId:
+ description: The saved object reference to change.
+ type: string
+ fromType:
+ description: |
+ Specify the type of the saved object reference to alter. The default value is `index-pattern` for data views.
+ type: string
+ toId:
+ description: New saved object reference value to replace the old value.
+ type: string
+ required:
+ - fromId
+ - toId
+ Data_views_timefieldname:
+ description: The timestamp field name, which you use for time-based data views.
+ type: string
+ Data_views_title:
+ description: Comma-separated list of data streams, indices, and aliases that you want to search. Supports wildcards (`*`).
+ type: string
+ Data_views_type:
+ description: When set to `rollup`, identifies the rollup data views.
+ type: string
+ Data_views_typemeta:
+ description: When you use rollup indices, contains the field list for the rollup data view API endpoints.
+ type: object
+ properties:
+ aggs:
+ description: A map of rollup restrictions by aggregation type and field name.
+ type: object
+ params:
+ description: Properties for retrieving rollup fields.
+ type: object
+ required:
+ - aggs
+ - params
+ Data_views_typemeta_response:
+ description: When you use rollup indices, contains the field list for the rollup data view API endpoints.
+ nullable: true
+ type: object
+ properties:
+ aggs:
+ description: A map of rollup restrictions by aggregation type and field name.
+ type: object
+ params:
+ description: Properties for retrieving rollup fields.
+ type: object
+ Data_views_update_data_view_request_object:
+ title: Update data view request
+ type: object
+ properties:
+ data_view:
+ description: |
+ The data view properties you want to update. Only the specified properties are updated in the data view. Unspecified fields stay as they are persisted.
type: object
properties:
allowNoIndex:
$ref: '#/components/schemas/Data_views_allownoindex'
- fieldAttrs:
- additionalProperties:
- $ref: '#/components/schemas/Data_views_fieldattrs'
- type: object
fieldFormats:
$ref: '#/components/schemas/Data_views_fieldformats'
fields:
type: object
- id:
- type: string
name:
- description: The data view name.
type: string
- namespaces:
- $ref: '#/components/schemas/Data_views_namespaces'
runtimeFieldMap:
additionalProperties:
$ref: '#/components/schemas/Data_views_runtimefieldmap'
@@ -70829,265 +67282,657 @@ components:
title:
$ref: '#/components/schemas/Data_views_title'
type:
- $ref: '#/components/schemas/Data_views_type'
- typeMeta:
- $ref: '#/components/schemas/Data_views_typemeta'
- version:
+ $ref: '#/components/schemas/Data_views_type'
+ typeMeta:
+ $ref: '#/components/schemas/Data_views_typemeta'
+ refresh_fields:
+ default: false
+ description: Reloads the data view fields after the data view is updated.
+ type: boolean
+ required:
+ - data_view
+ Kibana_HTTP_APIs__zod_v4_3___schema0:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ objects:
+ additionalProperties: false
+ type: object
+ properties:
+ all:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - all
+ required:
+ - objects
+ - additionalProperties: false
+ type: object
+ properties:
+ objects:
+ additionalProperties: false
+ type: object
+ properties:
+ mappings:
+ type: boolean
+ queries:
+ items:
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ type: array
+ routing:
+ items:
+ allOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0'
+ - type: object
+ properties:
+ destination:
+ type: string
+ required:
+ - destination
+ type: array
+ required:
+ - mappings
+ - queries
+ - routing
+ required:
+ - objects
+ Kibana_HTTP_APIs_ClassicFieldDefinition:
+ additionalProperties:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinitionConfig'
+ type: object
+ Kibana_HTTP_APIs_ClassicFieldDefinitionConfig:
+ allOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord'
+ - anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ format:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ type:
+ enum:
+ - keyword
+ - match_only_text
+ - long
+ - double
+ - date
+ - boolean
+ - ip
+ - geo_point
+ - integer
+ - short
+ - byte
+ - float
+ - half_float
+ - text
+ - wildcard
+ - version
+ - unsigned_long
+ - date_nanos
+ type: string
+ required:
+ - type
+ - additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ type:
+ enum:
+ - system
+ type: string
+ required:
+ - type
+ Kibana_HTTP_APIs_ClassicStreamUpsertRequest:
+ additionalProperties: false
+ type: object
+ properties:
+ dashboards:
+ items:
+ type: string
+ type: array
+ queries:
+ items:
+ type: object
+ properties:
+ description:
+ type: string
+ esql:
+ type: object
+ properties:
+ query:
+ type: string
+ required:
+ - query
+ evidence:
+ items:
+ type: string
+ type: array
+ id:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ severity_score:
+ type: number
+ title:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ required:
+ - id
+ - title
+ - description
+ - esql
+ type: array
+ rules:
+ items:
+ type: string
+ type: array
+ stream:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ ingest:
+ additionalProperties: false
+ type: object
+ properties:
+ classic:
+ additionalProperties: false
+ type: object
+ properties:
+ field_overrides:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinition'
+ failure_store:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore'
+ lifecycle:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle'
+ processing:
+ additionalProperties: false
+ type: object
+ properties:
+ steps:
+ items:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep'
+ type: array
+ updated_at: {}
+ required:
+ - steps
+ settings:
+ additionalProperties: false
+ type: object
+ properties:
+ index.number_of_replicas:
+ additionalProperties: false
+ type: object
+ properties:
+ value:
+ type: number
+ required:
+ - value
+ index.number_of_shards:
+ additionalProperties: false
+ type: object
+ properties:
+ value:
+ type: number
+ required:
+ - value
+ index.refresh_interval:
+ additionalProperties: false
+ type: object
+ properties:
+ value:
+ anyOf:
+ - type: string
+ - enum:
+ - -1
+ type: number
+ required:
+ - value
+ required:
+ - lifecycle
+ - processing
+ - settings
+ - failure_store
+ - classic
+ query_streams:
+ items:
+ type: object
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: array
+ type:
+ enum:
+ - classic
type: string
required:
- - title
- override:
- default: false
- description: Override an existing data view if a data view with the provided title already exists.
- type: boolean
+ - description
+ - ingest
+ - type
required:
- - data_view
- Data_views_data_view_response_object:
- title: Data view response properties
- type: object
- properties:
- data_view:
+ - dashboards
+ - rules
+ - queries
+ - stream
+ Kibana_HTTP_APIs_Condition:
+ anyOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_FilterCondition'
+ - additionalProperties: false
+ description: A logical AND that groups multiple conditions.
type: object
properties:
- allowNoIndex:
- $ref: '#/components/schemas/Data_views_allownoindex'
- fieldAttrs:
- additionalProperties:
- $ref: '#/components/schemas/Data_views_fieldattrs'
- type: object
- fieldFormats:
- $ref: '#/components/schemas/Data_views_fieldformats'
- fields:
+ and:
+ description: An array of conditions. All sub-conditions must be true for this condition to be true.
+ items:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ type: array
+ required:
+ - and
+ - additionalProperties: false
+ description: A logical OR that groups multiple conditions.
+ type: object
+ properties:
+ or:
+ description: An array of conditions. At least one sub-condition must be true for this condition to be true.
+ items:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ type: array
+ required:
+ - or
+ - additionalProperties: false
+ description: A logical NOT that negates a condition.
+ type: object
+ properties:
+ not:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ description: A condition that negates another condition.
+ required:
+ - not
+ - additionalProperties: false
+ description: A condition that always evaluates to false.
+ type: object
+ properties:
+ never:
+ additionalProperties: false
+ description: An empty object. This condition never matches.
type: object
- id:
- example: ff959d40-b880-11e8-a6d9-e546fe2bba5f
- type: string
- name:
- description: The data view name.
- type: string
- namespaces:
- $ref: '#/components/schemas/Data_views_namespaces'
- runtimeFieldMap:
- additionalProperties:
- $ref: '#/components/schemas/Data_views_runtimefieldmap'
+ properties: {}
+ required:
+ - never
+ - additionalProperties: false
+ description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered.
+ type: object
+ properties:
+ always:
+ additionalProperties: false
+ description: An empty object. This condition always matches.
type: object
- sourceFilters:
- $ref: '#/components/schemas/Data_views_sourcefilters'
- timeFieldName:
- $ref: '#/components/schemas/Data_views_timefieldname'
- title:
- $ref: '#/components/schemas/Data_views_title'
- typeMeta:
- $ref: '#/components/schemas/Data_views_typemeta_response'
- version:
- example: WzQ2LDJd
- type: string
- Data_views_fieldattrs:
- description: A map of field attributes by field name.
- type: object
- properties:
- count:
- description: Popularity count for the field.
- type: integer
- customDescription:
- description: Custom description for the field.
- maxLength: 300
- type: string
- customLabel:
- description: Custom label for the field.
- type: string
- Data_views_fieldformats:
- description: A map of field formats by field name.
- type: object
- Data_views_namespaces:
- description: An array of space identifiers for sharing the data view between multiple spaces.
- items:
- default: default
- type: string
- type: array
- Data_views_runtimefieldmap:
- description: A map of runtime field definitions by field name.
- type: object
- properties:
- script:
+ properties: {}
+ required:
+ - always
+ description: The root condition object. It can be a simple filter or a combination of other conditions.
+ Kibana_HTTP_APIs_ConditionWithSteps:
+ allOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ - additionalProperties: false
type: object
properties:
- source:
- description: Script for the runtime field.
- type: string
- type:
- description: Mapping type of the runtime field.
- type: string
- required:
- - script
- - type
- Data_views_sourcefilters:
- description: The array of field names you want to filter out in Discover.
- items:
- type: object
- properties:
- value:
- type: string
- required:
- - value
- type: array
- Data_views_swap_data_view_request_object:
- title: Data view reference swap request
- type: object
- properties:
- delete:
- description: Deletes referenced saved object if all references are removed.
- type: boolean
- forId:
- description: Limit the affected saved objects to one or more by identifier.
- oneOf:
- - type: string
- - items:
- type: string
+ steps:
+ items:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep'
type: array
- forType:
- description: Limit the affected saved objects by type.
- type: string
- fromId:
- description: The saved object reference to change.
- type: string
- fromType:
- description: |
- Specify the type of the saved object reference to alter. The default value is `index-pattern` for data views.
- type: string
- toId:
- description: New saved object reference value to replace the old value.
- type: string
- required:
- - fromId
- - toId
- Data_views_timefieldname:
- description: The timestamp field name, which you use for time-based data views.
- type: string
- Data_views_title:
- description: Comma-separated list of data streams, indices, and aliases that you want to search. Supports wildcards (`*`).
- type: string
- Data_views_type:
- description: When set to `rollup`, identifies the rollup data views.
- type: string
- Data_views_typemeta:
- description: When you use rollup indices, contains the field list for the rollup data view API endpoints.
- type: object
+ required:
+ - steps
+ Kibana_HTTP_APIs_core_status_redactedResponse:
+ additionalProperties: false
+ description: A minimal representation of Kibana's operational status.
properties:
- aggs:
- description: A map of rollup restrictions by aggregation type and field name.
- type: object
- params:
- description: Properties for retrieving rollup fields.
+ status:
+ additionalProperties: false
type: object
+ properties:
+ overall:
+ additionalProperties: false
+ type: object
+ properties:
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ required:
+ - level
+ required:
+ - overall
required:
- - aggs
- - params
- Data_views_typemeta_response:
- description: When you use rollup indices, contains the field list for the rollup data view API endpoints.
- nullable: true
- type: object
- properties:
- aggs:
- description: A map of rollup restrictions by aggregation type and field name.
- type: object
- params:
- description: Properties for retrieving rollup fields.
- type: object
- Data_views_update_data_view_request_object:
- title: Update data view request
+ - status
+ title: core_status_redactedResponse
type: object
+ Kibana_HTTP_APIs_core_status_response:
+ additionalProperties: false
+ description: Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request.
properties:
- data_view:
- description: |
- The data view properties you want to update. Only the specified properties are updated in the data view. Unspecified fields stay as they are persisted.
+ metrics:
+ additionalProperties: false
+ description: Metric groups collected by Kibana.
type: object
properties:
- allowNoIndex:
- $ref: '#/components/schemas/Data_views_allownoindex'
- fieldFormats:
- $ref: '#/components/schemas/Data_views_fieldformats'
- fields:
+ collection_interval_in_millis:
+ description: The interval at which metrics should be collected.
+ type: number
+ elasticsearch_client:
+ additionalProperties: false
+ description: Current network metrics of Kibana's Elasticsearch client.
type: object
- name:
+ properties:
+ totalActiveSockets:
+ description: Count of network sockets currently in use.
+ type: number
+ totalIdleSockets:
+ description: Count of network sockets currently idle.
+ type: number
+ totalQueuedRequests:
+ description: Count of requests not yet assigned to sockets.
+ type: number
+ required:
+ - totalActiveSockets
+ - totalIdleSockets
+ - totalQueuedRequests
+ last_updated:
+ description: The time metrics were collected.
type: string
- runtimeFieldMap:
+ required:
+ - elasticsearch_client
+ - last_updated
+ - collection_interval_in_millis
+ name:
+ description: Kibana instance name.
+ type: string
+ status:
+ additionalProperties: false
+ type: object
+ properties:
+ core:
+ additionalProperties: false
+ description: Statuses of core Kibana services.
+ type: object
+ properties:
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ http:
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ savedObjects:
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ required:
+ - elasticsearch
+ - savedObjects
+ overall:
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ plugins:
additionalProperties:
- $ref: '#/components/schemas/Data_views_runtimefieldmap'
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ description: A dynamic mapping of plugin ID to plugin status.
type: object
- sourceFilters:
- $ref: '#/components/schemas/Data_views_sourcefilters'
- timeFieldName:
- $ref: '#/components/schemas/Data_views_timefieldname'
- title:
- $ref: '#/components/schemas/Data_views_title'
- type:
- $ref: '#/components/schemas/Data_views_type'
- typeMeta:
- $ref: '#/components/schemas/Data_views_typemeta'
- refresh_fields:
- default: false
- description: Reloads the data view fields after the data view is updated.
- type: boolean
+ required:
+ - overall
+ - core
+ - plugins
+ uuid:
+ description: Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts.
+ type: string
+ version:
+ additionalProperties: false
+ type: object
+ properties:
+ build_date:
+ description: The date and time of this build.
+ type: string
+ build_flavor:
+ description: The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the "traditional" flavour, while other flavours are reserved for Elastic-specific use cases.
+ enum:
+ - serverless
+ - traditional
+ type: string
+ build_hash:
+ description: A unique hash value representing the git commit of this Kibana build.
+ type: string
+ build_number:
+ description: A monotonically increasing number, each subsequent build will have a higher number.
+ type: number
+ build_snapshot:
+ description: Whether this build is a snapshot build.
+ type: boolean
+ number:
+ description: A semantic version number.
+ type: string
+ required:
+ - number
+ - build_hash
+ - build_number
+ - build_snapshot
+ - build_flavor
+ - build_date
required:
- - data_view
- Kibana_HTTP_APIs__zod_v4_3___schema0:
+ - name
+ - uuid
+ - version
+ - status
+ - metrics
+ title: core_status_response
+ type: object
+ Kibana_HTTP_APIs_FailureStore:
anyOf:
- additionalProperties: false
type: object
properties:
- objects:
+ inherit:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - inherit
+ - additionalProperties: false
+ type: object
+ properties:
+ disabled:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - disabled
+ - additionalProperties: false
+ type: object
+ properties:
+ lifecycle:
additionalProperties: false
type: object
properties:
- all:
+ enabled:
additionalProperties: false
type: object
- properties: {}
+ properties:
+ data_retention:
+ description: A non-empty string.
+ minLength: 1
+ type: string
required:
- - all
+ - enabled
required:
- - objects
+ - lifecycle
- additionalProperties: false
type: object
properties:
- objects:
+ lifecycle:
additionalProperties: false
type: object
properties:
- mappings:
- type: boolean
- queries:
- items:
- type: object
- properties:
- id:
- type: string
- required:
- - id
- type: array
- routing:
- items:
- allOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0'
- - type: object
- properties:
- destination:
- type: string
- required:
- - destination
- type: array
+ disabled:
+ additionalProperties: false
+ type: object
+ properties: {}
required:
- - mappings
- - queries
- - routing
+ - disabled
required:
- - objects
- Kibana_HTTP_APIs_ClassicFieldDefinition:
+ - lifecycle
+ Kibana_HTTP_APIs_FieldDefinition:
additionalProperties:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinitionConfig'
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinitionConfig'
type: object
- Kibana_HTTP_APIs_ClassicFieldDefinitionConfig:
+ Kibana_HTTP_APIs_FieldDefinitionConfig:
allOf:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord'
- anyOf:
@@ -71123,6 +67968,17 @@ components:
type: string
required:
- type
+ - additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ format:
+ not: {}
+ type:
+ not: {}
+ required:
+ - description
- additionalProperties: false
type: object
properties:
@@ -71134,772 +67990,1696 @@ components:
type: string
required:
- type
- Kibana_HTTP_APIs_ClassicStreamUpsertRequest:
+ Kibana_HTTP_APIs_FilterCondition:
+ anyOf:
+ - additionalProperties: false
+ description: A condition that compares a field to a value or range using an operator as the key.
+ type: object
+ properties:
+ contains:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Contains comparison value.
+ endsWith:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Ends-with comparison value.
+ eq:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Equality comparison value.
+ field:
+ description: The document field to filter on.
+ minLength: 1
+ type: string
+ gt:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Greater-than comparison value.
+ gte:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Greater-than-or-equal comparison value.
+ includes:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Checks if multivalue field includes the value.
+ lt:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Less-than comparison value.
+ lte:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Less-than-or-equal comparison value.
+ neq:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Inequality comparison value.
+ range:
+ additionalProperties: false
+ description: Range comparison values.
+ type: object
+ properties:
+ gt:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: A value that can be a string, number, or boolean.
+ gte:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: A value that can be a string, number, or boolean.
+ lt:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: A value that can be a string, number, or boolean.
+ lte:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: A value that can be a string, number, or boolean.
+ startsWith:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Starts-with comparison value.
+ required:
+ - field
+ - additionalProperties: false
+ description: A condition that checks for the existence or non-existence of a field.
+ type: object
+ properties:
+ exists:
+ description: Indicates whether the field exists or not.
+ type: boolean
+ field:
+ description: The document field to check.
+ minLength: 1
+ type: string
+ required:
+ - field
+ description: A basic filter condition, either unary or binary.
+ Kibana_HTTP_APIs_IngestStreamLifecycle:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ dsl:
+ additionalProperties: false
+ type: object
+ properties:
+ data_retention:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ downsample:
+ items:
+ type: object
+ properties:
+ after:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ fixed_interval:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ required:
+ - after
+ - fixed_interval
+ type: array
+ required:
+ - dsl
+ - additionalProperties: false
+ type: object
+ properties:
+ ilm:
+ additionalProperties: false
+ type: object
+ properties:
+ policy:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ required:
+ - policy
+ required:
+ - ilm
+ - additionalProperties: false
+ type: object
+ properties:
+ inherit:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - inherit
+ Kibana_HTTP_APIs_new_output_elasticsearch:
additionalProperties: false
- type: object
properties:
- dashboards:
+ allow_edit:
items:
type: string
+ maxItems: 1000
type: array
- queries:
- items:
- type: object
- properties:
- description:
- type: string
- esql:
- type: object
- properties:
- query:
- type: string
- required:
- - query
- evidence:
- items:
- type: string
- type: array
- id:
- description: A non-empty string.
- minLength: 1
- type: string
- severity_score:
- type: number
- title:
- description: A non-empty string.
- minLength: 1
- type: string
- required:
- - id
- - title
- - description
- - esql
- type: array
- rules:
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
items:
+ format: uri
type: string
+ maxItems: 10
+ minItems: 1
type: array
- stream:
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ name:
+ type: string
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
additionalProperties: false
type: object
properties:
- description:
- type: string
- ingest:
+ ssl:
additionalProperties: false
type: object
properties:
- classic:
- additionalProperties: false
- type: object
- properties:
- field_overrides:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinition'
- failure_store:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore'
- lifecycle:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle'
- processing:
- additionalProperties: false
- type: object
- properties:
- steps:
- items:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep'
- type: array
- updated_at: {}
- required:
- - steps
- settings:
- additionalProperties: false
- type: object
- properties:
- index.number_of_replicas:
- additionalProperties: false
- type: object
- properties:
- value:
- type: number
- required:
- - value
- index.number_of_shards:
- additionalProperties: false
- type: object
- properties:
- value:
- type: number
- required:
- - value
- index.refresh_interval:
- additionalProperties: false
+ key:
+ anyOf:
+ - additionalProperties: false
type: object
properties:
- value:
- anyOf:
- - type: string
- - enum:
- - -1
- type: number
+ hash:
+ type: string
+ id:
+ type: string
required:
- - value
- required:
- - lifecycle
- - processing
- - settings
- - failure_store
- - classic
- query_streams:
+ - id
+ - type: string
+ shipper:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
+ required:
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ certificate:
+ type: string
+ certificate_authorities:
items:
- type: object
- properties:
- name:
- type: string
- required:
- - name
+ type: string
+ maxItems: 10
type: array
- type:
+ key:
+ type: string
+ verification_mode:
enum:
- - classic
+ - full
+ - none
+ - certificate
+ - strict
type: string
- required:
- - description
- - ingest
- - type
+ type:
+ enum:
+ - elasticsearch
+ type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
required:
- - dashboards
- - rules
- - queries
- - stream
- Kibana_HTTP_APIs_Condition:
- anyOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs_FilterCondition'
- - additionalProperties: false
- description: A logical AND that groups multiple conditions.
+ - name
+ - type
+ - hosts
+ title: new_output_elasticsearch
+ type: object
+ Kibana_HTTP_APIs_new_output_kafka:
+ additionalProperties: false
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ auth_type:
+ enum:
+ - none
+ - user_pass
+ - ssl
+ - kerberos
+ type: string
+ broker_timeout:
+ type: number
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ client_id:
+ type: string
+ compression:
+ enum:
+ - gzip
+ - snappy
+ - lz4
+ - none
+ type: string
+ compression_level:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: number
+ - not: {}
+ config_yaml:
+ nullable: true
+ type: string
+ connection_type:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - enum:
+ - plaintext
+ - encryption
+ type: string
+ - not: {}
+ hash:
+ additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ random:
+ type: boolean
+ headers:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ - value
+ maxItems: 100
+ type: array
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ key:
+ type: string
+ name:
+ type: string
+ partition:
+ enum:
+ - random
+ - round_robin
+ - hash
+ type: string
+ password:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - not: {}
+ - anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ proxy_id:
+ nullable: true
+ type: string
+ random:
+ additionalProperties: false
type: object
properties:
- and:
- description: An array of conditions. All sub-conditions must be true for this condition to be true.
- items:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
- type: array
- required:
- - and
- - additionalProperties: false
- description: A logical OR that groups multiple conditions.
+ group_events:
+ type: number
+ required_acks:
+ enum:
+ - 1
+ - 0
+ - -1
+ type: integer
+ round_robin:
+ additionalProperties: false
type: object
properties:
- or:
- description: An array of conditions. At least one sub-condition must be true for this condition to be true.
- items:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
- type: array
- required:
- - or
- - additionalProperties: false
- description: A logical NOT that negates a condition.
+ group_events:
+ type: number
+ sasl:
+ additionalProperties: false
+ nullable: true
type: object
properties:
- not:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
- description: A condition that negates another condition.
- required:
- - not
- - additionalProperties: false
- description: A condition that always evaluates to false.
+ mechanism:
+ enum:
+ - PLAIN
+ - SCRAM-SHA-256
+ - SCRAM-SHA-512
+ type: string
+ secrets:
+ additionalProperties: false
type: object
properties:
- never:
+ password:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ ssl:
additionalProperties: false
- description: An empty object. This condition never matches.
type: object
- properties: {}
- required:
- - never
- - additionalProperties: false
- description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered.
+ properties:
+ key:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ required:
+ - key
+ shipper:
+ additionalProperties: false
+ nullable: true
type: object
properties:
- always:
- additionalProperties: false
- description: An empty object. This condition always matches.
- type: object
- properties: {}
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - always
- description: The root condition object. It can be a simple filter or a combination of other conditions.
- Kibana_HTTP_APIs_ConditionWithSteps:
- allOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
- - additionalProperties: false
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: false
+ nullable: true
type: object
properties:
- steps:
+ certificate:
+ type: string
+ certificate_authorities:
items:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep'
+ type: string
+ maxItems: 10
type: array
- required:
- - steps
- Kibana_HTTP_APIs_core_status_redactedResponse:
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ timeout:
+ type: number
+ topic:
+ type: string
+ type:
+ enum:
+ - kafka
+ type: string
+ username:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ version:
+ type: string
+ required:
+ - name
+ - type
+ - hosts
+ - compression_level
+ - auth_type
+ - connection_type
+ - username
+ - password
+ title: new_output_kafka
+ type: object
+ Kibana_HTTP_APIs_new_output_logstash:
additionalProperties: false
- description: A minimal representation of Kibana's operational status.
properties:
- status:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ name:
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
additionalProperties: false
type: object
properties:
- overall:
+ ssl:
additionalProperties: false
type: object
properties:
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- required:
- - level
- required:
- - overall
- required:
- - status
- title: core_status_redactedResponse
- type: object
- Kibana_HTTP_APIs_core_status_response:
- additionalProperties: false
- description: Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request.
- properties:
- metrics:
+ key:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ shipper:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
+ required:
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
additionalProperties: false
- description: Metric groups collected by Kibana.
+ nullable: true
type: object
properties:
- collection_interval_in_millis:
- description: The interval at which metrics should be collected.
- type: number
- elasticsearch_client:
- additionalProperties: false
- description: Current network metrics of Kibana's Elasticsearch client.
- type: object
- properties:
- totalActiveSockets:
- description: Count of network sockets currently in use.
- type: number
- totalIdleSockets:
- description: Count of network sockets currently idle.
- type: number
- totalQueuedRequests:
- description: Count of requests not yet assigned to sockets.
- type: number
- required:
- - totalActiveSockets
- - totalIdleSockets
- - totalQueuedRequests
- last_updated:
- description: The time metrics were collected.
+ certificate:
type: string
- required:
- - elasticsearch_client
- - last_updated
- - collection_interval_in_millis
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ type:
+ enum:
+ - logstash
+ type: string
+ required:
+ - name
+ - type
+ - hosts
+ title: new_output_logstash
+ type: object
+ Kibana_HTTP_APIs_new_output_remote_elasticsearch:
+ additionalProperties: false
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ format: uri
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ kibana_api_key:
+ nullable: true
+ type: string
+ kibana_url:
+ nullable: true
+ type: string
name:
- description: Kibana instance name.
type: string
- status:
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
additionalProperties: false
type: object
properties:
- core:
- additionalProperties: false
- description: Statuses of core Kibana services.
- type: object
- properties:
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
- type: string
- required:
- - level
- - summary
- - meta
- http:
- additionalProperties: false
- type: object
- properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
- type: string
- required:
- - level
- - summary
- - meta
- savedObjects:
- additionalProperties: false
+ service_token:
+ anyOf:
+ - additionalProperties: false
type: object
properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
+ hash:
type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
+ id:
type: string
required:
- - level
- - summary
- - meta
- required:
- - elasticsearch
- - savedObjects
- overall:
+ - id
+ - type: string
+ ssl:
additionalProperties: false
type: object
properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
- type: string
- required:
- - level
- - summary
- - meta
- plugins:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
- type: string
- required:
- - level
- - summary
- - meta
- description: A dynamic mapping of plugin ID to plugin status.
- type: object
+ key:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ service_token:
+ nullable: true
+ type: string
+ shipper:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - overall
- - core
- - plugins
- uuid:
- description: Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts.
- type: string
- version:
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
additionalProperties: false
+ nullable: true
type: object
properties:
- build_date:
- description: The date and time of this build.
+ certificate:
type: string
- build_flavor:
- description: The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the "traditional" flavour, while other flavours are reserved for Elastic-specific use cases.
- enum:
- - serverless
- - traditional
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
type: string
- build_hash:
- description: A unique hash value representing the git commit of this Kibana build.
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
type: string
- build_number:
- description: A monotonically increasing number, each subsequent build will have a higher number.
+ sync_integrations:
+ type: boolean
+ sync_uninstalled_integrations:
+ type: boolean
+ type:
+ enum:
+ - remote_elasticsearch
+ type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
+ required:
+ - name
+ - type
+ - hosts
+ title: new_output_remote_elasticsearch
+ type: object
+ Kibana_HTTP_APIs_output_elasticsearch:
+ additionalProperties: true
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ format: uri
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ name:
+ type: string
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
+ additionalProperties: true
+ type: object
+ properties:
+ ssl:
+ additionalProperties: true
+ type: object
+ properties:
+ key:
+ anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ shipper:
+ additionalProperties: true
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
type: number
- build_snapshot:
- description: Whether this build is a snapshot build.
+ disk_queue_compression_enabled:
+ nullable: true
type: boolean
- number:
- description: A semantic version number.
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - number
- - build_hash
- - build_number
- - build_snapshot
- - build_flavor
- - build_date
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: true
+ nullable: true
+ type: object
+ properties:
+ certificate:
+ type: string
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ type:
+ enum:
+ - elasticsearch
+ type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
required:
- name
- - uuid
- - version
- - status
- - metrics
- title: core_status_response
+ - type
+ - hosts
+ title: output_elasticsearch
type: object
- Kibana_HTTP_APIs_FailureStore:
- anyOf:
- - additionalProperties: false
+ Kibana_HTTP_APIs_output_kafka:
+ additionalProperties: true
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ auth_type:
+ enum:
+ - none
+ - user_pass
+ - ssl
+ - kerberos
+ type: string
+ broker_timeout:
+ type: number
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ client_id:
+ type: string
+ compression:
+ enum:
+ - gzip
+ - snappy
+ - lz4
+ - none
+ type: string
+ compression_level:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: number
+ - not: {}
+ config_yaml:
+ nullable: true
+ type: string
+ connection_type:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - enum:
+ - plaintext
+ - encryption
+ type: string
+ - not: {}
+ hash:
+ additionalProperties: true
type: object
properties:
- inherit:
- additionalProperties: false
- type: object
- properties: {}
- required:
- - inherit
- - additionalProperties: false
+ hash:
+ type: string
+ random:
+ type: boolean
+ headers:
+ items:
+ additionalProperties: true
+ type: object
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ - value
+ maxItems: 100
+ type: array
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ key:
+ type: string
+ name:
+ type: string
+ partition:
+ enum:
+ - random
+ - round_robin
+ - hash
+ type: string
+ password:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - not: {}
+ - anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ proxy_id:
+ nullable: true
+ type: string
+ random:
+ additionalProperties: true
+ type: object
+ properties:
+ group_events:
+ type: number
+ required_acks:
+ enum:
+ - 1
+ - 0
+ - -1
+ type: integer
+ round_robin:
+ additionalProperties: true
type: object
properties:
- disabled:
- additionalProperties: false
- type: object
- properties: {}
- required:
- - disabled
- - additionalProperties: false
+ group_events:
+ type: number
+ sasl:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- lifecycle:
- additionalProperties: false
- type: object
- properties:
- enabled:
- additionalProperties: false
+ mechanism:
+ enum:
+ - PLAIN
+ - SCRAM-SHA-256
+ - SCRAM-SHA-512
+ type: string
+ secrets:
+ additionalProperties: true
+ type: object
+ properties:
+ password:
+ anyOf:
+ - additionalProperties: true
type: object
properties:
- data_retention:
- description: A non-empty string.
- minLength: 1
+ hash:
type: string
- required:
- - enabled
- required:
- - lifecycle
- - additionalProperties: false
- type: object
- properties:
- lifecycle:
- additionalProperties: false
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ ssl:
+ additionalProperties: true
type: object
properties:
- disabled:
- additionalProperties: false
- type: object
- properties: {}
+ key:
+ anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
required:
- - disabled
+ - key
+ shipper:
+ additionalProperties: true
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - lifecycle
- Kibana_HTTP_APIs_FieldDefinition:
- additionalProperties:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinitionConfig'
- type: object
- Kibana_HTTP_APIs_FieldDefinitionConfig:
- allOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord'
- - anyOf:
- - additionalProperties: false
- type: object
- properties:
- description:
- type: string
- format:
- description: A non-empty string.
- minLength: 1
- type: string
- type:
- enum:
- - keyword
- - match_only_text
- - long
- - double
- - date
- - boolean
- - ip
- - geo_point
- - integer
- - short
- - byte
- - float
- - half_float
- - text
- - wildcard
- - version
- - unsigned_long
- - date_nanos
- type: string
- required:
- - type
- - additionalProperties: false
- type: object
- properties:
- description:
- type: string
- format:
- not: {}
- type:
- not: {}
- required:
- - description
- - additionalProperties: false
- type: object
- properties:
- description:
- type: string
- type:
- enum:
- - system
- type: string
- required:
- - type
- Kibana_HTTP_APIs_FilterCondition:
- anyOf:
- - additionalProperties: false
- description: A condition that compares a field to a value or range using an operator as the key.
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- contains:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Contains comparison value.
- endsWith:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Ends-with comparison value.
- eq:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Equality comparison value.
- field:
- description: The document field to filter on.
- minLength: 1
+ certificate:
type: string
- gt:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Greater-than comparison value.
- gte:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Greater-than-or-equal comparison value.
- includes:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Checks if multivalue field includes the value.
- lt:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Less-than comparison value.
- lte:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Less-than-or-equal comparison value.
- neq:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Inequality comparison value.
- range:
- additionalProperties: false
- description: Range comparison values.
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ timeout:
+ type: number
+ topic:
+ type: string
+ type:
+ enum:
+ - kafka
+ type: string
+ username:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ version:
+ type: string
+ required:
+ - name
+ - type
+ - hosts
+ - compression_level
+ - auth_type
+ - connection_type
+ - username
+ - password
+ title: output_kafka
+ type: object
+ Kibana_HTTP_APIs_output_logstash:
+ additionalProperties: true
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ name:
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
+ additionalProperties: true
+ type: object
+ properties:
+ ssl:
+ additionalProperties: true
type: object
properties:
- gt:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: A value that can be a string, number, or boolean.
- gte:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: A value that can be a string, number, or boolean.
- lt:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: A value that can be a string, number, or boolean.
- lte:
+ key:
anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
- type: string
- - type: number
- - type: boolean
- description: A value that can be a string, number, or boolean.
- startsWith:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Starts-with comparison value.
- required:
- - field
- - additionalProperties: false
- description: A condition that checks for the existence or non-existence of a field.
+ shipper:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- exists:
- description: Indicates whether the field exists or not.
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
type: boolean
- field:
- description: The document field to check.
- minLength: 1
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - field
- description: A basic filter condition, either unary or binary.
- Kibana_HTTP_APIs_IngestStreamLifecycle:
- anyOf:
- - additionalProperties: false
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- dsl:
- additionalProperties: false
- type: object
- properties:
- data_retention:
- description: A non-empty string.
- minLength: 1
- type: string
- downsample:
- items:
- type: object
- properties:
- after:
- description: A non-empty string.
- minLength: 1
- type: string
- fixed_interval:
- description: A non-empty string.
- minLength: 1
- type: string
- required:
- - after
- - fixed_interval
- type: array
- required:
- - dsl
- - additionalProperties: false
+ certificate:
+ type: string
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ type:
+ enum:
+ - logstash
+ type: string
+ required:
+ - name
+ - type
+ - hosts
+ title: output_logstash
+ type: object
+ Kibana_HTTP_APIs_output_remote_elasticsearch:
+ additionalProperties: true
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ format: uri
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ kibana_api_key:
+ nullable: true
+ type: string
+ kibana_url:
+ nullable: true
+ type: string
+ name:
+ type: string
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
+ additionalProperties: true
type: object
properties:
- ilm:
- additionalProperties: false
+ service_token:
+ anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ ssl:
+ additionalProperties: true
type: object
properties:
- policy:
- description: A non-empty string.
- minLength: 1
- type: string
- required:
- - policy
- required:
- - ilm
- - additionalProperties: false
+ key:
+ anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ service_token:
+ nullable: true
+ type: string
+ shipper:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- inherit:
- additionalProperties: false
- type: object
- properties: {}
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - inherit
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: true
+ nullable: true
+ type: object
+ properties:
+ certificate:
+ type: string
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ sync_integrations:
+ type: boolean
+ sync_uninstalled_integrations:
+ type: boolean
+ type:
+ enum:
+ - remote_elasticsearch
+ type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
+ required:
+ - name
+ - type
+ - hosts
+ title: output_remote_elasticsearch
+ type: object
Kibana_HTTP_APIs_QueryStreamUpsertRequest:
additionalProperties: false
type: object
diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml
index 56c6c233bb10d..c8c57769cc8f0 100644
--- a/oas_docs/output/kibana.yaml
+++ b/oas_docs/output/kibana.yaml
@@ -46019,758 +46019,10 @@ paths:
items:
items:
anyOf:
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
- type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
- type: string
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: true
- type: object
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
- maxItems: 100
- type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- password:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_kafka'
maxItems: 10000
type: array
page:
@@ -46835,22 +46087,243 @@ paths:
application/json:
schema:
anyOf:
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_new_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_new_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_new_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_new_output_kafka'
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ anyOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_kafka'
+ required:
+ - item
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Create output
+ tags:
+ - Fleet outputs
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/outputs/{outputId}:
+ delete:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ delete /s/{space_id}/api/fleet/outputs/{outputId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Delete output by ID.
[Required authorization] Route required privileges: fleet-settings-all.
+ operationId: delete-fleet-outputs-outputid
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ - in: path
+ name: outputId
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ '404':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: Not found.
+ summary: Delete output
+ tags:
+ - Fleet outputs
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/outputs/{outputId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Get output by ID.
[Required authorization] Route required privileges: fleet-settings-read OR fleet-agent-policies-read.
+ operationId: get-fleet-outputs-outputid
+ parameters:
+ - in: path
+ name: outputId
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ anyOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_kafka'
+ required:
+ - item
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Get output
+ tags:
+ - Fleet outputs
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ put:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ put /s/{space_id}/api/fleet/outputs/{outputId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Update output by ID.
[Required authorization] Route required privileges: fleet-settings-all OR fleet-agent-policies-all.
+ operationId: put-fleet-outputs-outputid
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ - in: path
+ name: outputId
+ required: true
+ schema:
+ type: string
+ requestBody:
+ content:
+ application/json:
+ schema:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
type: string
hosts:
items:
@@ -46862,10 +46335,8 @@ paths:
id:
type: string
is_default:
- default: false
type: boolean
is_default_monitoring:
- default: false
type: boolean
is_internal:
type: boolean
@@ -46978,10 +46449,6 @@ paths:
write_to_logs_streams:
nullable: true
type: boolean
- required:
- - name
- - type
- - hosts
- additionalProperties: false
type: object
properties:
@@ -47009,10 +46476,8 @@ paths:
id:
type: string
is_default:
- default: false
type: boolean
is_default_monitoring:
- default: false
type: boolean
is_internal:
type: boolean
@@ -47150,10 +46615,6 @@ paths:
write_to_logs_streams:
nullable: true
type: boolean
- required:
- - name
- - type
- - hosts
- additionalProperties: false
type: object
properties:
@@ -47180,10 +46641,8 @@ paths:
id:
type: string
is_default:
- default: false
type: boolean
is_default_monitoring:
- default: false
type: boolean
is_internal:
type: boolean
@@ -47285,10 +46744,6 @@ paths:
enum:
- logstash
type: string
- required:
- - name
- - type
- - hosts
- additionalProperties: false
type: object
properties:
@@ -47580,10 +47035,7 @@ paths:
type: string
required:
- name
- - type
- - hosts
- compression_level
- - auth_type
- connection_type
- username
- password
@@ -47597,760 +47049,678 @@ paths:
properties:
item:
anyOf:
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_remote_elasticsearch'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_logstash'
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_output_kafka'
+ required:
+ - item
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Update output
+ tags:
+ - Fleet outputs
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/outputs/{outputId}/health:
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/outputs/{outputId}/health
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-settings-read.
+ operationId: get-fleet-outputs-outputid-health
+ parameters:
+ - in: path
+ name: outputId
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ description: long message if unhealthy
+ type: string
+ state:
+ description: state of output, HEALTHY or DEGRADED
+ type: string
+ timestamp:
+ description: timestamp of reported state
+ type: string
+ required:
+ - state
+ - message
+ - timestamp
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Get the latest output health
+ tags:
+ - Fleet outputs
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/package_policies:
+ get:
+ operationId: get-fleet-package-policies
+ parameters:
+ - in: query
+ name: page
+ required: false
+ schema:
+ type: number
+ - in: query
+ name: perPage
+ required: false
+ schema:
+ type: number
+ - in: query
+ name: sortField
+ required: false
+ schema:
+ type: string
+ - in: query
+ name: sortOrder
+ required: false
+ schema:
+ enum:
+ - desc
+ - asc
+ type: string
+ - in: query
+ name: showUpgradeable
+ required: false
+ schema:
+ type: boolean
+ - in: query
+ name: kuery
+ required: false
+ schema:
+ type: string
+ - in: query
+ name: format
+ required: false
+ schema:
+ enum:
+ - simplified
+ - legacy
+ type: string
+ - in: query
+ name: withAgentCount
+ required: false
+ schema:
+ type: boolean
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ items:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
+ maxItems: 1000
+ nullable: true
+ type: array
+ agents:
+ type: number
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
+ nullable: true
+ type: string
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
+ nullable: true
+ type: string
+ created_at:
+ type: string
+ created_by:
+ type: string
+ description:
+ description: Package policy description
+ type: string
+ elasticsearch:
+ additionalProperties: true
+ type: object
+ properties:
+ privileges:
+ additionalProperties: true
+ type: object
+ properties:
+ cluster:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ enabled:
+ type: boolean
+ id:
+ description: Package policy unique identifier.
+ type: string
+ inputs:
+ anyOf:
+ - items:
+ additionalProperties: false
type: object
properties:
- key:
- anyOf:
- - additionalProperties: true
+ compiled_input: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
+ since:
type: string
required:
- - id
- - type: string
- ssl:
- additionalProperties: true
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ policy_template:
+ type: string
+ streams:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_stream: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
+ type: object
+ properties:
+ dataset:
+ type: string
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ dynamic_dataset:
+ type: boolean
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ required:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - enabled
+ - data_stream
+ - compiled_stream
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - type
+ - enabled
+ - streams
+ - compiled_input
+ maxItems: 100
+ type: array
+ - additionalProperties:
+ additionalProperties: false
type: object
properties:
- key:
- anyOf:
- - additionalProperties: true
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
type: object
- properties:
- hash:
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that input. Defaults to `true` (enabled).
+ type: boolean
+ streams:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that stream. Defaults to `true` (enabled).
+ type: boolean
+ var_group_selections:
+ additionalProperties:
type: string
- id:
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Input streams. Refer to the integration documentation to know which streams are available.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
+ type: object
+ x-oas-optional: true
+ description: Package policy inputs.
+ is_managed:
+ type: boolean
+ name:
+ description: Unique name for the package policy.
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
+ additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
+ type: object
+ properties:
+ inputs:
+ additionalProperties: {}
+ type: object
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ data_stream:
+ type: string
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
+ type: string
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
+ nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
type: string
- shipper:
- additionalProperties: true
- nullable: true
+ maxItems: 1000
+ type: array
+ revision:
+ description: Package policy revision.
+ type: number
+ secret_references:
+ items:
+ additionalProperties: false
type: object
properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
+ id:
type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
+ - id
+ maxItems: 100
+ type: array
+ spaceIds:
+ items:
type: string
- config_yaml:
- nullable: true
+ maxItems: 100
+ type: array
+ supports_agentless:
+ default: false
+ description: Indicates whether the package policy belongs to an agentless agent policy.
+ nullable: true
+ type: boolean
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
+ nullable: true
+ type: boolean
+ updated_at:
+ type: string
+ updated_by:
+ type: string
+ var_group_selections:
+ additionalProperties:
type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ anyOf:
+ - additionalProperties:
+ additionalProperties: false
type: object
properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
- type: string
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: true
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
type: object
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
- maxItems: 100
- type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- password:
+ - additionalProperties:
anyOf:
- - additionalProperties: true
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
type: object
properties:
- hash:
- type: string
id:
type: string
+ isSecretRef:
+ type: boolean
required:
- id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
+ - isSecretRef
nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ x-oas-optional: true
+ description: Package level variable.
+ version:
+ description: Package policy ES version.
+ type: string
+ required:
+ - name
+ - enabled
+ - inputs
+ - id
+ - revision
+ - updated_at
+ - updated_by
+ - created_at
+ - created_by
+ maxItems: 10000
+ type: array
+ page:
+ type: number
+ perPage:
+ type: number
+ total:
+ type: number
required:
- - item
+ - items
+ - total
+ - page
+ - perPage
description: 'OK: A successful request.'
'400':
content:
@@ -48373,23 +47743,20 @@ paths:
- message
- attributes
description: A bad request.
- summary: Create output
+ summary: Get package policies
tags:
- - Fleet outputs
+ - Fleet package policies
x-metaTags:
- content: Kibana
name: product_name
- /api/fleet/outputs/{outputId}:
- delete:
description: |-
**Spaces method and path for this operation:**
- delete /s/{space_id}/api/fleet/outputs/{outputId}
+ get /s/{space_id}/api/fleet/package_policies
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Delete output by ID.
[Required authorization] Route required privileges: fleet-settings-all.
- operationId: delete-fleet-outputs-outputid
+ post:
+ operationId: post-fleet-package-policies
parameters:
- description: A required header to protect against CSRF attacks
in: header
@@ -48398,850 +47765,1073 @@ paths:
schema:
example: 'true'
type: string
- - in: path
- name: outputId
- required: true
- schema:
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- id:
- type: string
- required:
- - id
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- '404':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: Not found.
- summary: Delete output
- tags:
- - Fleet outputs
- x-metaTags:
- - content: Kibana
- name: product_name
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/outputs/{outputId}
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Get output by ID.
[Required authorization] Route required privileges: fleet-settings-read OR fleet-agent-policies-read.
- operationId: get-fleet-outputs-outputid
- parameters:
- - in: path
- name: outputId
- required: true
+ - in: query
+ name: format
+ required: false
schema:
+ enum:
+ - simplified
+ - legacy
type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- anyOf:
- - additionalProperties: true
+ requestBody:
+ content:
+ application/json:
+ schema:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
+ type: string
+ maxItems: 1000
+ nullable: true
+ type: array
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
+ nullable: true
+ type: string
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
+ nullable: true
+ type: string
+ description:
+ description: Package policy description
+ type: string
+ enabled:
+ type: boolean
+ force:
+ description: Force package policy creation even if the package is not verified, or if the agent policy is managed.
+ type: boolean
+ id:
+ description: Package policy unique identifier
+ type: string
+ inputs:
+ items:
+ additionalProperties: false
type: object
properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
type: string
- ca_trusted_fingerprint:
- nullable: true
+ keep_enabled:
+ type: boolean
+ migrate_from:
type: string
- config_yaml:
- nullable: true
+ policy_template:
type: string
- hosts:
+ streams:
items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: true
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_stream: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
type: object
properties:
- hash:
+ frozen:
+ type: boolean
+ type:
type: string
- id:
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
+ type: object
+ properties:
+ dataset:
+ type: string
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ dynamic_dataset:
+ type: boolean
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ required:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
type: string
+ value: {}
required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - enabled
+ - data_stream
+ - compiled_stream
+ maxItems: 100
+ type: array
+ type:
type: string
- shipper:
- additionalProperties: true
- nullable: true
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - type
+ - enabled
+ maxItems: 1000
+ type: array
+ is_managed:
+ type: boolean
+ name:
+ description: Unique name for the package policy.
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
+ additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
+ type: object
+ properties:
+ inputs:
+ additionalProperties: {}
+ type: object
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
type: object
properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
+ data_stream:
type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
+ type: string
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
+ nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
+ type: string
+ maxItems: 1000
+ type: array
+ spaceIds:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ supports_agentless:
+ default: false
+ deprecated: true
+ description: Indicates whether the package policy belongs to an agentless agent policy. Deprecated in favor of the Fleet agentless policies API.
+ nullable: true
+ type: boolean
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
+ nullable: true
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
type: boolean
type:
- enum:
- - remote_elasticsearch
type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
+ value: {}
required:
- - name
- - type
- - hosts
- - additionalProperties: true
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - name
+ - inputs
+ - additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
+ type: string
+ maxItems: 100
+ nullable: true
+ type: array
+ description:
+ description: Policy description.
+ type: string
+ force:
+ description: Force package policy creation even if the package is not verified, or if the agent policy is managed.
+ type: boolean
+ id:
+ description: Policy unique identifier.
+ type: string
+ inputs:
+ additionalProperties:
+ additionalProperties: false
type: object
properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
+ deprecated:
+ additionalProperties: false
type: object
properties:
- ssl:
- additionalProperties: true
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
type: object
- properties:
- key:
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that input. Defaults to `true` (enabled).
+ type: boolean
+ streams:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that stream. Defaults to `true` (enabled).
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
anyOf:
- - additionalProperties: true
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
type: object
properties:
- hash:
- type: string
id:
type: string
+ isSecretRef:
+ type: boolean
required:
- id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Input streams. Refer to the integration documentation to know which streams are available.
type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
- type: string
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: true
+ description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
+ type: object
+ name:
+ description: Unique name for the policy.
+ type: string
+ namespace:
+ description: Policy namespace. When not specified, it inherits the agent policy namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
type: object
properties:
- hash:
+ data_stream:
type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: true
- type: object
- properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
+ type: string
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ policy_id:
+ deprecated: true
+ description: Deprecated. Use policy_ids instead.
+ nullable: true
+ type: string
+ policy_ids:
+ description: IDs of the agent policies which that package policy will be added to.
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ supports_agentless:
+ default: false
+ deprecated: true
+ description: Indicates whether the package policy belongs to an agentless agent policy. Deprecated in favor of the Fleet agentless policies API.
+ nullable: true
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
maxItems: 100
type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
+ - items:
+ type: number
+ maxItems: 100
type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: true
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: true
- nullable: true
+ - additionalProperties: false
type: object
properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
+ id:
type: string
- secrets:
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ required:
+ - name
+ - package
+ description: You should use inputs as an object and not use the deprecated inputs array.
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
+ type: string
+ maxItems: 1000
+ nullable: true
+ type: array
+ agents:
+ type: number
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
+ nullable: true
+ type: string
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
+ nullable: true
+ type: string
+ created_at:
+ type: string
+ created_by:
+ type: string
+ description:
+ description: Package policy description
+ type: string
+ elasticsearch:
+ additionalProperties: true
+ type: object
+ properties:
+ privileges:
additionalProperties: true
type: object
properties:
- password:
- anyOf:
- - additionalProperties: true
+ cluster:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ enabled:
+ type: boolean
+ id:
+ description: Package policy unique identifier.
+ type: string
+ inputs:
+ anyOf:
+ - items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_input: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
type: object
properties:
- hash:
- type: string
- id:
+ frozen:
+ type: boolean
+ type:
type: string
+ value: {}
required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ policy_template:
+ type: string
+ streams:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_stream: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
type: object
properties:
- hash:
+ dataset:
type: string
- id:
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ dynamic_dataset:
+ type: boolean
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
type: string
required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - enabled
+ - data_stream
+ - compiled_stream
+ maxItems: 100
+ type: array
+ type:
type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - type
+ - enabled
+ - streams
+ - compiled_input
+ maxItems: 100
+ type: array
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that input. Defaults to `true` (enabled).
+ type: boolean
+ streams:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that stream. Defaults to `true` (enabled).
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Input streams. Refer to the integration documentation to know which streams are available.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
+ type: object
+ x-oas-optional: true
+ description: Package policy inputs.
+ is_managed:
+ type: boolean
+ name:
+ description: Unique name for the package policy.
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
+ additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
+ type: object
+ properties:
+ inputs:
+ additionalProperties: {}
+ type: object
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ data_stream:
+ type: string
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
type: string
- type:
- enum:
- - kafka
+ requires_root:
+ type: boolean
+ title:
type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
version:
+ description: Package version
type: string
required:
- name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
+ nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
+ type: string
+ maxItems: 1000
+ type: array
+ revision:
+ description: Package policy revision.
+ type: number
+ secret_references:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ maxItems: 100
+ type: array
+ spaceIds:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ supports_agentless:
+ default: false
+ description: Indicates whether the package policy belongs to an agentless agent policy.
+ nullable: true
+ type: boolean
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
+ nullable: true
+ type: boolean
+ updated_at:
+ type: string
+ updated_by:
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ anyOf:
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ - additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ x-oas-optional: true
+ description: Package level variable.
+ version:
+ description: Package policy ES version.
+ type: string
+ required:
+ - name
+ - enabled
+ - inputs
+ - id
+ - revision
+ - updated_at
+ - updated_by
+ - created_at
+ - created_by
required:
- item
description: 'OK: A successful request.'
@@ -49266,22 +48856,42 @@ paths:
- message
- attributes
description: A bad request.
- summary: Get output
+ '409':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A conflict occurred.
+ summary: Create a package policy
tags:
- - Fleet outputs
+ - Fleet package policies
x-metaTags:
- content: Kibana
name: product_name
- put:
description: |-
**Spaces method and path for this operation:**
- put /s/{space_id}/api/fleet/outputs/{outputId}
+ post /s/{space_id}/api/fleet/package_policies
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Update output by ID.
[Required authorization] Route required privileges: fleet-settings-all OR fleet-agent-policies-all.
- operationId: put-fleet-outputs-outputid
+ /api/fleet/package_policies/_bulk_get:
+ post:
+ operationId: post-fleet-package-policies-bulk-get
parameters:
- description: A required header to protect against CSRF attacks
in: header
@@ -49290,1655 +48900,1807 @@ paths:
schema:
example: 'true'
type: string
- - in: path
- name: outputId
- required: true
+ - in: query
+ name: format
+ required: false
schema:
+ enum:
+ - simplified
+ - legacy
type: string
requestBody:
content:
application/json:
schema:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- type: boolean
- is_default_monitoring:
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- ssl:
- additionalProperties: false
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
+ additionalProperties: false
+ type: object
+ properties:
+ ids:
+ description: list of package policy ids
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ignoreMissing:
+ type: boolean
+ required:
+ - ids
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ items:
+ items:
additionalProperties: false
- nullable: true
type: object
properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
+ type: string
+ maxItems: 1000
nullable: true
+ type: array
+ agents:
type: number
- disk_queue_path:
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
nullable: true
type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
+ created_at:
type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
+ created_by:
type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- type: boolean
- is_default_monitoring:
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: false
+ description:
+ description: Package policy description
+ type: string
+ elasticsearch:
+ additionalProperties: true
+ type: object
+ properties:
+ privileges:
+ additionalProperties: true
type: object
properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
+ cluster:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ enabled:
+ type: boolean
+ id:
+ description: Package policy unique identifier.
+ type: string
+ inputs:
+ anyOf:
+ - items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_input: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ policy_template:
+ type: string
+ streams:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_stream: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
+ type: object
+ properties:
+ dataset:
+ type: string
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ dynamic_dataset:
+ type: boolean
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ required:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - enabled
+ - data_stream
+ - compiled_stream
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - type
+ - enabled
+ - streams
+ - compiled_input
+ maxItems: 100
+ type: array
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that input. Defaults to `true` (enabled).
+ type: boolean
+ streams:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that stream. Defaults to `true` (enabled).
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Input streams. Refer to the integration documentation to know which streams are available.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
+ type: object
+ x-oas-optional: true
+ description: Package policy inputs.
+ is_managed:
+ type: boolean
+ name:
+ description: Unique name for the package policy.
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
type: object
properties:
- key:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
- type: string
- shipper:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- compression_level:
+ inputs:
+ additionalProperties: {}
+ type: object
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ data_stream:
+ type: string
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
+ type: string
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
+ type: string
+ maxItems: 1000
+ type: array
+ revision:
+ description: Package policy revision.
type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
+ secret_references:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ maxItems: 100
+ type: array
+ spaceIds:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ supports_agentless:
default: false
+ description: Indicates whether the package policy belongs to an agentless agent policy.
nullable: true
type: boolean
- disk_queue_encryption_enabled:
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
nullable: true
type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
+ updated_at:
type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
+ updated_by:
type: string
- certificate_authorities:
- items:
+ var_group_selections:
+ additionalProperties:
type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- type: boolean
- is_default_monitoring:
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- ssl:
- additionalProperties: false
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
type: object
- properties:
- key:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- id:
+ vars:
+ anyOf:
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ - additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ x-oas-optional: true
+ description: Package level variable.
+ version:
+ description: Package policy ES version.
type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
+ - name
+ - enabled
+ - inputs
+ - id
+ - revision
+ - updated_at
+ - updated_by
+ - created_at
+ - created_by
+ maxItems: 10000
+ type: array
+ required:
+ - items
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ '404':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ type: string
+ required:
+ - message
+ description: Not found.
+ summary: Bulk get package policies
+ tags:
+ - Fleet package policies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ description: |-
+ **Spaces method and path for this operation:**
+
+ post /s/{space_id}/api/fleet/package_policies/_bulk_get
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+ /api/fleet/package_policies/{packagePolicyId}:
+ delete:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ delete /s/{space_id}/api/fleet/package_policies/{packagePolicyId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Delete a package policy by ID.
[Required authorization] Route required privileges: fleet-agent-policies-all AND integrations-all.
+ operationId: delete-fleet-package-policies-packagepolicyid
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ - in: path
+ name: packagePolicyId
+ required: true
+ schema:
+ type: string
+ - in: query
+ name: force
+ required: false
+ schema:
+ type: boolean
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Delete a package policy
+ tags:
+ - Fleet package policies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/package_policies/{packagePolicyId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Get a package policy by ID.
+ operationId: get-fleet-package-policies-packagepolicyid
+ parameters:
+ - in: path
+ name: packagePolicyId
+ required: true
+ schema:
+ type: string
+ - in: query
+ name: format
+ required: false
+ schema:
+ enum:
+ - simplified
+ - legacy
+ type: string
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
type: string
- type:
- enum:
- - logstash
- type: string
- - additionalProperties: false
- type: object
- properties:
- allow_edit:
- items:
+ maxItems: 1000
+ nullable: true
+ type: array
+ agents:
+ type: number
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
+ nullable: true
type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: false
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
- items:
- additionalProperties: false
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
+ nullable: true
+ type: string
+ created_at:
+ type: string
+ created_by:
+ type: string
+ description:
+ description: Package policy description
+ type: string
+ elasticsearch:
+ additionalProperties: true
type: object
properties:
- key:
- type: string
- value:
- type: string
- required:
- - key
- - value
- maxItems: 100
- type: array
- hosts:
- items:
+ privileges:
+ additionalProperties: true
+ type: object
+ properties:
+ cluster:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ enabled:
+ type: boolean
+ id:
+ description: Package policy unique identifier.
type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
- type: string
- random:
- additionalProperties: false
- type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: false
- type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
- type: string
- secrets:
- additionalProperties: false
- type: object
- properties:
- password:
- anyOf:
- - additionalProperties: false
+ inputs:
+ anyOf:
+ - items:
+ additionalProperties: false
type: object
properties:
- hash:
- type: string
+ compiled_input: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
id:
type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ policy_template:
+ type: string
+ streams:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_stream: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
+ type: object
+ properties:
+ dataset:
+ type: string
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ dynamic_dataset:
+ type: boolean
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ required:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - enabled
+ - data_stream
+ - compiled_stream
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
required:
- - id
- - type: string
- ssl:
- additionalProperties: false
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: false
+ - type
+ - enabled
+ - streams
+ - compiled_input
+ maxItems: 100
+ type: array
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
type: object
properties:
- hash:
+ description:
type: string
- id:
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
type: string
required:
- - id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - compression_level
- - connection_type
- - username
- - password
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- name:
- type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
- type: string
- proxy_id:
- nullable: true
- type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
+ - description
+ enabled:
+ description: Enable or disable that input. Defaults to `true` (enabled).
+ type: boolean
+ streams:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
type: object
properties:
- hash:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that stream. Defaults to `true` (enabled).
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Input streams. Refer to the integration documentation to know which streams are available.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
id:
type: string
+ isSecretRef:
+ type: boolean
required:
- id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
+ x-oas-optional: true
+ description: Package policy inputs.
+ is_managed:
+ type: boolean
+ name:
+ description: Unique name for the package policy.
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
+ additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
+ type: object
+ properties:
+ inputs:
+ additionalProperties: {}
type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
- type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
+ package:
+ additionalProperties: false
type: object
properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
+ experimental_data_stream_features:
items:
- format: uri
- type: string
- maxItems: 10
- minItems: 1
+ additionalProperties: false
+ type: object
+ properties:
+ data_stream:
+ type: string
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
+ fips_compatible:
type: boolean
- kibana_api_key:
- nullable: true
- type: string
- kibana_url:
- nullable: true
- type: string
name:
+ description: Package name
type: string
- preset:
- enum:
- - balanced
- - custom
- - throughput
- - scale
- - latency
+ requires_root:
+ type: boolean
+ title:
type: string
- proxy_id:
- nullable: true
+ version:
+ description: Package version
type: string
- secrets:
- additionalProperties: true
+ required:
+ - name
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
+ nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
+ type: string
+ maxItems: 1000
+ type: array
+ revision:
+ description: Package policy revision.
+ type: number
+ secret_references:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ maxItems: 100
+ type: array
+ spaceIds:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ supports_agentless:
+ default: false
+ description: Indicates whether the package policy belongs to an agentless agent policy.
+ nullable: true
+ type: boolean
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
+ nullable: true
+ type: boolean
+ updated_at:
+ type: string
+ updated_by:
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ anyOf:
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
type: object
- properties:
- service_token:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- service_token:
- nullable: true
- type: string
- shipper:
- additionalProperties: true
- nullable: true
+ - additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
+ x-oas-optional: true
+ description: Package level variable.
+ version:
+ description: Package policy ES version.
+ type: string
+ required:
+ - name
+ - enabled
+ - inputs
+ - id
+ - revision
+ - updated_at
+ - updated_by
+ - created_at
+ - created_by
+ required:
+ - item
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ '404':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ type: string
+ required:
+ - message
+ description: Not found.
+ summary: Get a package policy
+ tags:
+ - Fleet package policies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ put:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ put /s/{space_id}/api/fleet/package_policies/{packagePolicyId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Update a package policy by ID.
+ operationId: put-fleet-package-policies-packagepolicyid
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ - in: path
+ name: packagePolicyId
+ required: true
+ schema:
+ type: string
+ - in: query
+ name: format
+ required: false
+ schema:
+ enum:
+ - simplified
+ - legacy
+ type: string
+ requestBody:
+ content:
+ application/json:
+ schema:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
+ type: string
+ maxItems: 1000
+ nullable: true
+ type: array
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
+ nullable: true
+ type: string
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
+ nullable: true
+ type: string
+ description:
+ description: Package policy description
+ type: string
+ enabled:
+ type: boolean
+ force:
+ type: boolean
+ inputs:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ deprecated:
+ additionalProperties: false
type: object
properties:
- certificate:
+ description:
type: string
- certificate_authorities:
- items:
+ replaced_by:
+ additionalProperties:
type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
+ type: object
+ since:
type: string
- sync_integrations:
- type: boolean
- sync_uninstalled_integrations:
- type: boolean
- type:
- enum:
- - remote_elasticsearch
- type: string
- write_to_logs_streams:
- nullable: true
+ required:
+ - description
+ enabled:
type: boolean
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- config_yaml:
- nullable: true
- type: string
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
id:
type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
+ keep_enabled:
type: boolean
- name:
- type: string
- proxy_id:
- nullable: true
+ migrate_from:
type: string
- secrets:
- additionalProperties: true
- type: object
- properties:
- ssl:
- additionalProperties: true
- type: object
- properties:
- key:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- shipper:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
- type: object
- properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
- type: string
- type:
- enum:
- - logstash
+ policy_template:
type: string
- required:
- - name
- - type
- - hosts
- - additionalProperties: true
- type: object
- properties:
- allow_edit:
- items:
- type: string
- maxItems: 1000
- type: array
- auth_type:
- enum:
- - none
- - user_pass
- - ssl
- - kerberos
- type: string
- broker_timeout:
- type: number
- ca_sha256:
- nullable: true
- type: string
- ca_trusted_fingerprint:
- nullable: true
- type: string
- client_id:
- type: string
- compression:
- enum:
- - gzip
- - snappy
- - lz4
- - none
- type: string
- compression_level:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: number
- - not: {}
- config_yaml:
- nullable: true
- type: string
- connection_type:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - enum:
- - plaintext
- - encryption
- type: string
- - not: {}
- hash:
- additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- random:
- type: boolean
- headers:
+ streams:
items:
- additionalProperties: true
+ additionalProperties: false
type: object
properties:
- key:
+ compiled_stream: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
+ type: object
+ properties:
+ dataset:
+ type: string
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ dynamic_dataset:
+ type: boolean
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ required:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
type: string
- value:
+ keep_enabled:
+ type: boolean
+ migrate_from:
type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
required:
- - key
- - value
+ - enabled
+ - data_stream
+ - compiled_stream
maxItems: 100
type: array
- hosts:
- items:
- type: string
- maxItems: 10
- minItems: 1
- type: array
- id:
- type: string
- is_default:
- default: false
- type: boolean
- is_default_monitoring:
- default: false
- type: boolean
- is_internal:
- type: boolean
- is_preconfigured:
- type: boolean
- key:
- type: string
- name:
- type: string
- partition:
- enum:
- - random
- - round_robin
- - hash
- type: string
- password:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - not: {}
- - anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- proxy_id:
- nullable: true
+ type:
type: string
- random:
- additionalProperties: true
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
type: object
- properties:
- group_events:
- type: number
- required_acks:
- enum:
- - 1
- - 0
- - -1
- type: integer
- round_robin:
- additionalProperties: true
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
type: object
- properties:
- group_events:
- type: number
- sasl:
- additionalProperties: true
- nullable: true
+ required:
+ - type
+ - enabled
+ maxItems: 100
+ type: array
+ is_managed:
+ type: boolean
+ name:
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
+ additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
+ type: object
+ properties:
+ inputs:
+ additionalProperties: {}
+ type: object
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
type: object
properties:
- mechanism:
- enum:
- - PLAIN
- - SCRAM-SHA-256
- - SCRAM-SHA-512
+ data_stream:
type: string
- secrets:
- additionalProperties: true
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
+ type: string
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
+ nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
+ type: string
+ maxItems: 1000
+ type: array
+ spaceIds:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ supports_agentless:
+ default: false
+ description: Indicates whether the package policy belongs to an agentless agent policy.
+ nullable: true
+ type: boolean
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
+ nullable: true
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ version:
+ type: string
+ - additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
+ type: string
+ maxItems: 100
+ nullable: true
+ type: array
+ description:
+ description: Policy description.
+ type: string
+ force:
+ description: Force package policy creation even if the package is not verified, or if the agent policy is managed.
+ type: boolean
+ id:
+ description: Policy unique identifier.
+ type: string
+ inputs:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
type: object
properties:
- password:
- anyOf:
- - additionalProperties: true
- type: object
- properties:
- hash:
- type: string
- id:
- type: string
- required:
- - id
- - type: string
- ssl:
- additionalProperties: true
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
type: object
- properties:
- key:
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that input. Defaults to `true` (enabled).
+ type: boolean
+ streams:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that stream. Defaults to `true` (enabled).
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
anyOf:
- - additionalProperties: true
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
type: object
properties:
- hash:
- type: string
id:
type: string
+ isSecretRef:
+ type: boolean
required:
- id
- - type: string
- required:
- - key
- shipper:
- additionalProperties: true
- nullable: true
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Input streams. Refer to the integration documentation to know which streams are available.
type: object
- properties:
- compression_level:
- nullable: true
- type: number
- disk_queue_compression_enabled:
- nullable: true
- type: boolean
- disk_queue_enabled:
- default: false
- nullable: true
- type: boolean
- disk_queue_encryption_enabled:
- nullable: true
- type: boolean
- disk_queue_max_size:
- nullable: true
- type: number
- disk_queue_path:
- nullable: true
- type: string
- loadbalance:
- nullable: true
- type: boolean
- max_batch_bytes:
- nullable: true
- type: number
- mem_queue_events:
- nullable: true
- type: number
- queue_flush_timeout:
- nullable: true
- type: number
- required:
- - disk_queue_path
- - disk_queue_max_size
- - disk_queue_encryption_enabled
- - disk_queue_compression_enabled
- - compression_level
- - loadbalance
- - mem_queue_events
- - queue_flush_timeout
- - max_batch_bytes
- ssl:
- additionalProperties: true
- nullable: true
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
+ type: object
+ name:
+ description: Unique name for the policy.
+ type: string
+ namespace:
+ description: Policy namespace. When not specified, it inherits the agent policy namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
type: object
properties:
- certificate:
- type: string
- certificate_authorities:
- items:
- type: string
- maxItems: 10
- type: array
- key:
- type: string
- verification_mode:
- enum:
- - full
- - none
- - certificate
- - strict
+ data_stream:
type: string
- timeout:
- type: number
- topic:
- type: string
- type:
- enum:
- - kafka
- type: string
- username:
- anyOf:
- - items: {}
- type: array
- - type: boolean
- - type: number
- - type: object
- - type: string
- nullable: true
- oneOf:
- - type: string
- - not: {}
- version:
- type: string
- required:
- - name
- - type
- - hosts
- - compression_level
- - auth_type
- - connection_type
- - username
- - password
- required:
- - item
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Update output
- tags:
- - Fleet outputs
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/outputs/{outputId}/health:
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/outputs/{outputId}/health
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-read.
- operationId: get-fleet-outputs-outputid-health
- parameters:
- - in: path
- name: outputId
- required: true
- schema:
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- message:
- description: long message if unhealthy
- type: string
- state:
- description: state of output, HEALTHY or DEGRADED
- type: string
- timestamp:
- description: timestamp of reported state
- type: string
- required:
- - state
- - message
- - timestamp
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Get the latest output health
- tags:
- - Fleet outputs
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/package_policies:
- get:
- operationId: get-fleet-package-policies
- parameters:
- - in: query
- name: page
- required: false
- schema:
- type: number
- - in: query
- name: perPage
- required: false
- schema:
- type: number
- - in: query
- name: sortField
- required: false
- schema:
- type: string
- - in: query
- name: sortOrder
- required: false
- schema:
- enum:
- - desc
- - asc
- type: string
- - in: query
- name: showUpgradeable
- required: false
- schema:
- type: boolean
- - in: query
- name: kuery
- required: false
- schema:
- type: string
- - in: query
- name: format
- required: false
- schema:
- enum:
- - simplified
- - legacy
- type: string
- - in: query
- name: withAgentCount
- required: false
- schema:
- type: boolean
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
+ type: string
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ policy_id:
+ deprecated: true
+ description: Deprecated. Use policy_ids instead.
+ nullable: true
+ type: string
+ policy_ids:
+ description: IDs of the agent policies which that package policy will be added to.
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ supports_agentless:
+ default: false
+ deprecated: true
+ description: Indicates whether the package policy belongs to an agentless agent policy. Deprecated in favor of the Fleet agentless policies API.
+ nullable: true
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ required:
+ - name
+ - package
responses:
'200':
content:
@@ -50947,520 +50709,508 @@ paths:
additionalProperties: false
type: object
properties:
- items:
- items:
- additionalProperties: false
- type: object
- properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
- type: string
- maxItems: 1000
- nullable: true
- type: array
- agents:
- type: number
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
- nullable: true
- type: string
- created_at:
- type: string
- created_by:
- type: string
- description:
- description: Package policy description
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
type: string
- elasticsearch:
- additionalProperties: true
- type: object
- properties:
- privileges:
- additionalProperties: true
+ maxItems: 1000
+ nullable: true
+ type: array
+ agents:
+ type: number
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
+ nullable: true
+ type: string
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
+ nullable: true
+ type: string
+ created_at:
+ type: string
+ created_by:
+ type: string
+ description:
+ description: Package policy description
+ type: string
+ elasticsearch:
+ additionalProperties: true
+ type: object
+ properties:
+ privileges:
+ additionalProperties: true
+ type: object
+ properties:
+ cluster:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ enabled:
+ type: boolean
+ id:
+ description: Package policy unique identifier.
+ type: string
+ inputs:
+ anyOf:
+ - items:
+ additionalProperties: false
type: object
properties:
- cluster:
- items:
- type: string
- maxItems: 100
- type: array
- enabled:
- type: boolean
- id:
- description: Package policy unique identifier.
- type: string
- inputs:
- anyOf:
- - items:
- additionalProperties: false
- type: object
- properties:
- compiled_input: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
+ compiled_input: {}
+ config:
+ additionalProperties:
additionalProperties: false
type: object
properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
+ frozen:
+ type: boolean
+ type:
type: string
+ value: {}
required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
- additionalProperties: false
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
type: object
- properties:
- compiled_stream: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- data_stream:
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ policy_template:
+ type: string
+ streams:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_stream: {}
+ config:
+ additionalProperties:
additionalProperties: false
type: object
properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
+ frozen:
+ type: boolean
type:
type: string
+ value: {}
required:
- - dataset
- - type
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- release:
- enum:
- - ga
- - beta
- - experimental
- type: string
- var_group_selections:
- additionalProperties:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
+ type: object
+ properties:
+ dataset:
type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
+ elasticsearch:
additionalProperties: false
type: object
properties:
- frozen:
+ dynamic_dataset:
type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ required:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
type: object
- required:
- - enabled
- - data_stream
- - compiled_stream
- maxItems: 100
- type: array
- type:
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - enabled
+ - data_stream
+ - compiled_stream
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ var_group_selections:
+ additionalProperties:
type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
type: object
- vars:
- additionalProperties:
- additionalProperties: false
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - type
+ - enabled
+ - streams
+ - compiled_input
+ maxItems: 100
+ type: array
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- - streams
- - compiled_input
- maxItems: 100
- type: array
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that input. Defaults to `true` (enabled).
+ type: boolean
+ streams:
+ additionalProperties:
additionalProperties: false
type: object
properties:
- description:
- type: string
- replaced_by:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that stream. Defaults to `true` (enabled).
+ type: boolean
+ var_group_selections:
additionalProperties:
type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that input. Defaults to `true` (enabled).
- type: boolean
- streams:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that stream. Defaults to `true` (enabled).
- type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
+ properties:
+ id:
type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Input streams. Refer to the integration documentation to know which streams are available.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Input streams. Refer to the integration documentation to know which streams are available.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
+ type: object
+ x-oas-optional: true
+ description: Package policy inputs.
+ is_managed:
+ type: boolean
+ name:
+ description: Unique name for the package policy.
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
+ additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
+ type: object
+ properties:
+ inputs:
+ additionalProperties: {}
+ type: object
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
type: object
- x-oas-optional: true
- description: Package policy inputs.
- is_managed:
- type: boolean
- name:
- description: Unique name for the package policy.
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
- type: string
- output_id:
- nullable: true
+ properties:
+ data_stream:
+ type: string
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
+ type: string
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
+ nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
type: string
- overrides:
- additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
- type: object
- properties:
- inputs:
- additionalProperties: {}
- type: object
- package:
+ maxItems: 1000
+ type: array
+ revision:
+ description: Package policy revision.
+ type: number
+ secret_references:
+ items:
additionalProperties: false
type: object
properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
+ id:
type: string
required:
- - name
- - version
- package_agent_version_condition:
+ - id
+ maxItems: 100
+ type: array
+ spaceIds:
+ items:
type: string
- policy_id:
- deprecated: true
- description: ID of the agent policy which the package policy will be added to.
- nullable: true
+ maxItems: 100
+ type: array
+ supports_agentless:
+ default: false
+ description: Indicates whether the package policy belongs to an agentless agent policy.
+ nullable: true
+ type: boolean
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
+ nullable: true
+ type: boolean
+ updated_at:
+ type: string
+ updated_by:
+ type: string
+ var_group_selections:
+ additionalProperties:
type: string
- policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- revision:
- description: Package policy revision.
- type: number
- secret_references:
- items:
- additionalProperties: false
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ anyOf:
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
type: object
- properties:
- id:
- type: string
- required:
- - id
- maxItems: 100
- type: array
- spaceIds:
- items:
- type: string
- maxItems: 100
- type: array
- supports_agentless:
- default: false
- description: Indicates whether the package policy belongs to an agentless agent policy.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
- type: boolean
- updated_at:
- type: string
- updated_by:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- anyOf:
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
+ - additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- - additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- x-oas-optional: true
- description: Package level variable.
- version:
- description: Package policy ES version.
- type: string
- required:
- - name
- - enabled
- - inputs
- - id
- - revision
- - updated_at
- - updated_by
- - created_at
- - created_by
- maxItems: 10000
- type: array
- page:
- type: number
- perPage:
- type: number
- total:
- type: number
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ x-oas-optional: true
+ description: Package level variable.
+ version:
+ description: Package policy ES version.
+ type: string
+ required:
+ - name
+ - enabled
+ - inputs
+ - id
+ - revision
+ - updated_at
+ - updated_by
+ - created_at
+ - created_by
required:
- - items
- - total
- - page
- - perPage
+ - item
description: 'OK: A successful request.'
'400':
content:
@@ -51483,20 +51233,44 @@ paths:
- message
- attributes
description: A bad request.
- summary: Get package policies
+ '403':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: Forbidden.
+ summary: Update a package policy
tags:
- Fleet package policies
x-metaTags:
- content: Kibana
name: product_name
+ /api/fleet/package_policies/delete:
+ post:
description: |-
**Spaces method and path for this operation:**
- get /s/{space_id}/api/fleet/package_policies
+ post /s/{space_id}/api/fleet/package_policies/delete
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
- post:
- operationId: post-fleet-package-policies
+
+ [Required authorization] Route required privileges: fleet-agent-policies-all AND integrations-all.
+ operationId: post-fleet-package-policies-delete
parameters:
- description: A required header to protect against CSRF attacks
in: header
@@ -51505,240 +51279,46 @@ paths:
schema:
example: 'true'
type: string
- - in: query
- name: format
- required: false
- schema:
- enum:
- - simplified
- - legacy
- type: string
requestBody:
content:
application/json:
schema:
- anyOf:
- - additionalProperties: false
+ additionalProperties: false
+ type: object
+ properties:
+ force:
+ type: boolean
+ packagePolicyIds:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ required:
+ - packagePolicyIds
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ items:
+ additionalProperties: false
type: object
properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
- type: string
- maxItems: 1000
- nullable: true
- type: array
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
- nullable: true
- type: string
- description:
- description: Package policy description
- type: string
- enabled:
- type: boolean
- force:
- description: Force package policy creation even if the package is not verified, or if the agent policy is managed.
- type: boolean
+ body:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ type: string
+ required:
+ - message
id:
- description: Package policy unique identifier
type: string
- inputs:
- items:
- additionalProperties: false
- type: object
- properties:
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
- additionalProperties: false
- type: object
- properties:
- compiled_stream: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- data_stream:
- additionalProperties: false
- type: object
- properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
- type:
- type: string
- required:
- - dataset
- - type
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- release:
- enum:
- - ga
- - beta
- - experimental
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - enabled
- - data_stream
- - compiled_stream
- maxItems: 100
- type: array
- type:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- maxItems: 1000
- type: array
- is_managed:
- type: boolean
name:
- description: Unique name for the package policy.
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
type: string
output_id:
nullable: true
type: string
- overrides:
- additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
- type: object
- properties:
- inputs:
- additionalProperties: {}
- type: object
package:
additionalProperties: false
type: object
@@ -51782,997 +51362,354 @@ paths:
required:
- name
- version
- package_agent_version_condition:
- type: string
policy_id:
deprecated: true
- description: ID of the agent policy which the package policy will be added to.
+ description: Use `policy_ids` instead
nullable: true
type: string
policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- spaceIds:
items:
type: string
- maxItems: 100
+ maxItems: 10000
type: array
- supports_agentless:
- default: false
- deprecated: true
- description: Indicates whether the package policy belongs to an agentless agent policy. Deprecated in favor of the Fleet agentless policies API.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
+ statusCode:
+ type: number
+ success:
type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
required:
- - name
- - inputs
- - additionalProperties: false
- type: object
- properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
- type: string
- maxItems: 100
- nullable: true
- type: array
- description:
- description: Policy description.
- type: string
- force:
- description: Force package policy creation even if the package is not verified, or if the agent policy is managed.
- type: boolean
- id:
- description: Policy unique identifier.
- type: string
- inputs:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that input. Defaults to `true` (enabled).
- type: boolean
- streams:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that stream. Defaults to `true` (enabled).
- type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Input streams. Refer to the integration documentation to know which streams are available.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
- type: object
- name:
- description: Unique name for the policy.
- type: string
- namespace:
- description: Policy namespace. When not specified, it inherits the agent policy namespace.
- type: string
- output_id:
- nullable: true
- type: string
- package:
+ - id
+ - success
+ - policy_ids
+ - package
+ maxItems: 10000
+ type: array
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Bulk delete package policies
+ tags:
+ - Fleet package policies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/package_policies/upgrade:
+ post:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ post /s/{space_id}/api/fleet/package_policies/upgrade
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Upgrade a package policy to a newer package version.
[Required authorization] Route required privileges: fleet-agent-policies-all AND integrations-all.
+ operationId: post-fleet-package-policies-upgrade
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ requestBody:
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ packagePolicyIds:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ required:
+ - packagePolicyIds
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ body:
additionalProperties: false
type: object
properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
+ message:
type: string
required:
- - name
- - version
- policy_id:
- deprecated: true
- description: Deprecated. Use policy_ids instead.
- nullable: true
+ - message
+ id:
type: string
- policy_ids:
- description: IDs of the agent policies which that package policy will be added to.
- items:
- type: string
- maxItems: 1000
- type: array
- supports_agentless:
- default: false
- deprecated: true
- description: Indicates whether the package policy belongs to an agentless agent policy. Deprecated in favor of the Fleet agentless policies API.
- nullable: true
+ name:
+ type: string
+ statusCode:
+ type: number
+ success:
type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
required:
- - name
- - package
- description: You should use inputs as an object and not use the deprecated inputs array.
- responses:
- '200':
+ - id
+ - success
+ maxItems: 10000
+ type: array
+ description: 'OK: A successful request.'
+ '400':
content:
application/json:
schema:
additionalProperties: false
+ description: Generic Error
type: object
properties:
- item:
- additionalProperties: false
- type: object
- properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Upgrade a package policy
+ tags:
+ - Fleet package policies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/package_policies/upgrade/dryrun:
+ post:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ post /s/{space_id}/api/fleet/package_policies/upgrade/dryrun
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-agent-policies-read AND integrations-read.
+ operationId: post-fleet-package-policies-upgrade-dryrun
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ requestBody:
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ packagePolicyIds:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ packageVersion:
+ type: string
+ required:
+ - packagePolicyIds
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ agent_diff:
+ items:
items:
- type: string
- maxItems: 1000
- nullable: true
- type: array
- agents:
- type: number
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
- nullable: true
- type: string
- created_at:
- type: string
- created_by:
- type: string
- description:
- description: Package policy description
- type: string
- elasticsearch:
- additionalProperties: true
- type: object
- properties:
- privileges:
- additionalProperties: true
- type: object
- properties:
- cluster:
- items:
+ additionalProperties: true
+ type: object
+ properties:
+ data_stream:
+ additionalProperties: true
+ type: object
+ properties:
+ namespace:
type: string
- maxItems: 100
- type: array
- enabled:
- type: boolean
- id:
- description: Package policy unique identifier.
- type: string
- inputs:
- anyOf:
- - items:
- additionalProperties: false
+ required:
+ - namespace
+ id:
+ type: string
+ meta:
+ additionalProperties: true
type: object
properties:
- compiled_input: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
- additionalProperties: false
+ package:
+ additionalProperties: true
type: object
properties:
- description:
+ name:
type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
+ version:
type: string
required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
- additionalProperties: false
+ - name
+ - version
+ required:
+ - package
+ name:
+ type: string
+ package_policy_id:
+ type: string
+ processors:
+ items:
+ additionalProperties: true
+ type: object
+ properties:
+ add_fields:
+ additionalProperties: true
type: object
properties:
- compiled_stream: {}
- config:
+ fields:
additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- data_stream:
- additionalProperties: false
- type: object
- properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
- type:
- type: string
- required:
- - dataset
- - type
- deprecated:
- additionalProperties: false
+ anyOf:
+ - type: string
+ - type: number
type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- release:
- enum:
- - ga
- - beta
- - experimental
+ target:
type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
required:
- - enabled
- - data_stream
- - compiled_stream
- maxItems: 100
- type: array
- type:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
+ - target
+ - fields
+ required:
+ - add_fields
+ maxItems: 10000
+ type: array
+ revision:
+ type: number
+ streams:
+ items:
+ additionalProperties: true
+ type: object
+ properties:
+ data_stream:
+ additionalProperties: true
type: object
properties:
- frozen:
- type: boolean
+ dataset:
+ type: string
type:
type: string
- value: {}
required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- - streams
- - compiled_input
- maxItems: 100
- type: array
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that input. Defaults to `true` (enabled).
- type: boolean
- streams:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that stream. Defaults to `true` (enabled).
- type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Input streams. Refer to the integration documentation to know which streams are available.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
- type: object
- x-oas-optional: true
- description: Package policy inputs.
- is_managed:
- type: boolean
- name:
- description: Unique name for the package policy.
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
- type: string
- output_id:
- nullable: true
- type: string
- overrides:
- additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
- type: object
- properties:
- inputs:
- additionalProperties: {}
- type: object
- package:
- additionalProperties: false
- type: object
- properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
- type: string
- required:
- - name
- - version
- package_agent_version_condition:
- type: string
- policy_id:
- deprecated: true
- description: ID of the agent policy which the package policy will be added to.
- nullable: true
- type: string
- policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- revision:
- description: Package policy revision.
- type: number
- secret_references:
- items:
- additionalProperties: false
- type: object
- properties:
- id:
+ - dataset
+ id:
+ type: string
+ required:
+ - data_stream
+ maxItems: 10000
+ type: array
+ type:
+ type: string
+ use_output:
type: string
required:
- id
- maxItems: 100
- type: array
- spaceIds:
- items:
- type: string
- maxItems: 100
+ - name
+ - revision
+ - type
+ - data_stream
+ - use_output
+ - package_policy_id
+ maxItems: 10000
type: array
- supports_agentless:
- default: false
- description: Indicates whether the package policy belongs to an agentless agent policy.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
- type: boolean
- updated_at:
- type: string
- updated_by:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- anyOf:
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- - additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- x-oas-optional: true
- description: Package level variable.
- version:
- description: Package policy ES version.
- type: string
- required:
- - name
- - enabled
- - inputs
- - id
- - revision
- - updated_at
- - updated_by
- - created_at
- - created_by
- required:
- - item
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- '409':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A conflict occurred.
- summary: Create a package policy
- tags:
- - Fleet package policies
- x-metaTags:
- - content: Kibana
- name: product_name
- description: |-
- **Spaces method and path for this operation:**
-
- post /s/{space_id}/api/fleet/package_policies
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
- /api/fleet/package_policies/_bulk_get:
- post:
- operationId: post-fleet-package-policies-bulk-get
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- - in: query
- name: format
- required: false
- schema:
- enum:
- - simplified
- - legacy
- type: string
- requestBody:
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- ids:
- description: list of package policy ids
- items:
- type: string
- maxItems: 1000
- type: array
- ignoreMissing:
- type: boolean
- required:
- - ids
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- items:
- items:
+ maxItems: 1
+ type: array
+ body:
additionalProperties: false
type: object
properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
- type: string
- maxItems: 1000
- nullable: true
- type: array
- agents:
- type: number
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
- nullable: true
- type: string
- created_at:
- type: string
- created_by:
- type: string
- description:
- description: Package policy description
+ message:
type: string
- elasticsearch:
- additionalProperties: true
- type: object
- properties:
- privileges:
- additionalProperties: true
- type: object
- properties:
- cluster:
- items:
- type: string
- maxItems: 100
- type: array
- enabled:
- type: boolean
- id:
- description: Package policy unique identifier.
- type: string
- inputs:
- anyOf:
- - items:
- additionalProperties: false
+ required:
+ - message
+ diff:
+ items:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
+ items:
+ type: string
+ maxItems: 1000
+ nullable: true
+ type: array
+ agents:
+ type: number
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
+ nullable: true
+ type: string
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
+ nullable: true
+ type: string
+ created_at:
+ type: string
+ created_by:
+ type: string
+ description:
+ description: Package policy description
+ type: string
+ elasticsearch:
+ additionalProperties: true
type: object
properties:
- compiled_input: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
- additionalProperties: false
+ privileges:
+ additionalProperties: true
type: object
properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
+ cluster:
+ items:
type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
+ maxItems: 100
+ type: array
+ enabled:
+ type: boolean
+ id:
+ type: string
+ inputs:
+ anyOf:
+ - items:
additionalProperties: false
type: object
properties:
- compiled_stream: {}
+ compiled_input: {}
config:
additionalProperties:
additionalProperties: false
@@ -52787,34 +51724,6 @@ paths:
- value
description: Package variable (see integration documentation for more information)
type: object
- data_stream:
- additionalProperties: false
- type: object
- properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
- type:
- type: string
- required:
- - dataset
- - type
deprecated:
additionalProperties: false
type: object
@@ -52837,11 +51746,110 @@ paths:
type: boolean
migrate_from:
type: string
- release:
- enum:
- - ga
- - beta
- - experimental
+ policy_template:
+ type: string
+ streams:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_stream: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
+ type: object
+ properties:
+ dataset:
+ type: string
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ dynamic_dataset:
+ type: boolean
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ required:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
+ type: string
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - enabled
+ - data_stream
+ - compiled_stream
+ maxItems: 100
+ type: array
+ type:
type: string
var_group_selections:
additionalProperties:
@@ -52863,62 +51871,13 @@ paths:
description: Package variable (see integration documentation for more information)
type: object
required:
+ - type
- enabled
- - data_stream
- - compiled_stream
+ - streams
+ - compiled_input
maxItems: 100
type: array
- type:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- - streams
- - compiled_input
- maxItems: 100
- type: array
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that input. Defaults to `true` (enabled).
- type: boolean
- streams:
- additionalProperties:
+ - additionalProperties:
additionalProperties: false
type: object
properties:
@@ -52937,12 +51896,63 @@ paths:
required:
- description
enabled:
- description: Enable or disable that stream. Defaults to `true` (enabled).
+ description: Enable or disable that input. Defaults to `true` (enabled).
type: boolean
- var_group_selections:
+ streams:
additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
+ additionalProperties: false
+ type: object
+ properties:
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ description: Enable or disable that stream. Defaults to `true` (enabled).
+ type: boolean
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ - items:
+ type: string
+ maxItems: 100
+ type: array
+ - items:
+ type: number
+ maxItems: 100
+ type: array
+ - additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ isSecretRef:
+ type: boolean
+ required:
+ - id
+ - isSecretRef
+ nullable: true
+ description: Input/stream level variable. Refer to the integration documentation for more information.
+ type: object
+ description: Input streams. Refer to the integration documentation to know which streams are available.
type: object
vars:
additionalProperties:
@@ -52971,10 +51981,140 @@ paths:
nullable: true
description: Input/stream level variable. Refer to the integration documentation for more information.
type: object
- description: Input streams. Refer to the integration documentation to know which streams are available.
+ description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
type: object
- vars:
- additionalProperties:
+ x-oas-optional: true
+ description: Package policy inputs.
+ is_managed:
+ type: boolean
+ name:
+ description: Unique name for the package policy.
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
+ additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
+ type: object
+ properties:
+ inputs:
+ additionalProperties: {}
+ type: object
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ data_stream:
+ type: string
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
+ type: string
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
+ nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
+ type: string
+ maxItems: 1000
+ type: array
+ revision:
+ description: Package policy revision.
+ type: number
+ secret_references:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ maxItems: 100
+ type: array
+ spaceIds:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ supports_agentless:
+ default: false
+ description: Indicates whether the package policy belongs to an agentless agent policy.
+ nullable: true
+ type: boolean
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
+ nullable: true
+ type: boolean
+ updated_at:
+ type: string
+ updated_by:
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ anyOf:
+ - additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ - additionalProperties:
anyOf:
- type: string
- type: number
@@ -53000,831 +52140,618 @@ paths:
nullable: true
description: Input/stream level variable. Refer to the integration documentation for more information.
type: object
- description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
- type: object
- x-oas-optional: true
- description: Package policy inputs.
- is_managed:
- type: boolean
- name:
- description: Unique name for the package policy.
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
- type: string
- output_id:
- nullable: true
- type: string
- overrides:
- additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
- type: object
- properties:
- inputs:
- additionalProperties: {}
- type: object
- package:
- additionalProperties: false
- type: object
- properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
- type: string
- required:
- - name
- - version
- package_agent_version_condition:
- type: string
- policy_id:
- deprecated: true
- description: ID of the agent policy which the package policy will be added to.
- nullable: true
- type: string
- policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- revision:
- description: Package policy revision.
- type: number
- secret_references:
- items:
- additionalProperties: false
- type: object
- properties:
- id:
+ x-oas-optional: true
+ description: Package level variable.
+ version:
+ description: Package policy ES version.
type: string
required:
- - id
- maxItems: 100
- type: array
- spaceIds:
- items:
- type: string
- maxItems: 100
- type: array
- supports_agentless:
- default: false
- description: Indicates whether the package policy belongs to an agentless agent policy.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
- type: boolean
- updated_at:
- type: string
- updated_by:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- anyOf:
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- - additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- x-oas-optional: true
- description: Package level variable.
- version:
- description: Package policy ES version.
- type: string
- required:
- - name
- - enabled
- - inputs
- - id
- - revision
- - updated_at
- - updated_by
- - created_at
- - created_by
- maxItems: 10000
- type: array
- required:
- - items
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- '404':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- required:
- - message
- description: Not found.
- summary: Bulk get package policies
- tags:
- - Fleet package policies
- x-metaTags:
- - content: Kibana
- name: product_name
- description: |-
- **Spaces method and path for this operation:**
-
- post /s/{space_id}/api/fleet/package_policies/_bulk_get
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
- /api/fleet/package_policies/{packagePolicyId}:
- delete:
- description: |-
- **Spaces method and path for this operation:**
-
- delete /s/{space_id}/api/fleet/package_policies/{packagePolicyId}
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Delete a package policy by ID.
[Required authorization] Route required privileges: fleet-agent-policies-all AND integrations-all.
- operationId: delete-fleet-package-policies-packagepolicyid
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- - in: path
- name: packagePolicyId
- required: true
- schema:
- type: string
- - in: query
- name: force
- required: false
- schema:
- type: boolean
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- id:
- type: string
- required:
- - id
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Delete a package policy
- tags:
- - Fleet package policies
- x-metaTags:
- - content: Kibana
- name: product_name
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/package_policies/{packagePolicyId}
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Get a package policy by ID.
- operationId: get-fleet-package-policies-packagepolicyid
- parameters:
- - in: path
- name: packagePolicyId
- required: true
- schema:
- type: string
- - in: query
- name: format
- required: false
- schema:
- enum:
- - simplified
- - legacy
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- additionalProperties: false
- type: object
- properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
- type: string
- maxItems: 1000
- nullable: true
- type: array
- agents:
- type: number
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
- nullable: true
- type: string
- created_at:
- type: string
- created_by:
- type: string
- description:
- description: Package policy description
- type: string
- elasticsearch:
- additionalProperties: true
- type: object
- properties:
- privileges:
- additionalProperties: true
+ - name
+ - enabled
+ - inputs
+ - revision
+ - updated_at
+ - updated_by
+ - created_at
+ - created_by
+ - additionalProperties: true
type: object
properties:
- cluster:
+ additional_datastreams_permissions:
+ description: Additional datastream permissions, that will be added to the agent policy.
items:
type: string
- maxItems: 100
+ maxItems: 1000
+ nullable: true
type: array
- enabled:
- type: boolean
- id:
- description: Package policy unique identifier.
- type: string
- inputs:
- anyOf:
- - items:
- additionalProperties: false
- type: object
- properties:
- compiled_input: {}
- config:
- additionalProperties:
- additionalProperties: false
+ cloud_connector_id:
+ description: ID of the cloud connector associated with this package policy.
+ nullable: true
+ type: string
+ cloud_connector_name:
+ description: Transient field for cloud connector name during creation.
+ maxLength: 255
+ minLength: 1
+ nullable: true
+ type: string
+ created_at:
+ type: string
+ created_by:
+ type: string
+ description:
+ description: Package policy description
+ type: string
+ elasticsearch:
+ additionalProperties: true
+ type: object
+ properties:
+ privileges:
+ additionalProperties: true
type: object
properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
+ cluster:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ enabled:
+ type: boolean
+ errors:
+ items:
additionalProperties: false
type: object
properties:
- description:
+ key:
type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
+ message:
type: string
required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
- additionalProperties: false
- type: object
- properties:
- compiled_stream: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- data_stream:
+ - message
+ maxItems: 10
+ type: array
+ force:
+ type: boolean
+ id:
+ type: string
+ inputs:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ compiled_input: {}
+ config:
+ additionalProperties:
additionalProperties: false
type: object
properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
+ frozen:
+ type: boolean
type:
type: string
+ value: {}
required:
- - dataset
- - type
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- release:
- enum:
- - ga
- - beta
- - experimental
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - enabled
- - data_stream
- - compiled_stream
- maxItems: 100
- type: array
- type:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- - streams
- - compiled_input
- maxItems: 100
- type: array
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
+ keep_enabled:
+ type: boolean
+ migrate_from:
type: string
- required:
- - description
- enabled:
- description: Enable or disable that input. Defaults to `true` (enabled).
- type: boolean
- streams:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
+ policy_template:
+ type: string
+ streams:
+ items:
additionalProperties: false
type: object
properties:
- description:
+ compiled_stream: {}
+ config:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ data_stream:
+ additionalProperties: false
+ type: object
+ properties:
+ dataset:
+ type: string
+ elasticsearch:
+ additionalProperties: false
+ type: object
+ properties:
+ dynamic_dataset:
+ type: boolean
+ dynamic_namespace:
+ type: boolean
+ privileges:
+ additionalProperties: false
+ type: object
+ properties:
+ indices:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ required:
+ - dataset
+ - type
+ deprecated:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ replaced_by:
+ additionalProperties:
+ type: string
+ type: object
+ since:
+ type: string
+ required:
+ - description
+ enabled:
+ type: boolean
+ id:
type: string
- replaced_by:
+ keep_enabled:
+ type: boolean
+ migrate_from:
+ type: string
+ release:
+ enum:
+ - ga
+ - beta
+ - experimental
+ type: string
+ var_group_selections:
additionalProperties:
type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that stream. Defaults to `true` (enabled).
- type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
+ vars:
+ additionalProperties:
+ additionalProperties: false
type: object
properties:
- id:
- type: string
- isSecretRef:
+ frozen:
type: boolean
+ type:
+ type: string
+ value: {}
required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Input streams. Refer to the integration documentation to know which streams are available.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - enabled
+ - data_stream
+ - compiled_stream
+ maxItems: 100
+ type: array
+ type:
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
type: object
properties:
- id:
- type: string
- isSecretRef:
+ frozen:
type: boolean
+ type:
+ type: string
+ value: {}
required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
- type: object
- x-oas-optional: true
- description: Package policy inputs.
- is_managed:
- type: boolean
- name:
- description: Unique name for the package policy.
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
- type: string
- output_id:
- nullable: true
- type: string
- overrides:
- additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
- type: object
- properties:
- inputs:
- additionalProperties: {}
- type: object
- package:
- additionalProperties: false
- type: object
- properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
- type: string
- required:
- - name
- - version
- package_agent_version_condition:
- type: string
- policy_id:
- deprecated: true
- description: ID of the agent policy which the package policy will be added to.
- nullable: true
- type: string
- policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- revision:
- description: Package policy revision.
- type: number
- secret_references:
- items:
- additionalProperties: false
- type: object
- properties:
- id:
- type: string
- required:
- - id
- maxItems: 100
- type: array
- spaceIds:
- items:
- type: string
- maxItems: 100
- type: array
- supports_agentless:
- default: false
- description: Indicates whether the package policy belongs to an agentless agent policy.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
- type: boolean
- updated_at:
- type: string
- updated_by:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- anyOf:
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ required:
+ - type
+ - enabled
+ - streams
+ - compiled_input
+ maxItems: 100
+ type: array
+ is_managed:
+ type: boolean
+ missingVars:
+ items:
type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- - additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
+ maxItems: 100
+ type: array
+ name:
+ description: Unique name for the package policy.
+ type: string
+ namespace:
+ description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
+ type: string
+ output_id:
+ nullable: true
+ type: string
+ overrides:
+ additionalProperties: false
+ description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
+ nullable: true
+ type: object
+ properties:
+ inputs:
+ additionalProperties: {}
+ type: object
+ package:
+ additionalProperties: false
+ type: object
+ properties:
+ experimental_data_stream_features:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ data_stream:
+ type: string
+ features:
+ additionalProperties: false
+ type: object
+ properties:
+ doc_value_only_numeric:
+ type: boolean
+ doc_value_only_other:
+ type: boolean
+ synthetic_source:
+ type: boolean
+ tsdb:
+ type: boolean
+ required:
+ - data_stream
+ - features
+ maxItems: 100
+ type: array
+ fips_compatible:
+ type: boolean
+ name:
+ description: Package name
type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
+ requires_root:
+ type: boolean
+ title:
+ type: string
+ version:
+ description: Package version
+ type: string
+ required:
+ - name
+ - version
+ package_agent_version_condition:
+ type: string
+ policy_id:
+ deprecated: true
+ description: ID of the agent policy which the package policy will be added to.
+ nullable: true
+ type: string
+ policy_ids:
+ items:
+ description: IDs of the agent policies which that package policy will be added to.
+ type: string
+ maxItems: 1000
+ type: array
+ revision:
+ type: number
+ secret_references:
+ items:
+ additionalProperties: false
type: object
properties:
id:
type: string
- isSecretRef:
- type: boolean
required:
- id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- x-oas-optional: true
- description: Package level variable.
- version:
- description: Package policy ES version.
+ maxItems: 100
+ type: array
+ supports_agentless:
+ default: false
+ description: Indicates whether the package policy belongs to an agentless agent policy.
+ nullable: true
+ type: boolean
+ supports_cloud_connector:
+ default: false
+ description: Indicates whether the package policy supports cloud connectors.
+ nullable: true
+ type: boolean
+ updated_at:
+ type: string
+ updated_by:
+ type: string
+ var_group_selections:
+ additionalProperties:
+ type: string
+ description: Variable group selections. Maps var_group name to the selected option name within that group.
+ type: object
+ vars:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ frozen:
+ type: boolean
+ type:
+ type: string
+ value: {}
+ required:
+ - value
+ description: Package variable (see integration documentation for more information)
+ type: object
+ version:
+ description: Package policy ES version.
+ type: string
+ required:
+ - name
+ - enabled
+ - inputs
+ maxItems: 2
+ type: array
+ hasErrors:
+ type: boolean
+ name:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - hasErrors
+ maxItems: 10000
+ type: array
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Dry run a package policy upgrade
+ tags:
+ - Fleet package policies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/proxies:
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/proxies
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-settings-read.
+ operationId: get-fleet-proxies
+ parameters: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ items:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ certificate:
+ nullable: true
+ type: string
+ certificate_authorities:
+ nullable: true
+ type: string
+ certificate_key:
+ nullable: true
+ type: string
+ id:
+ type: string
+ is_preconfigured:
+ default: false
+ type: boolean
+ name:
+ type: string
+ proxy_headers:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: boolean
+ - type: number
+ nullable: true
+ type: object
+ url:
+ type: string
+ required:
+ - id
+ - url
+ - name
+ maxItems: 10000
+ type: array
+ page:
+ type: number
+ perPage:
+ type: number
+ total:
+ type: number
+ required:
+ - items
+ - total
+ - page
+ - perPage
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Get proxies
+ tags:
+ - Fleet proxies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ post:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ post /s/{space_id}/api/fleet/proxies
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-settings-all.
+ operationId: post-fleet-proxies
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ requestBody:
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ certificate:
+ nullable: true
+ type: string
+ certificate_authorities:
+ nullable: true
+ type: string
+ certificate_key:
+ nullable: true
+ type: string
+ id:
+ type: string
+ is_preconfigured:
+ default: false
+ type: boolean
+ name:
+ type: string
+ proxy_headers:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: boolean
+ - type: number
+ nullable: true
+ type: object
+ url:
+ type: string
+ required:
+ - url
+ - name
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ certificate:
+ nullable: true
+ type: string
+ certificate_authorities:
+ nullable: true
+ type: string
+ certificate_key:
+ nullable: true
+ type: string
+ id:
+ type: string
+ is_preconfigured:
+ default: false
+ type: boolean
+ name:
+ type: string
+ proxy_headers:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: boolean
+ - type: number
+ nullable: true
+ type: object
+ url:
type: string
required:
- - name
- - enabled
- - inputs
- id
- - revision
- - updated_at
- - updated_by
- - created_at
- - created_by
+ - url
+ - name
required:
- item
description: 'OK: A successful request.'
@@ -53849,21 +52776,161 @@ paths:
- message
- attributes
description: A bad request.
- '404':
+ summary: Create a proxy
+ tags:
+ - Fleet proxies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/proxies/{itemId}:
+ delete:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ delete /s/{space_id}/api/fleet/proxies/{itemId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Delete a proxy by ID
[Required authorization] Route required privileges: fleet-settings-all.
+ operationId: delete-fleet-proxies-itemid
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ - in: path
+ name: itemId
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ description: 'OK: A successful request.'
+ '400':
content:
application/json:
schema:
additionalProperties: false
+ description: Generic Error
type: object
properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
message:
type: string
+ statusCode:
+ type: number
required:
- message
- description: Not found.
- summary: Get a package policy
+ - attributes
+ description: A bad request.
+ summary: Delete a proxy
tags:
- - Fleet package policies
+ - Fleet proxies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/proxies/{itemId}
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ Get a proxy by ID.
[Required authorization] Route required privileges: fleet-settings-read.
+ operationId: get-fleet-proxies-itemid
+ parameters:
+ - in: path
+ name: itemId
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ certificate:
+ nullable: true
+ type: string
+ certificate_authorities:
+ nullable: true
+ type: string
+ certificate_key:
+ nullable: true
+ type: string
+ id:
+ type: string
+ is_preconfigured:
+ default: false
+ type: boolean
+ name:
+ type: string
+ proxy_headers:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: boolean
+ - type: number
+ nullable: true
+ type: object
+ url:
+ type: string
+ required:
+ - id
+ - url
+ - name
+ required:
+ - item
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Get a proxy
+ tags:
+ - Fleet proxies
x-metaTags:
- content: Kibana
name: product_name
@@ -53871,12 +52938,12 @@ paths:
description: |-
**Spaces method and path for this operation:**
- put /s/{space_id}/api/fleet/package_policies/{packagePolicyId}
+ put /s/{space_id}/api/fleet/proxies/{itemId}
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
- Update a package policy by ID.
- operationId: put-fleet-package-policies-packagepolicyid
+ Update a proxy by ID.
[Required authorization] Route required privileges: fleet-settings-all.
+ operationId: put-fleet-proxies-itemid
parameters:
- description: A required header to protect against CSRF attacks
in: header
@@ -53886,561 +52953,506 @@ paths:
example: 'true'
type: string
- in: path
- name: packagePolicyId
+ name: itemId
required: true
schema:
type: string
- - in: query
- name: format
- required: false
- schema:
- enum:
- - simplified
- - legacy
- type: string
requestBody:
content:
application/json:
schema:
- anyOf:
- - additionalProperties: false
+ additionalProperties: false
+ type: object
+ properties:
+ certificate:
+ nullable: true
+ type: string
+ certificate_authorities:
+ nullable: true
+ type: string
+ certificate_key:
+ nullable: true
+ type: string
+ name:
+ type: string
+ proxy_headers:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: boolean
+ - type: number
+ nullable: true
type: object
- properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
+ url:
+ type: string
+ required:
+ - certificate_authorities
+ - certificate
+ - certificate_key
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ certificate:
+ nullable: true
type: string
- maxItems: 1000
- nullable: true
- type: array
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
- nullable: true
- type: string
- description:
- description: Package policy description
- type: string
- enabled:
- type: boolean
- force:
- type: boolean
- inputs:
- items:
- additionalProperties: false
+ certificate_authorities:
+ nullable: true
+ type: string
+ certificate_key:
+ nullable: true
+ type: string
+ id:
+ type: string
+ is_preconfigured:
+ default: false
+ type: boolean
+ name:
+ type: string
+ proxy_headers:
+ additionalProperties:
+ anyOf:
+ - type: string
+ - type: boolean
+ - type: number
+ nullable: true
type: object
- properties:
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
- additionalProperties: false
- type: object
- properties:
- compiled_stream: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- data_stream:
- additionalProperties: false
- type: object
- properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
- type:
- type: string
- required:
- - dataset
- - type
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- release:
- enum:
- - ga
- - beta
- - experimental
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - enabled
- - data_stream
- - compiled_stream
- maxItems: 100
- type: array
- type:
- type: string
- var_group_selections:
- additionalProperties:
+ url:
+ type: string
+ required:
+ - id
+ - url
+ - name
+ required:
+ - item
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Update a proxy
+ tags:
+ - Fleet proxies
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/remote_synced_integrations/{outputId}/remote_status:
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/remote_synced_integrations/{outputId}/remote_status
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-settings-read AND integrations-read.
+ operationId: get-fleet-remote-synced-integrations-outputid-remote-status
+ parameters:
+ - in: path
+ name: outputId
+ required: true
+ schema:
+ type: string
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ custom_assets:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ error:
+ type: string
+ is_deleted:
+ type: boolean
+ name:
+ type: string
+ package_name:
+ type: string
+ package_version:
+ type: string
+ sync_status:
+ enum:
+ - completed
+ - synchronizing
+ - failed
+ - warning
+ type: string
+ type:
+ type: string
+ warning:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- maxItems: 100
- type: array
- is_managed:
- type: boolean
- name:
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
- type: string
- output_id:
- nullable: true
- type: string
- overrides:
+ title:
+ type: string
+ required:
+ - title
+ required:
+ - type
+ - name
+ - package_name
+ - package_version
+ - sync_status
+ type: object
+ error:
+ type: string
+ integrations:
+ items:
additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
type: object
properties:
- inputs:
- additionalProperties: {}
+ error:
+ type: string
+ id:
+ type: string
+ install_status:
+ additionalProperties: false
type: object
- package:
+ properties:
+ main:
+ type: string
+ remote:
+ type: string
+ required:
+ - main
+ package_name:
+ type: string
+ package_version:
+ type: string
+ sync_status:
+ enum:
+ - completed
+ - synchronizing
+ - failed
+ - warning
+ type: string
+ updated_at:
+ type: string
+ warning:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ type: string
+ title:
+ type: string
+ required:
+ - title
+ required:
+ - sync_status
+ - install_status
+ maxItems: 10000
+ type: array
+ warning:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ type: string
+ title:
+ type: string
+ required:
+ - title
+ required:
+ - integrations
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Get remote synced integrations status by outputId
+ tags:
+ - Fleet remote synced integrations
+ x-state: Generally available; added in 9.1.0
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/remote_synced_integrations/status:
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/remote_synced_integrations/status
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-settings-read AND integrations-read.
+ operationId: get-fleet-remote-synced-integrations-status
+ parameters: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ custom_assets:
+ additionalProperties:
additionalProperties: false
type: object
properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
+ error:
+ type: string
+ is_deleted:
type: boolean
name:
- description: Package name
type: string
- requires_root:
- type: boolean
- title:
+ package_name:
type: string
- version:
- description: Package version
+ package_version:
+ type: string
+ sync_status:
+ enum:
+ - completed
+ - synchronizing
+ - failed
+ - warning
+ type: string
+ type:
type: string
+ warning:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ type: string
+ title:
+ type: string
+ required:
+ - title
required:
+ - type
- name
- - version
- package_agent_version_condition:
- type: string
- policy_id:
- deprecated: true
- description: ID of the agent policy which the package policy will be added to.
- nullable: true
- type: string
- policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- spaceIds:
- items:
- type: string
- maxItems: 100
- type: array
- supports_agentless:
- default: false
- description: Indicates whether the package policy belongs to an agentless agent policy.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
- type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- version:
- type: string
- - additionalProperties: false
- type: object
- properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
- type: string
- maxItems: 100
- nullable: true
- type: array
- description:
- description: Policy description.
- type: string
- force:
- description: Force package policy creation even if the package is not verified, or if the agent policy is managed.
- type: boolean
- id:
- description: Policy unique identifier.
- type: string
- inputs:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that input. Defaults to `true` (enabled).
- type: boolean
- streams:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that stream. Defaults to `true` (enabled).
- type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Input streams. Refer to the integration documentation to know which streams are available.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
- type: object
- name:
- description: Unique name for the policy.
- type: string
- namespace:
- description: Policy namespace. When not specified, it inherits the agent policy namespace.
- type: string
- output_id:
- nullable: true
- type: string
- package:
+ - package_name
+ - package_version
+ - sync_status
+ type: object
+ error:
+ type: string
+ integrations:
+ items:
additionalProperties: false
type: object
properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
+ error:
type: string
- requires_root:
- type: boolean
- title:
+ id:
type: string
- version:
- description: Package version
+ install_status:
+ additionalProperties: false
+ type: object
+ properties:
+ main:
+ type: string
+ remote:
+ type: string
+ required:
+ - main
+ package_name:
+ type: string
+ package_version:
+ type: string
+ sync_status:
+ enum:
+ - completed
+ - synchronizing
+ - failed
+ - warning
+ type: string
+ updated_at:
type: string
+ warning:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ type: string
+ title:
+ type: string
+ required:
+ - title
required:
- - name
- - version
- policy_id:
- deprecated: true
- description: Deprecated. Use policy_ids instead.
- nullable: true
- type: string
- policy_ids:
- description: IDs of the agent policies which that package policy will be added to.
- items:
+ - sync_status
+ - install_status
+ maxItems: 10000
+ type: array
+ warning:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
type: string
- maxItems: 1000
- type: array
- supports_agentless:
- default: false
- deprecated: true
- description: Indicates whether the package policy belongs to an agentless agent policy. Deprecated in favor of the Fleet agentless policies API.
- nullable: true
- type: boolean
- var_group_selections:
- additionalProperties:
+ title:
type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- required:
- - name
- - package
+ required:
+ - title
+ required:
+ - integrations
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Get remote synced integrations status
+ tags:
+ - Fleet remote synced integrations
+ x-state: Generally available; added in 9.1.0
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/service_tokens:
+ post:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ post /s/{space_id}/api/fleet/service_tokens
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-agents-all.
+ operationId: post-fleet-service-tokens
+ parameters:
+ - description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ requestBody:
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ remote:
+ default: false
+ type: boolean
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ description: 'OK: A successful request.'
+ '400':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Generic Error
+ type: object
+ properties:
+ attributes: {}
+ error:
+ type: string
+ errorType:
+ type: string
+ message:
+ type: string
+ statusCode:
+ type: number
+ required:
+ - message
+ - attributes
+ description: A bad request.
+ summary: Create a service token
+ tags:
+ - Fleet service tokens
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/settings:
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/settings
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-settings-read.
+ operationId: get-fleet-settings
+ parameters: []
responses:
'200':
content:
@@ -54453,502 +53465,72 @@ paths:
additionalProperties: false
type: object
properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
+ action_secret_storage_requirements_met:
+ type: boolean
+ delete_unenrolled_agents:
+ additionalProperties: false
+ type: object
+ properties:
+ enabled:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ required:
+ - enabled
+ - is_preconfigured
+ download_source_auth_secret_storage_requirements_met:
+ type: boolean
+ has_seen_add_data_notice:
+ type: boolean
+ id:
+ type: string
+ ilm_migration_status:
+ additionalProperties: false
+ type: object
+ properties:
+ logs:
+ enum:
+ - success
+ nullable: true
+ type: string
+ metrics:
+ enum:
+ - success
+ nullable: true
+ type: string
+ synthetics:
+ enum:
+ - success
+ nullable: true
+ type: string
+ integration_knowledge_enabled:
+ type: boolean
+ output_secret_storage_requirements_met:
+ type: boolean
+ preconfigured_fields:
items:
+ enum:
+ - fleet_server_hosts
type: string
- maxItems: 1000
- nullable: true
+ maxItems: 1
type: array
- agents:
- type: number
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
+ prerelease_integrations_enabled:
+ type: boolean
+ secret_storage_requirements_met:
+ type: boolean
+ ssl_secret_storage_requirements_met:
+ type: boolean
+ use_space_awareness_migration_started_at:
nullable: true
type: string
- created_at:
- type: string
- created_by:
- type: string
- description:
- description: Package policy description
+ use_space_awareness_migration_status:
+ enum:
+ - pending
+ - success
+ - error
type: string
- elasticsearch:
- additionalProperties: true
- type: object
- properties:
- privileges:
- additionalProperties: true
- type: object
- properties:
- cluster:
- items:
- type: string
- maxItems: 100
- type: array
- enabled:
- type: boolean
- id:
- description: Package policy unique identifier.
+ version:
type: string
- inputs:
- anyOf:
- - items:
- additionalProperties: false
- type: object
- properties:
- compiled_input: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
- additionalProperties: false
- type: object
- properties:
- compiled_stream: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- data_stream:
- additionalProperties: false
- type: object
- properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
- type:
- type: string
- required:
- - dataset
- - type
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- release:
- enum:
- - ga
- - beta
- - experimental
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - enabled
- - data_stream
- - compiled_stream
- maxItems: 100
- type: array
- type:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- - streams
- - compiled_input
- maxItems: 100
- type: array
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that input. Defaults to `true` (enabled).
- type: boolean
- streams:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that stream. Defaults to `true` (enabled).
- type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Input streams. Refer to the integration documentation to know which streams are available.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
- type: object
- x-oas-optional: true
- description: Package policy inputs.
- is_managed:
- type: boolean
- name:
- description: Unique name for the package policy.
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
- type: string
- output_id:
- nullable: true
- type: string
- overrides:
- additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
- type: object
- properties:
- inputs:
- additionalProperties: {}
- type: object
- package:
- additionalProperties: false
- type: object
- properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
- type: string
- required:
- - name
- - version
- package_agent_version_condition:
- type: string
- policy_id:
- deprecated: true
- description: ID of the agent policy which the package policy will be added to.
- nullable: true
- type: string
- policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- revision:
- description: Package policy revision.
- type: number
- secret_references:
- items:
- additionalProperties: false
- type: object
- properties:
- id:
- type: string
- required:
- - id
- maxItems: 100
- type: array
- spaceIds:
- items:
- type: string
- maxItems: 100
- type: array
- supports_agentless:
- default: false
- description: Indicates whether the package policy belongs to an agentless agent policy.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
- type: boolean
- updated_at:
- type: string
- updated_by:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- anyOf:
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- - additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- x-oas-optional: true
- description: Package level variable.
- version:
- description: Package policy ES version.
- type: string
- required:
- - name
- - enabled
- - inputs
- - id
- - revision
- - updated_at
- - updated_by
- - created_at
- - created_by
required:
- item
description: 'OK: A successful request.'
@@ -54973,44 +53555,34 @@ paths:
- message
- attributes
description: A bad request.
- '403':
+ '404':
content:
application/json:
schema:
additionalProperties: false
- description: Generic Error
type: object
properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
message:
type: string
- statusCode:
- type: number
required:
- message
- - attributes
- description: Forbidden.
- summary: Update a package policy
+ description: Not found.
+ summary: Get settings
tags:
- - Fleet package policies
+ - Fleet internals
x-metaTags:
- content: Kibana
name: product_name
- /api/fleet/package_policies/delete:
- post:
+ put:
description: |-
**Spaces method and path for this operation:**
- post /s/{space_id}/api/fleet/package_policies/delete
+ put /s/{space_id}/api/fleet/settings
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
- [Required authorization] Route required privileges: fleet-agent-policies-all AND integrations-all.
- operationId: post-fleet-package-policies-delete
+ [Required authorization] Route required privileges: fleet-settings-all.
+ operationId: put-fleet-settings
parameters:
- description: A required header to protect against CSRF attacks
in: header
@@ -55026,103 +53598,117 @@ paths:
additionalProperties: false
type: object
properties:
- force:
+ additional_yaml_config:
+ deprecated: true
+ type: string
+ delete_unenrolled_agents:
+ additionalProperties: false
+ type: object
+ properties:
+ enabled:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ required:
+ - enabled
+ - is_preconfigured
+ has_seen_add_data_notice:
+ deprecated: true
type: boolean
- packagePolicyIds:
+ integration_knowledge_enabled:
+ type: boolean
+ kibana_ca_sha256:
+ deprecated: true
+ type: string
+ kibana_urls:
+ deprecated: true
items:
+ format: uri
type: string
- maxItems: 1000
+ maxItems: 10
type: array
- required:
- - packagePolicyIds
+ prerelease_integrations_enabled:
+ type: boolean
responses:
'200':
content:
application/json:
schema:
- items:
- additionalProperties: false
- type: object
- properties:
- body:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- required:
- - message
- id:
- type: string
- name:
- type: string
- output_id:
- nullable: true
- type: string
- package:
- additionalProperties: false
- type: object
- properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ action_secret_storage_requirements_met:
+ type: boolean
+ delete_unenrolled_agents:
+ additionalProperties: false
+ type: object
+ properties:
+ enabled:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ required:
+ - enabled
+ - is_preconfigured
+ download_source_auth_secret_storage_requirements_met:
+ type: boolean
+ has_seen_add_data_notice:
+ type: boolean
+ id:
+ type: string
+ ilm_migration_status:
+ additionalProperties: false
+ type: object
+ properties:
+ logs:
+ enum:
+ - success
+ nullable: true
+ type: string
+ metrics:
+ enum:
+ - success
+ nullable: true
+ type: string
+ synthetics:
+ enum:
+ - success
+ nullable: true
+ type: string
+ integration_knowledge_enabled:
+ type: boolean
+ output_secret_storage_requirements_met:
+ type: boolean
+ preconfigured_fields:
+ items:
+ enum:
+ - fleet_server_hosts
type: string
- required:
- - name
- - version
- policy_id:
- deprecated: true
- description: Use `policy_ids` instead
- nullable: true
- type: string
- policy_ids:
- items:
+ maxItems: 1
+ type: array
+ prerelease_integrations_enabled:
+ type: boolean
+ secret_storage_requirements_met:
+ type: boolean
+ ssl_secret_storage_requirements_met:
+ type: boolean
+ use_space_awareness_migration_started_at:
+ nullable: true
type: string
- maxItems: 10000
- type: array
- statusCode:
- type: number
- success:
- type: boolean
- required:
- - id
- - success
- - policy_ids
- - package
- maxItems: 10000
- type: array
+ use_space_awareness_migration_status:
+ enum:
+ - pending
+ - success
+ - error
+ type: string
+ version:
+ type: string
+ required:
+ - item
description: 'OK: A successful request.'
'400':
content:
@@ -55145,23 +53731,35 @@ paths:
- message
- attributes
description: A bad request.
- summary: Bulk delete package policies
+ '404':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ message:
+ type: string
+ required:
+ - message
+ description: Not found.
+ summary: Update settings
tags:
- - Fleet package policies
+ - Fleet internals
x-metaTags:
- content: Kibana
name: product_name
- /api/fleet/package_policies/upgrade:
+ /api/fleet/setup:
post:
description: |-
**Spaces method and path for this operation:**
- post /s/{space_id}/api/fleet/package_policies/upgrade
+ post /s/{space_id}/api/fleet/setup
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
- Upgrade a package policy to a newer package version.
[Required authorization] Route required privileges: fleet-agent-policies-all AND integrations-all.
- operationId: post-fleet-package-policies-upgrade
+ [Required authorization] Route required privileges: fleet-agents-read OR fleet-agent-policies-read OR fleet-settings-read OR fleet-setup.
+ operationId: post-fleet-setup
parameters:
- description: A required header to protect against CSRF attacks
in: header
@@ -55170,50 +53768,34 @@ paths:
schema:
example: 'true'
type: string
- requestBody:
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- packagePolicyIds:
- items:
- type: string
- maxItems: 1000
- type: array
- required:
- - packagePolicyIds
responses:
'200':
content:
application/json:
schema:
- items:
- additionalProperties: false
- type: object
- properties:
- body:
+ additionalProperties: false
+ description: A summary of the result of Fleet's `setup` lifecycle. If `isInitialized` is true, Fleet is ready to accept agent enrollment. `nonFatalErrors` may include useful insight into non-blocking issues with Fleet setup.
+ type: object
+ properties:
+ isInitialized:
+ type: boolean
+ nonFatalErrors:
+ items:
additionalProperties: false
type: object
properties:
message:
type: string
+ name:
+ type: string
required:
+ - name
- message
- id:
- type: string
- name:
- type: string
- statusCode:
- type: number
- success:
- type: boolean
- required:
- - id
- - success
- maxItems: 10000
- type: array
+ maxItems: 10000
+ type: array
+ required:
+ - isInitialized
+ - nonFatalErrors
description: 'OK: A successful request.'
'400':
content:
@@ -55236,23 +53818,75 @@ paths:
- message
- attributes
description: A bad request.
- summary: Upgrade a package policy
+ '500':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ description: Internal Server Error
+ type: object
+ properties:
+ message:
+ type: string
+ required:
+ - message
+ description: An internal server error occurred.
+ summary: Initiate Fleet setup
tags:
- - Fleet package policies
+ - Fleet internals
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/space_settings:
+ get:
+ operationId: get-fleet-space-settings
+ parameters: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ allowed_namespace_prefixes:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ managed_by:
+ type: string
+ required:
+ - allowed_namespace_prefixes
+ required:
+ - item
+ description: 'OK: A successful request.'
+ summary: Get space settings
+ tags: []
+ x-state: Generally available; added in 9.1.0
x-metaTags:
- content: Kibana
name: product_name
- /api/fleet/package_policies/upgrade/dryrun:
- post:
description: |-
**Spaces method and path for this operation:**
- post /s/{space_id}/api/fleet/package_policies/upgrade/dryrun
+ get /s/{space_id}/api/fleet/space_settings
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+ put:
+ description: |-
+ **Spaces method and path for this operation:**
- [Required authorization] Route required privileges: fleet-agent-policies-read AND integrations-read.
- operationId: post-fleet-package-policies-upgrade-dryrun
+ put /s/{space_id}/api/fleet/space_settings
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ [Required authorization] Route required privileges: fleet-settings-all.
+ operationId: put-fleet-space-settings
parameters:
- description: A required header to protect against CSRF attacks
in: header
@@ -55268,2479 +53902,105 @@ paths:
additionalProperties: false
type: object
properties:
- packagePolicyIds:
+ allowed_namespace_prefixes:
items:
type: string
- maxItems: 1000
+ maxItems: 10
type: array
- packageVersion:
- type: string
- required:
- - packagePolicyIds
responses:
'200':
content:
application/json:
schema:
- items:
- additionalProperties: false
- type: object
- properties:
- agent_diff:
- items:
+ additionalProperties: false
+ type: object
+ properties:
+ item:
+ additionalProperties: false
+ type: object
+ properties:
+ allowed_namespace_prefixes:
items:
- additionalProperties: true
- type: object
- properties:
- data_stream:
- additionalProperties: true
- type: object
- properties:
- namespace:
- type: string
- required:
- - namespace
- id:
- type: string
- meta:
- additionalProperties: true
- type: object
- properties:
- package:
- additionalProperties: true
- type: object
- properties:
- name:
- type: string
- version:
- type: string
- required:
- - name
- - version
- required:
- - package
- name:
- type: string
- package_policy_id:
- type: string
- processors:
- items:
- additionalProperties: true
- type: object
- properties:
- add_fields:
- additionalProperties: true
- type: object
- properties:
- fields:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- type: object
- target:
- type: string
- required:
- - target
- - fields
- required:
- - add_fields
- maxItems: 10000
- type: array
- revision:
- type: number
- streams:
- items:
- additionalProperties: true
- type: object
- properties:
- data_stream:
- additionalProperties: true
- type: object
- properties:
- dataset:
- type: string
- type:
- type: string
- required:
- - dataset
- id:
- type: string
- required:
- - data_stream
- maxItems: 10000
- type: array
- type:
- type: string
- use_output:
- type: string
- required:
- - id
- - name
- - revision
- - type
- - data_stream
- - use_output
- - package_policy_id
- maxItems: 10000
+ type: string
+ maxItems: 100
type: array
- maxItems: 1
- type: array
- body:
+ managed_by:
+ type: string
+ required:
+ - allowed_namespace_prefixes
+ required:
+ - item
+ description: 'OK: A successful request.'
+ summary: Create space settings
+ tags: []
+ x-state: Generally available; added in 9.1.0
+ x-metaTags:
+ - content: Kibana
+ name: product_name
+ /api/fleet/uninstall_tokens:
+ get:
+ description: |-
+ **Spaces method and path for this operation:**
+
+ get /s/{space_id}/api/fleet/uninstall_tokens
+
+ Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
+
+ List the metadata for the latest uninstall tokens per agent policy.
[Required authorization] Route required privileges: fleet-agents-all.
+ operationId: get-fleet-uninstall-tokens
+ parameters:
+ - description: Partial match filtering for policy IDs
+ in: query
+ name: policyId
+ required: false
+ schema:
+ maxLength: 50
+ type: string
+ - in: query
+ name: search
+ required: false
+ schema:
+ maxLength: 50
+ type: string
+ - description: The number of items to return
+ in: query
+ name: perPage
+ required: false
+ schema:
+ minimum: 5
+ type: number
+ - in: query
+ name: page
+ required: false
+ schema:
+ minimum: 1
+ type: number
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ additionalProperties: false
+ type: object
+ properties:
+ items:
+ items:
additionalProperties: false
type: object
properties:
- message:
- type: string
- required:
- - message
- diff:
- items:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
- type: string
- maxItems: 1000
- nullable: true
- type: array
- agents:
- type: number
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
- nullable: true
- type: string
- created_at:
- type: string
- created_by:
- type: string
- description:
- description: Package policy description
- type: string
- elasticsearch:
- additionalProperties: true
- type: object
- properties:
- privileges:
- additionalProperties: true
- type: object
- properties:
- cluster:
- items:
- type: string
- maxItems: 100
- type: array
- enabled:
- type: boolean
- id:
- type: string
- inputs:
- anyOf:
- - items:
- additionalProperties: false
- type: object
- properties:
- compiled_input: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
- additionalProperties: false
- type: object
- properties:
- compiled_stream: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- data_stream:
- additionalProperties: false
- type: object
- properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
- type:
- type: string
- required:
- - dataset
- - type
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- release:
- enum:
- - ga
- - beta
- - experimental
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - enabled
- - data_stream
- - compiled_stream
- maxItems: 100
- type: array
- type:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- - streams
- - compiled_input
- maxItems: 100
- type: array
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that input. Defaults to `true` (enabled).
- type: boolean
- streams:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- description: Enable or disable that stream. Defaults to `true` (enabled).
- type: boolean
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Input streams. Refer to the integration documentation to know which streams are available.
- type: object
- vars:
- additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- description: Package policy inputs. Refer to the integration documentation to know which inputs are available.
- type: object
- x-oas-optional: true
- description: Package policy inputs.
- is_managed:
- type: boolean
- name:
- description: Unique name for the package policy.
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
- type: string
- output_id:
- nullable: true
- type: string
- overrides:
- additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
- type: object
- properties:
- inputs:
- additionalProperties: {}
- type: object
- package:
- additionalProperties: false
- type: object
- properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
- type: string
- required:
- - name
- - version
- package_agent_version_condition:
- type: string
- policy_id:
- deprecated: true
- description: ID of the agent policy which the package policy will be added to.
- nullable: true
- type: string
- policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- revision:
- description: Package policy revision.
- type: number
- secret_references:
- items:
- additionalProperties: false
- type: object
- properties:
- id:
- type: string
- required:
- - id
- maxItems: 100
- type: array
- spaceIds:
- items:
- type: string
- maxItems: 100
- type: array
- supports_agentless:
- default: false
- description: Indicates whether the package policy belongs to an agentless agent policy.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
- type: boolean
- updated_at:
- type: string
- updated_by:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- anyOf:
- - additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- - additionalProperties:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- - items:
- type: string
- maxItems: 100
- type: array
- - items:
- type: number
- maxItems: 100
- type: array
- - additionalProperties: false
- type: object
- properties:
- id:
- type: string
- isSecretRef:
- type: boolean
- required:
- - id
- - isSecretRef
- nullable: true
- description: Input/stream level variable. Refer to the integration documentation for more information.
- type: object
- x-oas-optional: true
- description: Package level variable.
- version:
- description: Package policy ES version.
- type: string
- required:
- - name
- - enabled
- - inputs
- - revision
- - updated_at
- - updated_by
- - created_at
- - created_by
- - additionalProperties: true
- type: object
- properties:
- additional_datastreams_permissions:
- description: Additional datastream permissions, that will be added to the agent policy.
- items:
- type: string
- maxItems: 1000
- nullable: true
- type: array
- cloud_connector_id:
- description: ID of the cloud connector associated with this package policy.
- nullable: true
- type: string
- cloud_connector_name:
- description: Transient field for cloud connector name during creation.
- maxLength: 255
- minLength: 1
- nullable: true
- type: string
- created_at:
- type: string
- created_by:
- type: string
- description:
- description: Package policy description
- type: string
- elasticsearch:
- additionalProperties: true
- type: object
- properties:
- privileges:
- additionalProperties: true
- type: object
- properties:
- cluster:
- items:
- type: string
- maxItems: 100
- type: array
- enabled:
- type: boolean
- errors:
- items:
- additionalProperties: false
- type: object
- properties:
- key:
- type: string
- message:
- type: string
- required:
- - message
- maxItems: 10
- type: array
- force:
- type: boolean
- id:
- type: string
- inputs:
- items:
- additionalProperties: false
- type: object
- properties:
- compiled_input: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- policy_template:
- type: string
- streams:
- items:
- additionalProperties: false
- type: object
- properties:
- compiled_stream: {}
- config:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- data_stream:
- additionalProperties: false
- type: object
- properties:
- dataset:
- type: string
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- dynamic_dataset:
- type: boolean
- dynamic_namespace:
- type: boolean
- privileges:
- additionalProperties: false
- type: object
- properties:
- indices:
- items:
- type: string
- maxItems: 100
- type: array
- type:
- type: string
- required:
- - dataset
- - type
- deprecated:
- additionalProperties: false
- type: object
- properties:
- description:
- type: string
- replaced_by:
- additionalProperties:
- type: string
- type: object
- since:
- type: string
- required:
- - description
- enabled:
- type: boolean
- id:
- type: string
- keep_enabled:
- type: boolean
- migrate_from:
- type: string
- release:
- enum:
- - ga
- - beta
- - experimental
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - enabled
- - data_stream
- - compiled_stream
- maxItems: 100
- type: array
- type:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- required:
- - type
- - enabled
- - streams
- - compiled_input
- maxItems: 100
- type: array
- is_managed:
- type: boolean
- missingVars:
- items:
- type: string
- maxItems: 100
- type: array
- name:
- description: Unique name for the package policy.
- type: string
- namespace:
- description: The package policy namespace. Leave blank to inherit the agent policy's namespace.
- type: string
- output_id:
- nullable: true
- type: string
- overrides:
- additionalProperties: false
- description: Override settings that are defined in the package policy. The override option should be used only in unusual circumstances and not as a routine procedure.
- nullable: true
- type: object
- properties:
- inputs:
- additionalProperties: {}
- type: object
- package:
- additionalProperties: false
- type: object
- properties:
- experimental_data_stream_features:
- items:
- additionalProperties: false
- type: object
- properties:
- data_stream:
- type: string
- features:
- additionalProperties: false
- type: object
- properties:
- doc_value_only_numeric:
- type: boolean
- doc_value_only_other:
- type: boolean
- synthetic_source:
- type: boolean
- tsdb:
- type: boolean
- required:
- - data_stream
- - features
- maxItems: 100
- type: array
- fips_compatible:
- type: boolean
- name:
- description: Package name
- type: string
- requires_root:
- type: boolean
- title:
- type: string
- version:
- description: Package version
- type: string
- required:
- - name
- - version
- package_agent_version_condition:
- type: string
- policy_id:
- deprecated: true
- description: ID of the agent policy which the package policy will be added to.
- nullable: true
- type: string
- policy_ids:
- items:
- description: IDs of the agent policies which that package policy will be added to.
- type: string
- maxItems: 1000
- type: array
- revision:
- type: number
- secret_references:
- items:
- additionalProperties: false
- type: object
- properties:
- id:
- type: string
- required:
- - id
- maxItems: 100
- type: array
- supports_agentless:
- default: false
- description: Indicates whether the package policy belongs to an agentless agent policy.
- nullable: true
- type: boolean
- supports_cloud_connector:
- default: false
- description: Indicates whether the package policy supports cloud connectors.
- nullable: true
- type: boolean
- updated_at:
- type: string
- updated_by:
- type: string
- var_group_selections:
- additionalProperties:
- type: string
- description: Variable group selections. Maps var_group name to the selected option name within that group.
- type: object
- vars:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- frozen:
- type: boolean
- type:
- type: string
- value: {}
- required:
- - value
- description: Package variable (see integration documentation for more information)
- type: object
- version:
- description: Package policy ES version.
- type: string
- required:
- - name
- - enabled
- - inputs
- maxItems: 2
- type: array
- hasErrors:
- type: boolean
- name:
- type: string
- statusCode:
- type: number
- required:
- - hasErrors
- maxItems: 10000
- type: array
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Dry run a package policy upgrade
- tags:
- - Fleet package policies
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/proxies:
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/proxies
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-read.
- operationId: get-fleet-proxies
- parameters: []
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- items:
- items:
- additionalProperties: false
- type: object
- properties:
- certificate:
- nullable: true
- type: string
- certificate_authorities:
- nullable: true
- type: string
- certificate_key:
- nullable: true
- type: string
- id:
- type: string
- is_preconfigured:
- default: false
- type: boolean
- name:
- type: string
- proxy_headers:
- additionalProperties:
- anyOf:
- - type: string
- - type: boolean
- - type: number
- nullable: true
- type: object
- url:
- type: string
- required:
- - id
- - url
- - name
- maxItems: 10000
- type: array
- page:
- type: number
- perPage:
- type: number
- total:
- type: number
- required:
- - items
- - total
- - page
- - perPage
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Get proxies
- tags:
- - Fleet proxies
- x-metaTags:
- - content: Kibana
- name: product_name
- post:
- description: |-
- **Spaces method and path for this operation:**
-
- post /s/{space_id}/api/fleet/proxies
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-all.
- operationId: post-fleet-proxies
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- requestBody:
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- certificate:
- nullable: true
- type: string
- certificate_authorities:
- nullable: true
- type: string
- certificate_key:
- nullable: true
- type: string
- id:
- type: string
- is_preconfigured:
- default: false
- type: boolean
- name:
- type: string
- proxy_headers:
- additionalProperties:
- anyOf:
- - type: string
- - type: boolean
- - type: number
- nullable: true
- type: object
- url:
- type: string
- required:
- - url
- - name
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- additionalProperties: false
- type: object
- properties:
- certificate:
- nullable: true
- type: string
- certificate_authorities:
- nullable: true
- type: string
- certificate_key:
- nullable: true
- type: string
- id:
- type: string
- is_preconfigured:
- default: false
- type: boolean
- name:
- type: string
- proxy_headers:
- additionalProperties:
- anyOf:
- - type: string
- - type: boolean
- - type: number
- nullable: true
- type: object
- url:
- type: string
- required:
- - id
- - url
- - name
- required:
- - item
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Create a proxy
- tags:
- - Fleet proxies
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/proxies/{itemId}:
- delete:
- description: |-
- **Spaces method and path for this operation:**
-
- delete /s/{space_id}/api/fleet/proxies/{itemId}
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Delete a proxy by ID
[Required authorization] Route required privileges: fleet-settings-all.
- operationId: delete-fleet-proxies-itemid
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- - in: path
- name: itemId
- required: true
- schema:
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- id:
- type: string
- required:
- - id
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Delete a proxy
- tags:
- - Fleet proxies
- x-metaTags:
- - content: Kibana
- name: product_name
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/proxies/{itemId}
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Get a proxy by ID.
[Required authorization] Route required privileges: fleet-settings-read.
- operationId: get-fleet-proxies-itemid
- parameters:
- - in: path
- name: itemId
- required: true
- schema:
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- additionalProperties: false
- type: object
- properties:
- certificate:
- nullable: true
- type: string
- certificate_authorities:
- nullable: true
- type: string
- certificate_key:
- nullable: true
- type: string
- id:
- type: string
- is_preconfigured:
- default: false
- type: boolean
- name:
- type: string
- proxy_headers:
- additionalProperties:
- anyOf:
- - type: string
- - type: boolean
- - type: number
- nullable: true
- type: object
- url:
- type: string
- required:
- - id
- - url
- - name
- required:
- - item
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Get a proxy
- tags:
- - Fleet proxies
- x-metaTags:
- - content: Kibana
- name: product_name
- put:
- description: |-
- **Spaces method and path for this operation:**
-
- put /s/{space_id}/api/fleet/proxies/{itemId}
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- Update a proxy by ID.
[Required authorization] Route required privileges: fleet-settings-all.
- operationId: put-fleet-proxies-itemid
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- - in: path
- name: itemId
- required: true
- schema:
- type: string
- requestBody:
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- certificate:
- nullable: true
- type: string
- certificate_authorities:
- nullable: true
- type: string
- certificate_key:
- nullable: true
- type: string
- name:
- type: string
- proxy_headers:
- additionalProperties:
- anyOf:
- - type: string
- - type: boolean
- - type: number
- nullable: true
- type: object
- url:
- type: string
- required:
- - certificate_authorities
- - certificate
- - certificate_key
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- additionalProperties: false
- type: object
- properties:
- certificate:
- nullable: true
- type: string
- certificate_authorities:
- nullable: true
- type: string
- certificate_key:
- nullable: true
- type: string
- id:
- type: string
- is_preconfigured:
- default: false
- type: boolean
- name:
- type: string
- proxy_headers:
- additionalProperties:
- anyOf:
- - type: string
- - type: boolean
- - type: number
- nullable: true
- type: object
- url:
- type: string
- required:
- - id
- - url
- - name
- required:
- - item
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Update a proxy
- tags:
- - Fleet proxies
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/remote_synced_integrations/{outputId}/remote_status:
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/remote_synced_integrations/{outputId}/remote_status
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-read AND integrations-read.
- operationId: get-fleet-remote-synced-integrations-outputid-remote-status
- parameters:
- - in: path
- name: outputId
- required: true
- schema:
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- custom_assets:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- error:
- type: string
- is_deleted:
- type: boolean
- name:
- type: string
- package_name:
- type: string
- package_version:
- type: string
- sync_status:
- enum:
- - completed
- - synchronizing
- - failed
- - warning
- type: string
- type:
- type: string
- warning:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- title:
- type: string
- required:
- - title
- required:
- - type
- - name
- - package_name
- - package_version
- - sync_status
- type: object
- error:
- type: string
- integrations:
- items:
- additionalProperties: false
- type: object
- properties:
- error:
- type: string
- id:
- type: string
- install_status:
- additionalProperties: false
- type: object
- properties:
- main:
- type: string
- remote:
- type: string
- required:
- - main
- package_name:
- type: string
- package_version:
- type: string
- sync_status:
- enum:
- - completed
- - synchronizing
- - failed
- - warning
- type: string
- updated_at:
- type: string
- warning:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- title:
- type: string
- required:
- - title
- required:
- - sync_status
- - install_status
- maxItems: 10000
- type: array
- warning:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- title:
- type: string
- required:
- - title
- required:
- - integrations
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Get remote synced integrations status by outputId
- tags:
- - Fleet remote synced integrations
- x-state: Generally available; added in 9.1.0
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/remote_synced_integrations/status:
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/remote_synced_integrations/status
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-read AND integrations-read.
- operationId: get-fleet-remote-synced-integrations-status
- parameters: []
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- custom_assets:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- error:
- type: string
- is_deleted:
- type: boolean
- name:
- type: string
- package_name:
- type: string
- package_version:
- type: string
- sync_status:
- enum:
- - completed
- - synchronizing
- - failed
- - warning
- type: string
- type:
- type: string
- warning:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- title:
- type: string
- required:
- - title
- required:
- - type
- - name
- - package_name
- - package_version
- - sync_status
- type: object
- error:
- type: string
- integrations:
- items:
- additionalProperties: false
- type: object
- properties:
- error:
- type: string
- id:
- type: string
- install_status:
- additionalProperties: false
- type: object
- properties:
- main:
- type: string
- remote:
- type: string
- required:
- - main
- package_name:
- type: string
- package_version:
- type: string
- sync_status:
- enum:
- - completed
- - synchronizing
- - failed
- - warning
- type: string
- updated_at:
- type: string
- warning:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- title:
- type: string
- required:
- - title
- required:
- - sync_status
- - install_status
- maxItems: 10000
- type: array
- warning:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- title:
- type: string
- required:
- - title
- required:
- - integrations
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Get remote synced integrations status
- tags:
- - Fleet remote synced integrations
- x-state: Generally available; added in 9.1.0
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/service_tokens:
- post:
- description: |-
- **Spaces method and path for this operation:**
-
- post /s/{space_id}/api/fleet/service_tokens
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-agents-all.
- operationId: post-fleet-service-tokens
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- requestBody:
- content:
- application/json:
- schema:
- additionalProperties: false
- nullable: true
- type: object
- properties:
- remote:
- default: false
- type: boolean
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- summary: Create a service token
- tags:
- - Fleet service tokens
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/settings:
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/settings
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-read.
- operationId: get-fleet-settings
- parameters: []
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- additionalProperties: false
- type: object
- properties:
- action_secret_storage_requirements_met:
- type: boolean
- delete_unenrolled_agents:
- additionalProperties: false
- type: object
- properties:
- enabled:
- type: boolean
- is_preconfigured:
- type: boolean
- required:
- - enabled
- - is_preconfigured
- download_source_auth_secret_storage_requirements_met:
- type: boolean
- has_seen_add_data_notice:
- type: boolean
- id:
- type: string
- ilm_migration_status:
- additionalProperties: false
- type: object
- properties:
- logs:
- enum:
- - success
- nullable: true
- type: string
- metrics:
- enum:
- - success
- nullable: true
- type: string
- synthetics:
- enum:
- - success
- nullable: true
- type: string
- integration_knowledge_enabled:
- type: boolean
- output_secret_storage_requirements_met:
- type: boolean
- preconfigured_fields:
- items:
- enum:
- - fleet_server_hosts
- type: string
- maxItems: 1
- type: array
- prerelease_integrations_enabled:
- type: boolean
- secret_storage_requirements_met:
- type: boolean
- ssl_secret_storage_requirements_met:
- type: boolean
- use_space_awareness_migration_started_at:
- nullable: true
- type: string
- use_space_awareness_migration_status:
- enum:
- - pending
- - success
- - error
- type: string
- version:
- type: string
- required:
- - item
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- '404':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- required:
- - message
- description: Not found.
- summary: Get settings
- tags:
- - Fleet internals
- x-metaTags:
- - content: Kibana
- name: product_name
- put:
- description: |-
- **Spaces method and path for this operation:**
-
- put /s/{space_id}/api/fleet/settings
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-all.
- operationId: put-fleet-settings
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- requestBody:
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- additional_yaml_config:
- deprecated: true
- type: string
- delete_unenrolled_agents:
- additionalProperties: false
- type: object
- properties:
- enabled:
- type: boolean
- is_preconfigured:
- type: boolean
- required:
- - enabled
- - is_preconfigured
- has_seen_add_data_notice:
- deprecated: true
- type: boolean
- integration_knowledge_enabled:
- type: boolean
- kibana_ca_sha256:
- deprecated: true
- type: string
- kibana_urls:
- deprecated: true
- items:
- format: uri
- type: string
- maxItems: 10
- type: array
- prerelease_integrations_enabled:
- type: boolean
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- additionalProperties: false
- type: object
- properties:
- action_secret_storage_requirements_met:
- type: boolean
- delete_unenrolled_agents:
- additionalProperties: false
- type: object
- properties:
- enabled:
- type: boolean
- is_preconfigured:
- type: boolean
- required:
- - enabled
- - is_preconfigured
- download_source_auth_secret_storage_requirements_met:
- type: boolean
- has_seen_add_data_notice:
- type: boolean
- id:
- type: string
- ilm_migration_status:
- additionalProperties: false
- type: object
- properties:
- logs:
- enum:
- - success
- nullable: true
- type: string
- metrics:
- enum:
- - success
- nullable: true
- type: string
- synthetics:
- enum:
- - success
- nullable: true
- type: string
- integration_knowledge_enabled:
- type: boolean
- output_secret_storage_requirements_met:
- type: boolean
- preconfigured_fields:
- items:
- enum:
- - fleet_server_hosts
- type: string
- maxItems: 1
- type: array
- prerelease_integrations_enabled:
- type: boolean
- secret_storage_requirements_met:
- type: boolean
- ssl_secret_storage_requirements_met:
- type: boolean
- use_space_awareness_migration_started_at:
- nullable: true
- type: string
- use_space_awareness_migration_status:
- enum:
- - pending
- - success
- - error
- type: string
- version:
- type: string
- required:
- - item
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- '404':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- required:
- - message
- description: Not found.
- summary: Update settings
- tags:
- - Fleet internals
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/setup:
- post:
- description: |-
- **Spaces method and path for this operation:**
-
- post /s/{space_id}/api/fleet/setup
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-agents-read OR fleet-agent-policies-read OR fleet-settings-read OR fleet-setup.
- operationId: post-fleet-setup
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: A summary of the result of Fleet's `setup` lifecycle. If `isInitialized` is true, Fleet is ready to accept agent enrollment. `nonFatalErrors` may include useful insight into non-blocking issues with Fleet setup.
- type: object
- properties:
- isInitialized:
- type: boolean
- nonFatalErrors:
- items:
- additionalProperties: false
- type: object
- properties:
- message:
- type: string
- name:
- type: string
- required:
- - name
- - message
- maxItems: 10000
- type: array
- required:
- - isInitialized
- - nonFatalErrors
- description: 'OK: A successful request.'
- '400':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Generic Error
- type: object
- properties:
- attributes: {}
- error:
- type: string
- errorType:
- type: string
- message:
- type: string
- statusCode:
- type: number
- required:
- - message
- - attributes
- description: A bad request.
- '500':
- content:
- application/json:
- schema:
- additionalProperties: false
- description: Internal Server Error
- type: object
- properties:
- message:
- type: string
- required:
- - message
- description: An internal server error occurred.
- summary: Initiate Fleet setup
- tags:
- - Fleet internals
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/space_settings:
- get:
- operationId: get-fleet-space-settings
- parameters: []
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- additionalProperties: false
- type: object
- properties:
- allowed_namespace_prefixes:
- items:
- type: string
- maxItems: 100
- type: array
- managed_by:
- type: string
- required:
- - allowed_namespace_prefixes
- required:
- - item
- description: 'OK: A successful request.'
- summary: Get space settings
- tags: []
- x-state: Generally available; added in 9.1.0
- x-metaTags:
- - content: Kibana
- name: product_name
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/space_settings
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
- put:
- description: |-
- **Spaces method and path for this operation:**
-
- put /s/{space_id}/api/fleet/space_settings
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- [Required authorization] Route required privileges: fleet-settings-all.
- operationId: put-fleet-space-settings
- parameters:
- - description: A required header to protect against CSRF attacks
- in: header
- name: kbn-xsrf
- required: true
- schema:
- example: 'true'
- type: string
- requestBody:
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- allowed_namespace_prefixes:
- items:
- type: string
- maxItems: 10
- type: array
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- item:
- additionalProperties: false
- type: object
- properties:
- allowed_namespace_prefixes:
- items:
- type: string
- maxItems: 100
- type: array
- managed_by:
- type: string
- required:
- - allowed_namespace_prefixes
- required:
- - item
- description: 'OK: A successful request.'
- summary: Create space settings
- tags: []
- x-state: Generally available; added in 9.1.0
- x-metaTags:
- - content: Kibana
- name: product_name
- /api/fleet/uninstall_tokens:
- get:
- description: |-
- **Spaces method and path for this operation:**
-
- get /s/{space_id}/api/fleet/uninstall_tokens
-
- Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information.
-
- List the metadata for the latest uninstall tokens per agent policy.
[Required authorization] Route required privileges: fleet-agents-all.
- operationId: get-fleet-uninstall-tokens
- parameters:
- - description: Partial match filtering for policy IDs
- in: query
- name: policyId
- required: false
- schema:
- maxLength: 50
- type: string
- - in: query
- name: search
- required: false
- schema:
- maxLength: 50
- type: string
- - description: The number of items to return
- in: query
- name: perPage
- required: false
- schema:
- minimum: 5
- type: number
- - in: query
- name: page
- required: false
- schema:
- minimum: 1
- type: number
- responses:
- '200':
- content:
- application/json:
- schema:
- additionalProperties: false
- type: object
- properties:
- items:
- items:
- additionalProperties: false
- type: object
- properties:
- created_at:
- type: string
- id:
- type: string
- namespaces:
- items:
- type: string
- maxItems: 100
- type: array
- policy_id:
- type: string
- policy_name:
- nullable: true
+ created_at:
+ type: string
+ id:
+ type: string
+ namespaces:
+ items:
+ type: string
+ maxItems: 100
+ type: array
+ policy_id:
+ type: string
+ policy_name:
+ nullable: true
type: string
required:
- id
@@ -78708,999 +74968,1929 @@ components:
name: elastic-api-version
required: true
schema:
- default: '2023-10-31'
- enum:
- - '2023-10-31'
+ default: '2023-10-31'
+ enum:
+ - '2023-10-31'
+ type: string
+ APM_UI_kbn_xsrf:
+ description: A required header to protect against CSRF attacks
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ example: 'true'
+ type: string
+ Cases_alert_id:
+ description: An identifier for the alert.
+ in: path
+ name: alertId
+ required: true
+ schema:
+ example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540
+ type: string
+ Cases_assignees_filter:
+ description: |
+ Filters the returned cases by assignees. Valid values are `none` or unique identifiers for the user profiles. These identifiers can be found by using the suggest user profile API.
+ in: query
+ name: assignees
+ schema:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_string'
+ - $ref: '#/components/schemas/Cases_string_array'
+ Cases_case_id:
+ description: The identifier for the case. To retrieve case IDs, use the search cases (`_find)` API. All non-ASCII characters must be URL encoded.
+ in: path
+ name: caseId
+ required: true
+ schema:
+ example: 9c235210-6834-11ea-a78c-6ffb38a34414
+ type: string
+ Cases_category:
+ description: Filters the returned cases by category.
+ in: query
+ name: category
+ schema:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_case_category'
+ - $ref: '#/components/schemas/Cases_case_categories'
+ Cases_comment_id:
+ description: |
+ The identifier for the comment. To retrieve comment IDs, use the get case or search cases (`_find`) APIs.
+ in: path
+ name: commentId
+ required: true
+ schema:
+ example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2
+ type: string
+ Cases_configuration_id:
+ description: An identifier for the configuration.
+ in: path
+ name: configurationId
+ required: true
+ schema:
+ example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9
+ type: string
+ Cases_connector_id:
+ description: An identifier for the connector. To retrieve connector IDs, use the find connectors API.
+ in: path
+ name: connectorId
+ required: true
+ schema:
+ example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2
+ type: string
+ Cases_defaultSearchOperator:
+ description: he default operator to use for the simple_query_string.
+ example: OR
+ in: query
+ name: defaultSearchOperator
+ schema:
+ default: OR
+ type: string
+ Cases_from:
+ description: |
+ Returns only cases that were created after a specific date. The date must be specified as a KQL data range or date match expression.
+ in: query
+ name: from
+ schema:
+ example: now-1d
+ type: string
+ Cases_ids:
+ description: |
+ The cases that you want to removed. To get the case identifiers, use the search cases (`_find`) API. In the Dev Console, you can specify the array of cases in the following format: `ids=["e58e77e3-ef8e-4251-926f-efb115f3c4ec"]`. In `curl`, all non-ASCII characters must be URL encoded. For example: `ids=%5B%22e58e77e3-ef8e-4251-926f-efb115f3c4ec%22%5D`
+ in: query
+ name: ids
+ required: true
+ schema:
+ items:
+ example: d4e7abb0-b462-11ec-9a8d-698504725a43
+ maxItems: 100
+ minItems: 1
+ type: string
+ type: array
+ Cases_kbn_xsrf:
+ description: Cross-site request forgery protection
+ in: header
+ name: kbn-xsrf
+ required: true
+ schema:
+ type: string
+ Cases_owner_filter:
+ description: |
+ A filter to limit the response to a specific set of applications. If this parameter is omitted, the response contains information about all the cases that the user has access to read.
+ example: cases
+ in: query
+ name: owner
+ schema:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_owner'
+ - $ref: '#/components/schemas/Cases_owners'
+ Cases_page_index:
+ description: The page number to return.
+ in: query
+ name: page
+ required: false
+ schema:
+ default: 1
+ type: integer
+ Cases_page_size:
+ description: The number of items to return. Limited to 100 items.
+ in: query
+ name: perPage
+ required: false
+ schema:
+ default: 20
+ maximum: 100
+ type: integer
+ Cases_reporters:
+ description: Filters the returned cases by the user name of the reporter.
+ example: elastic
+ in: query
+ name: reporters
+ schema:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_string'
+ - $ref: '#/components/schemas/Cases_string_array'
+ Cases_search:
+ description: An Elasticsearch simple_query_string query that filters the objects in the response.
+ in: query
+ name: search
+ schema:
+ type: string
+ Cases_searchFields:
+ description: The fields to perform the simple_query_string parsed query against.
+ in: query
+ name: searchFields
+ schema:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_searchFieldsType'
+ - $ref: '#/components/schemas/Cases_searchFieldsTypeArray'
+ Cases_severity:
+ description: The severity of the case.
+ in: query
+ name: severity
+ schema:
+ enum:
+ - critical
+ - high
+ - low
+ - medium
+ type: string
+ Cases_sort_order:
+ description: Determines the sort order.
+ in: query
+ name: sortOrder
+ required: false
+ schema:
+ default: desc
+ enum:
+ - asc
+ - desc
+ type: string
+ Cases_sortField:
+ description: Determines which field is used to sort the results.
+ example: updatedAt
+ in: query
+ name: sortField
+ schema:
+ default: createdAt
+ enum:
+ - createdAt
+ - updatedAt
+ - closedAt
+ - title
+ - category
+ - status
+ - severity
+ type: string
+ Cases_status:
+ description: Filters the returned cases by state.
+ example: open
+ in: query
+ name: status
+ schema:
+ enum:
+ - closed
+ - in-progress
+ - open
+ type: string
+ Cases_tags:
+ description: Filters the returned cases by tags.
+ example: tag-1
+ in: query
+ name: tags
+ schema:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_string'
+ - $ref: '#/components/schemas/Cases_string_array'
+ Cases_to:
+ description: |
+ Returns only cases that were created before a specific date. The date must be specified as a KQL data range or date match expression.
+ example: now+1d
+ in: query
+ name: to
+ schema:
+ type: string
+ Cases_user_action_types:
+ description: Determines the types of user actions to return.
+ in: query
+ name: types
+ schema:
+ items:
+ enum:
+ - action
+ - alert
+ - assignees
+ - attachment
+ - comment
+ - connector
+ - create_case
+ - description
+ - pushed
+ - settings
+ - severity
+ - status
+ - tags
+ - title
+ - user
+ example: create_case
+ type: string
+ type: array
+ Data_views_field_name:
+ description: The name of the runtime field.
+ in: path
+ name: fieldName
+ required: true
+ schema:
+ example: hour_of_day
type: string
- APM_UI_kbn_xsrf:
- description: A required header to protect against CSRF attacks
+ Data_views_kbn_xsrf:
+ description: Cross-site request forgery protection
in: header
name: kbn-xsrf
required: true
schema:
- example: 'true'
type: string
- Cases_alert_id:
- description: An identifier for the alert.
+ Data_views_view_id:
+ description: An identifier for the data view.
in: path
- name: alertId
+ name: viewId
required: true
schema:
- example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540
+ example: ff959d40-b880-11e8-a6d9-e546fe2bba5f
type: string
- Cases_assignees_filter:
- description: |
- Filters the returned cases by assignees. Valid values are `none` or unique identifiers for the user profiles. These identifiers can be found by using the suggest user profile API.
+ Machine_learning_APIs_simulateParam:
+ description: When true, simulates the synchronization by returning only the list of actions that would be performed.
+ example: 'true'
in: query
- name: assignees
+ name: simulate
+ required: false
schema:
- oneOf:
- - $ref: '#/components/schemas/Cases_string'
- - $ref: '#/components/schemas/Cases_string_array'
- Cases_case_id:
- description: The identifier for the case. To retrieve case IDs, use the search cases (`_find)` API. All non-ASCII characters must be URL encoded.
- in: path
- name: caseId
+ type: boolean
+ Saved_objects_kbn_xsrf:
+ description: Cross-site request forgery protection
+ in: header
+ name: kbn-xsrf
required: true
schema:
- example: 9c235210-6834-11ea-a78c-6ffb38a34414
type: string
- Cases_category:
- description: Filters the returned cases by category.
- in: query
- name: category
- schema:
- oneOf:
- - $ref: '#/components/schemas/Cases_case_category'
- - $ref: '#/components/schemas/Cases_case_categories'
- Cases_comment_id:
- description: |
- The identifier for the comment. To retrieve comment IDs, use the get case or search cases (`_find`) APIs.
+ Saved_objects_saved_object_id:
+ description: An identifier for the saved object.
in: path
- name: commentId
+ name: id
required: true
schema:
- example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2
type: string
- Cases_configuration_id:
- description: An identifier for the configuration.
+ Saved_objects_saved_object_type:
+ description: Valid options include `visualization`, `dashboard`, `search`, `index-pattern`, `config`.
in: path
- name: configurationId
+ name: type
required: true
schema:
- example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9
type: string
- Cases_connector_id:
- description: An identifier for the connector. To retrieve connector IDs, use the find connectors API.
+ Short_URL_APIs_idParam:
+ description: The identifier for the short URL.
in: path
- name: connectorId
+ name: id
required: true
schema:
- example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2
type: string
- Cases_defaultSearchOperator:
- description: he default operator to use for the simple_query_string.
- example: OR
- in: query
- name: defaultSearchOperator
+ SLOs_kbn_xsrf:
+ description: Cross-site request forgery protection
+ in: header
+ name: kbn-xsrf
+ required: true
schema:
- default: OR
type: string
- Cases_from:
- description: |
- Returns only cases that were created after a specific date. The date must be specified as a KQL data range or date match expression.
- in: query
- name: from
+ SLOs_slo_id:
+ description: An identifier for the slo.
+ in: path
+ name: sloId
+ required: true
schema:
- example: now-1d
+ example: 9c235211-6834-11ea-a78c-6feb38a34414
type: string
- Cases_ids:
- description: |
- The cases that you want to removed. To get the case identifiers, use the search cases (`_find`) API. In the Dev Console, you can specify the array of cases in the following format: `ids=["e58e77e3-ef8e-4251-926f-efb115f3c4ec"]`. In `curl`, all non-ASCII characters must be URL encoded. For example: `ids=%5B%22e58e77e3-ef8e-4251-926f-efb115f3c4ec%22%5D`
- in: query
- name: ids
+ SLOs_space_id:
+ description: An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used.
+ in: path
+ name: spaceId
required: true
schema:
- items:
- example: d4e7abb0-b462-11ec-9a8d-698504725a43
- maxItems: 100
- minItems: 1
+ example: default
+ type: string
+ schemas:
+ Alerting_401_response:
+ properties:
+ error:
+ enum:
+ - Unauthorized
+ example: Unauthorized
+ type: string
+ message:
+ type: string
+ statusCode:
+ enum:
+ - 401
+ example: 401
+ type: integer
+ title: Unsuccessful rule API response
+ type: object
+ Alerting_fieldmap_properties:
+ title: Field map objects in the get rule types response
+ type: object
+ properties:
+ array:
+ description: Indicates whether the field is an array.
+ type: boolean
+ dynamic:
+ description: Indicates whether it is a dynamic field mapping.
+ type: boolean
+ format:
+ description: |
+ Indicates the format of the field. For example, if the `type` is `date_range`, the `format` can be `epoch_millis||strict_date_optional_time`.
+ type: string
+ ignore_above:
+ description: Specifies the maximum length of a string field. Longer strings are not indexed or stored.
+ type: integer
+ index:
+ description: Indicates whether field values are indexed.
+ type: boolean
+ path:
+ description: TBD
+ type: string
+ properties:
+ additionalProperties:
+ type: object
+ properties:
+ type:
+ description: The data type for each object property.
+ type: string
+ description: |
+ Details about the object properties. This property is applicable when `type` is `object`.
+ type: object
+ required:
+ description: Indicates whether the field is required.
+ type: boolean
+ scaling_factor:
+ description: |
+ The scaling factor to use when encoding values. This property is applicable when `type` is `scaled_float`. Values will be multiplied by this factor at index time and rounded to the closest long value.
+ type: integer
+ type:
+ description: Specifies the data type for the field.
+ example: scaled_float
+ type: string
+ APM_UI_400_response:
+ type: object
+ properties:
+ error:
+ description: Error type
+ example: Not Found
+ type: string
+ message:
+ description: Error message
+ example: Not Found
+ type: string
+ statusCode:
+ description: Error status code
+ example: 400
+ type: number
+ APM_UI_401_response:
+ type: object
+ properties:
+ error:
+ description: Error type
+ example: Unauthorized
+ type: string
+ message:
+ description: Error message
+ type: string
+ statusCode:
+ description: Error status code
+ example: 401
+ type: number
+ APM_UI_403_response:
+ type: object
+ properties:
+ error:
+ description: Error type
+ example: Forbidden
+ type: string
+ message:
+ description: Error message
+ type: string
+ statusCode:
+ description: Error status code
+ example: 403
+ type: number
+ APM_UI_404_response:
+ type: object
+ properties:
+ error:
+ description: Error type
+ example: Not Found
+ type: string
+ message:
+ description: Error message
+ example: Not Found
+ type: string
+ statusCode:
+ description: Error status code
+ example: 404
+ type: number
+ APM_UI_500_response:
+ type: object
+ properties:
+ error:
+ description: Error type
+ example: Internal Server Error
+ type: string
+ message:
+ description: Error message
+ type: string
+ statusCode:
+ description: Error status code
+ example: 500
+ type: number
+ APM_UI_501_response:
+ type: object
+ properties:
+ error:
+ description: Error type
+ example: Not Implemented
+ type: string
+ message:
+ description: Error message
+ example: Not Implemented
+ type: string
+ statusCode:
+ description: Error status code
+ example: 501
+ type: number
+ APM_UI_agent_configuration_intake_object:
+ type: object
+ properties:
+ agent_name:
+ description: The agent name is used by the UI to determine which settings to display.
+ type: string
+ service:
+ $ref: '#/components/schemas/APM_UI_service_object'
+ settings:
+ $ref: '#/components/schemas/APM_UI_settings_object'
+ required:
+ - service
+ - settings
+ APM_UI_agent_configuration_object:
+ description: Agent configuration
+ type: object
+ properties:
+ '@timestamp':
+ description: Timestamp
+ example: 1730194190636
+ type: number
+ agent_name:
+ description: Agent name
+ type: string
+ applied_by_agent:
+ description: Applied by agent
+ example: true
+ type: boolean
+ etag:
+ description: |
+ `etag` is sent by the APM agent to indicate the `etag` of the last successfully applied configuration. If the `etag` matches an existing configuration its `applied_by_agent` property will be set to `true`. Every time a configuration is edited `applied_by_agent` is reset to `false`.
+ example: 0bc3b5ebf18fba8163fe4c96f491e3767a358f85
+ type: string
+ service:
+ $ref: '#/components/schemas/APM_UI_service_object'
+ settings:
+ $ref: '#/components/schemas/APM_UI_settings_object'
+ required:
+ - service
+ - settings
+ - '@timestamp'
+ - etag
+ APM_UI_agent_configurations_response:
+ type: object
+ properties:
+ configurations:
+ description: Agent configuration
+ items:
+ $ref: '#/components/schemas/APM_UI_agent_configuration_object'
+ type: array
+ APM_UI_agent_keys_object:
+ type: object
+ properties:
+ name:
+ description: The name of the APM agent key.
+ type: string
+ privileges:
+ description: |
+ The APM agent key privileges. It can take one or more of the following values:
+ * `event:write`, which is required for ingesting APM agent events. * `config_agent:read`, which is required for APM agents to read agent configuration remotely.
+ items:
+ enum:
+ - event:write
+ - config_agent:read
+ type: string
+ type: array
+ required:
+ - name
+ - privileges
+ APM_UI_agent_keys_response:
+ type: object
+ properties:
+ agentKey:
+ description: Agent key
+ type: object
+ properties:
+ api_key:
+ type: string
+ encoded:
+ type: string
+ expiration:
+ format: int64
+ type: integer
+ id:
+ type: string
+ name:
+ type: string
+ required:
+ - id
+ - name
+ - api_key
+ - encoded
+ APM_UI_annotation_search_response:
+ type: object
+ properties:
+ annotations:
+ description: Annotations
+ items:
+ type: object
+ properties:
+ '@timestamp':
+ type: number
+ id:
+ type: string
+ text:
+ type: string
+ type:
+ enum:
+ - version
+ type: string
+ type: array
+ APM_UI_base_source_map_object:
+ type: object
+ properties:
+ compressionAlgorithm:
+ description: Compression Algorithm
+ type: string
+ created:
+ description: Created date
+ type: string
+ decodedSha256:
+ description: Decoded SHA-256
+ type: string
+ decodedSize:
+ description: Decoded size
+ type: number
+ encodedSha256:
+ description: Encoded SHA-256
+ type: string
+ encodedSize:
+ description: Encoded size
+ type: number
+ encryptionAlgorithm:
+ description: Encryption Algorithm
+ type: string
+ id:
+ description: Identifier
+ type: string
+ identifier:
+ description: Identifier
+ type: string
+ packageName:
+ description: Package name
+ type: string
+ relative_url:
+ description: Relative URL
+ type: string
+ type:
+ description: Type
+ type: string
+ APM_UI_create_annotation_object:
+ type: object
+ properties:
+ '@timestamp':
+ description: The date and time of the annotation. It must be in ISO 8601 format.
+ type: string
+ message:
+ description: The message displayed in the annotation. It defaults to `service.version`.
+ type: string
+ service:
+ description: The service that identifies the configuration to create or update.
+ type: object
+ properties:
+ environment:
+ description: The environment of the service.
+ type: string
+ version:
+ description: The version of the service.
+ type: string
+ required:
+ - version
+ tags:
+ description: |
+ Tags are used by the Applications UI to distinguish APM annotations from other annotations. Tags may have additional functionality in future releases. It defaults to `[apm]`. While you can add additional tags, you cannot remove the `apm` tag.
+ items:
+ type: string
+ type: array
+ required:
+ - '@timestamp'
+ - service
+ APM_UI_create_annotation_response:
+ type: object
+ properties:
+ _id:
+ description: Identifier
+ type: string
+ _index:
+ description: Index
+ type: string
+ _source:
+ description: Response
+ type: object
+ properties:
+ '@timestamp':
+ type: string
+ annotation:
+ type: object
+ properties:
+ title:
+ type: string
+ type:
+ type: string
+ event:
+ type: object
+ properties:
+ created:
+ type: string
+ message:
+ type: string
+ service:
+ type: object
+ properties:
+ environment:
+ type: string
+ name:
+ type: string
+ version:
+ type: string
+ tags:
+ items:
+ type: string
+ type: array
+ APM_UI_delete_agent_configurations_response:
+ type: object
+ properties:
+ result:
+ description: Result
type: string
- type: array
- Cases_kbn_xsrf:
- description: Cross-site request forgery protection
- in: header
- name: kbn-xsrf
- required: true
- schema:
- type: string
- Cases_owner_filter:
- description: |
- A filter to limit the response to a specific set of applications. If this parameter is omitted, the response contains information about all the cases that the user has access to read.
- example: cases
- in: query
- name: owner
- schema:
- oneOf:
- - $ref: '#/components/schemas/Cases_owner'
- - $ref: '#/components/schemas/Cases_owners'
- Cases_page_index:
- description: The page number to return.
- in: query
- name: page
- required: false
- schema:
- default: 1
- type: integer
- Cases_page_size:
- description: The number of items to return. Limited to 100 items.
- in: query
- name: perPage
- required: false
- schema:
- default: 20
- maximum: 100
- type: integer
- Cases_reporters:
- description: Filters the returned cases by the user name of the reporter.
- example: elastic
- in: query
- name: reporters
- schema:
- oneOf:
- - $ref: '#/components/schemas/Cases_string'
- - $ref: '#/components/schemas/Cases_string_array'
- Cases_search:
- description: An Elasticsearch simple_query_string query that filters the objects in the response.
- in: query
- name: search
- schema:
- type: string
- Cases_searchFields:
- description: The fields to perform the simple_query_string parsed query against.
- in: query
- name: searchFields
- schema:
- oneOf:
- - $ref: '#/components/schemas/Cases_searchFieldsType'
- - $ref: '#/components/schemas/Cases_searchFieldsTypeArray'
- Cases_severity:
- description: The severity of the case.
- in: query
- name: severity
- schema:
- enum:
- - critical
- - high
- - low
- - medium
- type: string
- Cases_sort_order:
- description: Determines the sort order.
- in: query
- name: sortOrder
- required: false
- schema:
- default: desc
- enum:
- - asc
- - desc
- type: string
- Cases_sortField:
- description: Determines which field is used to sort the results.
- example: updatedAt
- in: query
- name: sortField
- schema:
- default: createdAt
- enum:
- - createdAt
- - updatedAt
- - closedAt
- - title
- - category
- - status
- - severity
- type: string
- Cases_status:
- description: Filters the returned cases by state.
- example: open
- in: query
- name: status
- schema:
- enum:
- - closed
- - in-progress
- - open
- type: string
- Cases_tags:
- description: Filters the returned cases by tags.
- example: tag-1
- in: query
- name: tags
- schema:
- oneOf:
- - $ref: '#/components/schemas/Cases_string'
- - $ref: '#/components/schemas/Cases_string_array'
- Cases_to:
- description: |
- Returns only cases that were created before a specific date. The date must be specified as a KQL data range or date match expression.
- example: now+1d
- in: query
- name: to
- schema:
+ APM_UI_delete_service_object:
+ description: Service
+ type: object
+ properties:
+ service:
+ $ref: '#/components/schemas/APM_UI_service_object'
+ required:
+ - service
+ APM_UI_search_agent_configuration_object:
+ type: object
+ properties:
+ etag:
+ description: If etags match then `applied_by_agent` field will be set to `true`
+ example: 0bc3b5ebf18fba8163fe4c96f491e3767a358f85
+ type: string
+ mark_as_applied_by_agent:
+ description: |
+ `markAsAppliedByAgent=true` means "force setting it to true regardless of etag".
+ This is needed for Jaeger agent that doesn't have etags
+ type: boolean
+ service:
+ $ref: '#/components/schemas/APM_UI_service_object'
+ required:
+ - service
+ APM_UI_search_agent_configuration_response:
+ type: object
+ properties:
+ _id:
+ description: Identifier
+ type: string
+ _index:
+ description: Index
+ type: string
+ _score:
+ description: Score
+ type: number
+ _source:
+ $ref: '#/components/schemas/APM_UI_agent_configuration_object'
+ APM_UI_service_agent_name_response:
+ type: object
+ properties:
+ agentName:
+ description: Agent name
+ example: nodejs
+ type: string
+ APM_UI_service_environment_object:
+ type: object
+ properties:
+ alreadyConfigured:
+ description: Already configured
+ type: boolean
+ name:
+ description: Service environment name
+ example: ALL_OPTION_VALUE
+ type: string
+ APM_UI_service_environments_response:
+ type: object
+ properties:
+ environments:
+ description: Service environment list
+ items:
+ $ref: '#/components/schemas/APM_UI_service_environment_object'
+ type: array
+ APM_UI_service_object:
+ description: Service
+ type: object
+ properties:
+ environment:
+ description: The environment of the service.
+ example: prod
+ type: string
+ name:
+ description: The name of the service.
+ example: node
+ type: string
+ APM_UI_settings_object:
+ additionalProperties:
type: string
- Cases_user_action_types:
- description: Determines the types of user actions to return.
- in: query
- name: types
- schema:
- items:
+ description: Agent configuration settings
+ type: object
+ APM_UI_single_agent_configuration_response:
+ allOf:
+ - type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
+ - $ref: '#/components/schemas/APM_UI_agent_configuration_object'
+ APM_UI_source_maps_response:
+ type: object
+ properties:
+ artifacts:
+ description: Artifacts
+ items:
+ allOf:
+ - type: object
+ properties:
+ body:
+ type: object
+ properties:
+ bundleFilepath:
+ type: string
+ serviceName:
+ type: string
+ serviceVersion:
+ type: string
+ sourceMap:
+ type: object
+ properties:
+ file:
+ type: string
+ mappings:
+ type: string
+ sourceRoot:
+ type: string
+ sources:
+ items:
+ type: string
+ type: array
+ sourcesContent:
+ items:
+ type: string
+ type: array
+ version:
+ type: number
+ - $ref: '#/components/schemas/APM_UI_base_source_map_object'
+ type: array
+ APM_UI_upload_source_map_object:
+ type: object
+ properties:
+ bundle_filepath:
+ description: The absolute path of the final bundle as used in the web application.
+ type: string
+ service_name:
+ description: The name of the service that the service map should apply to.
+ type: string
+ service_version:
+ description: The version of the service that the service map should apply to.
+ type: string
+ sourcemap:
+ description: |
+ The source map. It can be a string or file upload. It must follow the
+ [source map format specification](https://tc39.es/ecma426/).
+ format: binary
+ type: string
+ required:
+ - service_name
+ - service_version
+ - bundle_filepath
+ - sourcemap
+ APM_UI_upload_source_maps_response:
+ allOf:
+ - type: object
+ properties:
+ body:
+ type: string
+ - $ref: '#/components/schemas/APM_UI_base_source_map_object'
+ Cases_actions:
+ enum:
+ - add
+ - create
+ - delete
+ - push_to_service
+ - update
+ example: create
+ type: string
+ Cases_add_alert_comment_request_properties:
+ description: Defines properties for case comment requests when type is alert.
+ type: object
+ properties:
+ alertId:
+ $ref: '#/components/schemas/Cases_alert_identifiers'
+ index:
+ $ref: '#/components/schemas/Cases_alert_indices'
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ rule:
+ $ref: '#/components/schemas/Cases_rule'
+ type:
+ description: The type of comment.
enum:
- - action
- alert
- - assignees
- - attachment
- - comment
- - connector
- - create_case
- - description
- - pushed
- - settings
- - severity
- - status
- - tags
- - title
- - user
- example: create_case
+ example: alert
type: string
- type: array
- Data_views_field_name:
- description: The name of the runtime field.
- in: path
- name: fieldName
- required: true
- schema:
- example: hour_of_day
- type: string
- Data_views_kbn_xsrf:
- description: Cross-site request forgery protection
- in: header
- name: kbn-xsrf
- required: true
- schema:
- type: string
- Data_views_view_id:
- description: An identifier for the data view.
- in: path
- name: viewId
- required: true
- schema:
- example: ff959d40-b880-11e8-a6d9-e546fe2bba5f
- type: string
- Machine_learning_APIs_simulateParam:
- description: When true, simulates the synchronization by returning only the list of actions that would be performed.
- example: 'true'
- in: query
- name: simulate
- required: false
- schema:
- type: boolean
- Saved_objects_kbn_xsrf:
- description: Cross-site request forgery protection
- in: header
- name: kbn-xsrf
- required: true
- schema:
- type: string
- Saved_objects_saved_object_id:
- description: An identifier for the saved object.
- in: path
- name: id
- required: true
- schema:
- type: string
- Saved_objects_saved_object_type:
- description: Valid options include `visualization`, `dashboard`, `search`, `index-pattern`, `config`.
- in: path
- name: type
- required: true
- schema:
- type: string
- Short_URL_APIs_idParam:
- description: The identifier for the short URL.
- in: path
- name: id
- required: true
- schema:
- type: string
- SLOs_kbn_xsrf:
- description: Cross-site request forgery protection
- in: header
- name: kbn-xsrf
- required: true
- schema:
- type: string
- SLOs_slo_id:
- description: An identifier for the slo.
- in: path
- name: sloId
- required: true
- schema:
- example: 9c235211-6834-11ea-a78c-6feb38a34414
- type: string
- SLOs_space_id:
- description: An identifier for the space. If `/s/` and the identifier are omitted from the path, the default space is used.
- in: path
- name: spaceId
- required: true
- schema:
- example: default
- type: string
- schemas:
- Alerting_401_response:
+ required:
+ - alertId
+ - index
+ - owner
+ - rule
+ - type
+ title: Add case comment request properties for alerts
+ Cases_add_case_comment_request:
+ description: The add comment to case API request body varies depending on whether you are adding an alert or a comment.
+ discriminator:
+ mapping:
+ alert: '#/components/schemas/Cases_add_alert_comment_request_properties'
+ user: '#/components/schemas/Cases_add_user_comment_request_properties'
+ propertyName: type
+ oneOf:
+ - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties'
+ - $ref: '#/components/schemas/Cases_add_user_comment_request_properties'
+ title: Add case comment request
+ Cases_add_case_file_request:
+ description: Defines the file that will be attached to the case. Optional parameters will be generated automatically from the file metadata if not defined.
+ type: object
properties:
- error:
+ file:
+ description: The file being attached to the case.
+ format: binary
+ type: string
+ filename:
+ description: The desired name of the file being attached to the case, it can be different than the name of the file in the filesystem. **This should not include the file extension.**
+ type: string
+ required:
+ - file
+ title: Add case file request properties
+ Cases_add_user_comment_request_properties:
+ description: Defines properties for case comment requests when type is user.
+ properties:
+ comment:
+ description: The new comment. It is required only when `type` is `user`.
+ example: A new comment.
+ maxLength: 30000
+ type: string
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ type:
+ description: The type of comment.
enum:
- - Unauthorized
- example: Unauthorized
+ - user
+ example: user
+ type: string
+ required:
+ - comment
+ - owner
+ - type
+ title: Add case comment request properties for user comments
+ type: object
+ Cases_alert_comment_response_properties:
+ title: Add case comment response properties for alerts
+ type: object
+ properties:
+ alertId:
+ items:
+ example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446
+ type: string
+ type: array
+ created_at:
+ example: '2023-11-06T19:29:38.424Z'
+ format: date-time
+ type: string
+ created_by:
+ type: object
+ properties:
+ email:
+ example: null
+ nullable: true
+ type: string
+ full_name:
+ example: null
+ nullable: true
+ type: string
+ profile_uid:
+ example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
+ type: string
+ username:
+ example: elastic
+ nullable: true
+ type: string
+ required:
+ - email
+ - full_name
+ - username
+ id:
+ example: 73362370-ab1a-11ec-985f-97e55adae8b9
type: string
- message:
+ index:
+ items:
+ example: .internal.alerts-security.alerts-default-000001
+ type: string
+ type: array
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ pushed_at:
+ example: null
+ format: date-time
+ nullable: true
type: string
- statusCode:
+ pushed_by:
+ nullable: true
+ type: object
+ properties:
+ email:
+ example: null
+ nullable: true
+ type: string
+ full_name:
+ example: null
+ nullable: true
+ type: string
+ profile_uid:
+ example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
+ type: string
+ username:
+ example: elastic
+ nullable: true
+ type: string
+ required:
+ - email
+ - full_name
+ - username
+ rule:
+ type: object
+ properties:
+ id:
+ description: The rule identifier.
+ example: 94d80550-aaf4-11ec-985f-97e55adae8b9
+ type: string
+ name:
+ description: The rule name.
+ example: security_rule
+ type: string
+ type:
enum:
- - 401
- example: 401
- type: integer
- title: Unsuccessful rule API response
- type: object
- Alerting_fieldmap_properties:
- title: Field map objects in the get rule types response
- type: object
- properties:
- array:
- description: Indicates whether the field is an array.
- type: boolean
- dynamic:
- description: Indicates whether it is a dynamic field mapping.
- type: boolean
- format:
- description: |
- Indicates the format of the field. For example, if the `type` is `date_range`, the `format` can be `epoch_millis||strict_date_optional_time`.
+ - alert
+ example: alert
type: string
- ignore_above:
- description: Specifies the maximum length of a string field. Longer strings are not indexed or stored.
- type: integer
- index:
- description: Indicates whether field values are indexed.
- type: boolean
- path:
- description: TBD
+ updated_at:
+ format: date-time
+ nullable: true
type: string
- properties:
- additionalProperties:
- type: object
- properties:
- type:
- description: The data type for each object property.
- type: string
- description: |
- Details about the object properties. This property is applicable when `type` is `object`.
+ updated_by:
+ nullable: true
type: object
- required:
- description: Indicates whether the field is required.
- type: boolean
- scaling_factor:
- description: |
- The scaling factor to use when encoding values. This property is applicable when `type` is `scaled_float`. Values will be multiplied by this factor at index time and rounded to the closest long value.
- type: integer
- type:
- description: Specifies the data type for the field.
- example: scaled_float
+ properties:
+ email:
+ example: null
+ nullable: true
+ type: string
+ full_name:
+ example: null
+ nullable: true
+ type: string
+ profile_uid:
+ example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
+ type: string
+ username:
+ example: elastic
+ nullable: true
+ type: string
+ required:
+ - email
+ - full_name
+ - username
+ version:
+ example: WzMwNDgsMV0=
type: string
- APM_UI_400_response:
+ required:
+ - type
+ Cases_alert_identifiers:
+ description: |
+ The alert identifiers. It is required only when `type` is `alert`. You can use an array of strings to add multiple alerts to a case, provided that they all relate to the same rule; `index` must also be an array with the same length or number of elements. Adding multiple alerts in this manner is recommended rather than calling the API multiple times. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
+ example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42
+ oneOf:
+ - type: string
+ - items:
+ type: string
+ maxItems: 1000
+ type: array
+ title: Alert identifiers
+ x-state: Technical preview
+ Cases_alert_indices:
+ description: |
+ The alert indices. It is required only when `type` is `alert`. If you are adding multiple alerts to a case, use an array of strings; the position of each index name in the array must match the position of the corresponding alert identifier in the `alertId` array. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
+ oneOf:
+ - type: string
+ - items:
+ type: string
+ maxItems: 1000
+ type: array
+ title: Alert indices
+ x-state: Technical preview
+ Cases_alert_response_properties:
type: object
properties:
- error:
- description: Error type
- example: Not Found
+ attached_at:
+ format: date-time
type: string
- message:
- description: Error message
- example: Not Found
+ id:
+ description: The alert identifier.
type: string
- statusCode:
- description: Error status code
- example: 400
- type: number
- APM_UI_401_response:
- type: object
+ index:
+ description: The alert index.
+ type: string
+ Cases_assignees:
+ description: An array containing users that are assigned to the case.
+ items:
+ type: object
+ properties:
+ uid:
+ description: A unique identifier for the user profile. These identifiers can be found by using the suggest user profile API.
+ example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0
+ type: string
+ required:
+ - uid
+ maxItems: 10
+ nullable: true
+ type: array
+ Cases_case_categories:
+ items:
+ $ref: '#/components/schemas/Cases_case_category'
+ maxItems: 100
+ type: array
+ Cases_case_category:
+ description: A word or phrase that categorizes the case.
+ maxLength: 50
+ type: string
+ Cases_case_description:
+ description: The description for the case.
+ maxLength: 30000
+ type: string
+ Cases_case_response_closed_by_properties:
+ nullable: true
properties:
- error:
- description: Error type
- example: Unauthorized
+ email:
+ example: null
+ nullable: true
type: string
- message:
- description: Error message
+ full_name:
+ example: null
+ nullable: true
type: string
- statusCode:
- description: Error status code
- example: 401
- type: number
- APM_UI_403_response:
- type: object
- properties:
- error:
- description: Error type
- example: Forbidden
+ profile_uid:
+ example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
type: string
- message:
- description: Error message
+ username:
+ example: elastic
+ nullable: true
type: string
- statusCode:
- description: Error status code
- example: 403
- type: number
- APM_UI_404_response:
+ required:
+ - email
+ - full_name
+ - username
+ title: Case response properties for closed_by
+ type: object
+ Cases_case_response_created_by_properties:
+ title: Case response properties for created_by
type: object
properties:
- error:
- description: Error type
- example: Not Found
+ email:
+ example: null
+ nullable: true
type: string
- message:
- description: Error message
- example: Not Found
+ full_name:
+ example: null
+ nullable: true
type: string
- statusCode:
- description: Error status code
- example: 404
- type: number
- APM_UI_500_response:
- type: object
- properties:
- error:
- description: Error type
- example: Internal Server Error
+ profile_uid:
+ example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
type: string
- message:
- description: Error message
+ username:
+ example: elastic
+ nullable: true
type: string
- statusCode:
- description: Error status code
- example: 500
- type: number
- APM_UI_501_response:
- type: object
+ required:
+ - email
+ - full_name
+ - username
+ Cases_case_response_get_case:
+ description: |
+ Case details returned by the get case API. The comments property is not included in the response. Use the find case comments API to retrieve comments. totalComment reflects the actual number of user comments.
properties:
- error:
- description: Error type
- example: Not Implemented
+ assignees:
+ $ref: '#/components/schemas/Cases_assignees'
+ category:
+ description: The case category.
+ nullable: true
type: string
- message:
- description: Error message
- example: Not Implemented
+ closed_at:
+ format: date-time
+ nullable: true
type: string
- statusCode:
- description: Error status code
- example: 501
- type: number
- APM_UI_agent_configuration_intake_object:
- type: object
- properties:
- agent_name:
- description: The agent name is used by the UI to determine which settings to display.
+ closed_by:
+ $ref: '#/components/schemas/Cases_case_response_closed_by_properties'
+ connector:
+ discriminator:
+ mapping:
+ .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook'
+ .jira: '#/components/schemas/Cases_connector_properties_jira'
+ .none: '#/components/schemas/Cases_connector_properties_none'
+ .resilient: '#/components/schemas/Cases_connector_properties_resilient'
+ .servicenow: '#/components/schemas/Cases_connector_properties_servicenow'
+ .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir'
+ .swimlane: '#/components/schemas/Cases_connector_properties_swimlane'
+ propertyName: type
+ oneOf:
+ - $ref: '#/components/schemas/Cases_connector_properties_none'
+ - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook'
+ - $ref: '#/components/schemas/Cases_connector_properties_jira'
+ - $ref: '#/components/schemas/Cases_connector_properties_resilient'
+ - $ref: '#/components/schemas/Cases_connector_properties_servicenow'
+ - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir'
+ - $ref: '#/components/schemas/Cases_connector_properties_swimlane'
+ title: Case response properties for connectors
+ created_at:
+ example: '2022-05-13T09:16:17.416Z'
+ format: date-time
type: string
- service:
- $ref: '#/components/schemas/APM_UI_service_object'
- settings:
- $ref: '#/components/schemas/APM_UI_settings_object'
- required:
- - service
- - settings
- APM_UI_agent_configuration_object:
- description: Agent configuration
- type: object
- properties:
- '@timestamp':
- description: Timestamp
- example: 1730194190636
- type: number
- agent_name:
- description: Agent name
+ created_by:
+ $ref: '#/components/schemas/Cases_case_response_created_by_properties'
+ customFields:
+ description: Custom field values for the case.
+ items:
+ type: object
+ properties:
+ key:
+ description: |
+ The unique identifier for the custom field. The key value must exist in the case configuration settings.
+ type: string
+ type:
+ description: |
+ The custom field type. It must match the type specified in the case configuration settings.
+ enum:
+ - text
+ - toggle
+ type: string
+ value:
+ description: |
+ The custom field value. If the custom field is required, it cannot be explicitly set to null. However, for cases that existed when the required custom field was added, the default value stored in Elasticsearch is `undefined`. The value returned in the API and user interface in this case is `null`.
+ oneOf:
+ - maxLength: 160
+ minLength: 1
+ nullable: true
+ type: string
+ - type: boolean
+ type: array
+ description:
+ example: A case description.
type: string
- applied_by_agent:
- description: Applied by agent
- example: true
- type: boolean
- etag:
+ duration:
description: |
- `etag` is sent by the APM agent to indicate the `etag` of the last successfully applied configuration. If the `etag` matches an existing configuration its `applied_by_agent` property will be set to `true`. Every time a configuration is edited `applied_by_agent` is reset to `false`.
- example: 0bc3b5ebf18fba8163fe4c96f491e3767a358f85
+ The elapsed time from the creation of the case to its closure (in seconds). If the case has not been closed, the duration is set to null. If the case was closed after less than half a second, the duration is rounded down to zero.
+ example: 120
+ nullable: true
+ type: integer
+ external_service:
+ $ref: '#/components/schemas/Cases_external_service'
+ id:
+ example: 66b9aa00-94fa-11ea-9f74-e7e108796192
type: string
- service:
- $ref: '#/components/schemas/APM_UI_service_object'
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
settings:
- $ref: '#/components/schemas/APM_UI_settings_object'
+ $ref: '#/components/schemas/Cases_settings'
+ severity:
+ $ref: '#/components/schemas/Cases_case_severity'
+ status:
+ $ref: '#/components/schemas/Cases_case_status'
+ tags:
+ example:
+ - tag-1
+ items:
+ type: string
+ type: array
+ title:
+ example: Case title 1
+ type: string
+ totalAlerts:
+ example: 0
+ type: integer
+ totalComment:
+ description: The number of user comments on the case. Use the find case comments API to retrieve comment content.
+ example: 1
+ type: integer
+ updated_at:
+ format: date-time
+ nullable: true
+ type: string
+ updated_by:
+ $ref: '#/components/schemas/Cases_case_response_updated_by_properties'
+ version:
+ example: WzUzMiwxXQ==
+ type: string
required:
- - service
+ - closed_at
+ - closed_by
+ - connector
+ - created_at
+ - created_by
+ - description
+ - duration
+ - external_service
+ - id
+ - owner
- settings
- - '@timestamp'
- - etag
- APM_UI_agent_configurations_response:
+ - severity
+ - status
+ - tags
+ - title
+ - totalAlerts
+ - totalComment
+ - updated_at
+ - updated_by
+ - version
+ title: Get case response
+ type: object
+ Cases_case_response_properties:
+ title: Case response properties
type: object
properties:
- configurations:
- description: Agent configuration
+ assignees:
+ $ref: '#/components/schemas/Cases_assignees'
+ category:
+ description: The case category.
+ nullable: true
+ type: string
+ closed_at:
+ format: date-time
+ nullable: true
+ type: string
+ closed_by:
+ $ref: '#/components/schemas/Cases_case_response_closed_by_properties'
+ comments:
+ description: An array of comment objects for the case.
items:
- $ref: '#/components/schemas/APM_UI_agent_configuration_object'
+ discriminator:
+ mapping:
+ alert: '#/components/schemas/Cases_alert_comment_response_properties'
+ user: '#/components/schemas/Cases_user_comment_response_properties'
+ propertyName: type
+ oneOf:
+ - $ref: '#/components/schemas/Cases_alert_comment_response_properties'
+ - $ref: '#/components/schemas/Cases_user_comment_response_properties'
+ maxItems: 10000
+ title: Case response properties for comments
type: array
- APM_UI_agent_keys_object:
- type: object
- properties:
- name:
- description: The name of the APM agent key.
+ connector:
+ discriminator:
+ mapping:
+ .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook'
+ .jira: '#/components/schemas/Cases_connector_properties_jira'
+ .none: '#/components/schemas/Cases_connector_properties_none'
+ .resilient: '#/components/schemas/Cases_connector_properties_resilient'
+ .servicenow: '#/components/schemas/Cases_connector_properties_servicenow'
+ .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir'
+ .swimlane: '#/components/schemas/Cases_connector_properties_swimlane'
+ propertyName: type
+ oneOf:
+ - $ref: '#/components/schemas/Cases_connector_properties_none'
+ - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook'
+ - $ref: '#/components/schemas/Cases_connector_properties_jira'
+ - $ref: '#/components/schemas/Cases_connector_properties_resilient'
+ - $ref: '#/components/schemas/Cases_connector_properties_servicenow'
+ - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir'
+ - $ref: '#/components/schemas/Cases_connector_properties_swimlane'
+ title: Case response properties for connectors
+ created_at:
+ example: '2022-05-13T09:16:17.416Z'
+ format: date-time
type: string
- privileges:
- description: |
- The APM agent key privileges. It can take one or more of the following values:
- * `event:write`, which is required for ingesting APM agent events. * `config_agent:read`, which is required for APM agents to read agent configuration remotely.
- items:
- enum:
- - event:write
- - config_agent:read
- type: string
- type: array
- required:
- - name
- - privileges
- APM_UI_agent_keys_response:
- type: object
- properties:
- agentKey:
- description: Agent key
- type: object
- properties:
- api_key:
- type: string
- encoded:
- type: string
- expiration:
- format: int64
- type: integer
- id:
- type: string
- name:
- type: string
- required:
- - id
- - name
- - api_key
- - encoded
- APM_UI_annotation_search_response:
- type: object
- properties:
- annotations:
- description: Annotations
+ created_by:
+ $ref: '#/components/schemas/Cases_case_response_created_by_properties'
+ customFields:
+ description: Custom field values for the case.
items:
type: object
properties:
- '@timestamp':
- type: number
- id:
- type: string
- text:
+ key:
+ description: |
+ The unique identifier for the custom field. The key value must exist in the case configuration settings.
type: string
type:
+ description: |
+ The custom field type. It must match the type specified in the case configuration settings.
enum:
- - version
+ - text
+ - toggle
type: string
+ value:
+ description: |
+ The custom field value. If the custom field is required, it cannot be explicitly set to null. However, for cases that existed when the required custom field was added, the default value stored in Elasticsearch is `undefined`. The value returned in the API and user interface in this case is `null`.
+ oneOf:
+ - maxLength: 160
+ minLength: 1
+ nullable: true
+ type: string
+ - type: boolean
type: array
- APM_UI_base_source_map_object:
- type: object
- properties:
- compressionAlgorithm:
- description: Compression Algorithm
- type: string
- created:
- description: Created date
- type: string
- decodedSha256:
- description: Decoded SHA-256
- type: string
- decodedSize:
- description: Decoded size
- type: number
- encodedSha256:
- description: Encoded SHA-256
- type: string
- encodedSize:
- description: Encoded size
- type: number
- encryptionAlgorithm:
- description: Encryption Algorithm
+ description:
+ example: A case description.
type: string
+ duration:
+ description: |
+ The elapsed time from the creation of the case to its closure (in seconds). If the case has not been closed, the duration is set to null. If the case was closed after less than half a second, the duration is rounded down to zero.
+ example: 120
+ nullable: true
+ type: integer
+ external_service:
+ $ref: '#/components/schemas/Cases_external_service'
id:
- description: Identifier
- type: string
- identifier:
- description: Identifier
- type: string
- packageName:
- description: Package name
- type: string
- relative_url:
- description: Relative URL
- type: string
- type:
- description: Type
- type: string
- APM_UI_create_annotation_object:
- type: object
- properties:
- '@timestamp':
- description: The date and time of the annotation. It must be in ISO 8601 format.
- type: string
- message:
- description: The message displayed in the annotation. It defaults to `service.version`.
+ example: 66b9aa00-94fa-11ea-9f74-e7e108796192
type: string
- service:
- description: The service that identifies the configuration to create or update.
- type: object
- properties:
- environment:
- description: The environment of the service.
- type: string
- version:
- description: The version of the service.
- type: string
- required:
- - version
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ settings:
+ $ref: '#/components/schemas/Cases_settings'
+ severity:
+ $ref: '#/components/schemas/Cases_case_severity'
+ status:
+ $ref: '#/components/schemas/Cases_case_status'
tags:
- description: |
- Tags are used by the Applications UI to distinguish APM annotations from other annotations. Tags may have additional functionality in future releases. It defaults to `[apm]`. While you can add additional tags, you cannot remove the `apm` tag.
+ example:
+ - tag-1
items:
type: string
type: array
- required:
- - '@timestamp'
- - service
- APM_UI_create_annotation_response:
- type: object
- properties:
- _id:
- description: Identifier
+ title:
+ example: Case title 1
type: string
- _index:
- description: Index
+ totalAlerts:
+ example: 0
+ type: integer
+ totalComment:
+ example: 0
+ type: integer
+ updated_at:
+ format: date-time
+ nullable: true
type: string
- _source:
- description: Response
- type: object
- properties:
- '@timestamp':
- type: string
- annotation:
- type: object
- properties:
- title:
- type: string
- type:
- type: string
- event:
- type: object
- properties:
- created:
- type: string
- message:
- type: string
- service:
- type: object
- properties:
- environment:
- type: string
- name:
- type: string
- version:
- type: string
- tags:
- items:
- type: string
- type: array
- APM_UI_delete_agent_configurations_response:
- type: object
- properties:
- result:
- description: Result
+ updated_by:
+ $ref: '#/components/schemas/Cases_case_response_updated_by_properties'
+ version:
+ example: WzUzMiwxXQ==
type: string
- APM_UI_delete_service_object:
- description: Service
- type: object
- properties:
- service:
- $ref: '#/components/schemas/APM_UI_service_object'
required:
- - service
- APM_UI_search_agent_configuration_object:
- type: object
+ - closed_at
+ - closed_by
+ - comments
+ - connector
+ - created_at
+ - created_by
+ - description
+ - duration
+ - external_service
+ - id
+ - owner
+ - settings
+ - severity
+ - status
+ - tags
+ - title
+ - totalAlerts
+ - totalComment
+ - updated_at
+ - updated_by
+ - version
+ Cases_case_response_pushed_by_properties:
+ nullable: true
properties:
- etag:
- description: If etags match then `applied_by_agent` field will be set to `true`
- example: 0bc3b5ebf18fba8163fe4c96f491e3767a358f85
+ email:
+ example: null
+ nullable: true
+ type: string
+ full_name:
+ example: null
+ nullable: true
+ type: string
+ profile_uid:
+ example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
+ type: string
+ username:
+ example: elastic
+ nullable: true
type: string
- mark_as_applied_by_agent:
- description: |
- `markAsAppliedByAgent=true` means "force setting it to true regardless of etag".
- This is needed for Jaeger agent that doesn't have etags
- type: boolean
- service:
- $ref: '#/components/schemas/APM_UI_service_object'
required:
- - service
- APM_UI_search_agent_configuration_response:
+ - email
+ - full_name
+ - username
+ title: Case response properties for pushed_by
type: object
+ Cases_case_response_updated_by_properties:
+ nullable: true
properties:
- _id:
- description: Identifier
+ email:
+ example: null
+ nullable: true
type: string
- _index:
- description: Index
+ full_name:
+ example: null
+ nullable: true
type: string
- _score:
- description: Score
- type: number
- _source:
- $ref: '#/components/schemas/APM_UI_agent_configuration_object'
- APM_UI_service_agent_name_response:
- type: object
- properties:
- agentName:
- description: Agent name
- example: nodejs
+ profile_uid:
+ example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
type: string
- APM_UI_service_environment_object:
- type: object
- properties:
- alreadyConfigured:
- description: Already configured
- type: boolean
- name:
- description: Service environment name
- example: ALL_OPTION_VALUE
+ username:
+ example: elastic
+ nullable: true
type: string
- APM_UI_service_environments_response:
+ required:
+ - email
+ - full_name
+ - username
+ title: Case response properties for updated_by
type: object
- properties:
- environments:
- description: Service environment list
- items:
- $ref: '#/components/schemas/APM_UI_service_environment_object'
- type: array
- APM_UI_service_object:
- description: Service
+ Cases_case_severity:
+ description: The severity of the case.
+ enum:
+ - critical
+ - high
+ - low
+ - medium
+ type: string
+ Cases_case_status:
+ description: The status of the case.
+ enum:
+ - closed
+ - in-progress
+ - open
+ type: string
+ Cases_case_tags:
+ description: |
+ The words and phrases that help categorize cases. It can be an empty array.
+ items:
+ maxLength: 256
+ type: string
+ maxItems: 200
+ type: array
+ Cases_case_title:
+ description: A title for the case.
+ maxLength: 160
+ type: string
+ Cases_closure_types:
+ description: Indicates whether a case is automatically closed when it is pushed to external systems (`close-by-pushing`) or not automatically closed (`close-by-user`).
+ enum:
+ - close-by-pushing
+ - close-by-user
+ example: close-by-user
+ type: string
+ Cases_connector_properties_cases_webhook:
+ description: Defines properties for connectors when type is `.cases-webhook`.
type: object
properties:
- environment:
- description: The environment of the service.
- example: prod
+ fields:
+ example: null
+ nullable: true
+ type: string
+ id:
+ description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
name:
- description: The name of the service.
- example: node
+ description: The name of the connector.
type: string
- APM_UI_settings_object:
- additionalProperties:
- type: string
- description: Agent configuration settings
+ type:
+ description: The type of connector.
+ enum:
+ - .cases-webhook
+ example: .cases-webhook
+ type: string
+ required:
+ - fields
+ - id
+ - name
+ - type
+ title: Create or upate case request properties for Cases Webhook connector
+ Cases_connector_properties_jira:
+ description: Defines properties for connectors when type is `.jira`.
type: object
- APM_UI_single_agent_configuration_response:
- allOf:
- - type: object
+ properties:
+ fields:
+ description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
+ type: object
properties:
- id:
+ issueType:
+ description: The type of issue.
+ nullable: true
+ type: string
+ parent:
+ description: The key of the parent issue, when the issue type is sub-task.
+ nullable: true
+ type: string
+ priority:
+ description: The priority of the issue.
+ nullable: true
type: string
required:
- - id
- - $ref: '#/components/schemas/APM_UI_agent_configuration_object'
- APM_UI_source_maps_response:
- type: object
- properties:
- artifacts:
- description: Artifacts
- items:
- allOf:
- - type: object
- properties:
- body:
- type: object
- properties:
- bundleFilepath:
- type: string
- serviceName:
- type: string
- serviceVersion:
- type: string
- sourceMap:
- type: object
- properties:
- file:
- type: string
- mappings:
- type: string
- sourceRoot:
- type: string
- sources:
- items:
- type: string
- type: array
- sourcesContent:
- items:
- type: string
- type: array
- version:
- type: number
- - $ref: '#/components/schemas/APM_UI_base_source_map_object'
- type: array
- APM_UI_upload_source_map_object:
- type: object
- properties:
- bundle_filepath:
- description: The absolute path of the final bundle as used in the web application.
- type: string
- service_name:
- description: The name of the service that the service map should apply to.
+ - issueType
+ - parent
+ - priority
+ id:
+ description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
- service_version:
- description: The version of the service that the service map should apply to.
+ name:
+ description: The name of the connector.
type: string
- sourcemap:
- description: |
- The source map. It can be a string or file upload. It must follow the
- [source map format specification](https://tc39.es/ecma426/).
- format: binary
+ type:
+ description: The type of connector.
+ enum:
+ - .jira
+ example: .jira
type: string
required:
- - service_name
- - service_version
- - bundle_filepath
- - sourcemap
- APM_UI_upload_source_maps_response:
- allOf:
- - type: object
- properties:
- body:
- type: string
- - $ref: '#/components/schemas/APM_UI_base_source_map_object'
- Cases_actions:
- enum:
- - add
- - create
- - delete
- - push_to_service
- - update
- example: create
- type: string
- Cases_add_alert_comment_request_properties:
- description: Defines properties for case comment requests when type is alert.
- type: object
- properties:
- alertId:
- $ref: '#/components/schemas/Cases_alert_identifiers'
- index:
- $ref: '#/components/schemas/Cases_alert_indices'
- owner:
- $ref: '#/components/schemas/Cases_owner'
- rule:
- $ref: '#/components/schemas/Cases_rule'
+ - fields
+ - id
+ - name
+ - type
+ title: Create or update case request properties for a Jira connector
+ Cases_connector_properties_none:
+ description: Defines properties for connectors when type is `.none`.
+ type: object
+ properties:
+ fields:
+ description: An object containing the connector fields. To create a case without a connector, specify null. To update a case to remove the connector, specify null.
+ example: null
+ nullable: true
+ type: string
+ id:
+ description: The identifier for the connector. To create a case without a connector, use `none`. To update a case to remove the connector, specify `none`.
+ example: none
+ type: string
+ name:
+ description: The name of the connector. To create a case without a connector, use `none`. To update a case to remove the connector, specify `none`.
+ example: none
+ type: string
type:
- description: The type of comment.
+ description: The type of connector. To create a case without a connector, use `.none`. To update a case to remove the connector, specify `.none`.
enum:
- - alert
- example: alert
+ - .none
+ example: .none
type: string
required:
- - alertId
- - index
- - owner
- - rule
+ - fields
+ - id
+ - name
- type
- title: Add case comment request properties for alerts
- Cases_add_case_comment_request:
- description: The add comment to case API request body varies depending on whether you are adding an alert or a comment.
- discriminator:
- mapping:
- alert: '#/components/schemas/Cases_add_alert_comment_request_properties'
- user: '#/components/schemas/Cases_add_user_comment_request_properties'
- propertyName: type
- oneOf:
- - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties'
- - $ref: '#/components/schemas/Cases_add_user_comment_request_properties'
- title: Add case comment request
- Cases_add_case_file_request:
- description: Defines the file that will be attached to the case. Optional parameters will be generated automatically from the file metadata if not defined.
+ title: Create or update case request properties for no connector
+ Cases_connector_properties_resilient:
+ description: Defines properties for connectors when type is `.resilient`.
type: object
properties:
- file:
- description: The file being attached to the case.
- format: binary
+ fields:
+ description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
+ nullable: true
+ type: object
+ properties:
+ issueTypes:
+ description: The type of incident.
+ items:
+ type: string
+ type: array
+ severityCode:
+ description: The severity code of the incident.
+ type: string
+ required:
+ - issueTypes
+ - severityCode
+ id:
+ description: The identifier for the connector.
type: string
- filename:
- description: The desired name of the file being attached to the case, it can be different than the name of the file in the filesystem. **This should not include the file extension.**
+ name:
+ description: The name of the connector.
+ type: string
+ type:
+ description: The type of connector.
+ enum:
+ - .resilient
+ example: .resilient
type: string
required:
- - file
- title: Add case file request properties
- Cases_add_user_comment_request_properties:
- description: Defines properties for case comment requests when type is user.
+ - fields
+ - id
+ - name
+ - type
+ title: Create case request properties for a IBM Resilient connector
+ Cases_connector_properties_servicenow:
+ description: Defines properties for connectors when type is `.servicenow`.
+ type: object
properties:
- comment:
- description: The new comment. It is required only when `type` is `user`.
- example: A new comment.
- maxLength: 30000
+ fields:
+ description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
+ type: object
+ properties:
+ category:
+ description: The category of the incident.
+ nullable: true
+ type: string
+ impact:
+ description: The effect an incident had on business.
+ nullable: true
+ type: string
+ severity:
+ description: The severity of the incident.
+ nullable: true
+ type: string
+ subcategory:
+ description: The subcategory of the incident.
+ nullable: true
+ type: string
+ urgency:
+ description: The extent to which the incident resolution can be delayed.
+ nullable: true
+ type: string
+ required:
+ - category
+ - impact
+ - severity
+ - subcategory
+ - urgency
+ id:
+ description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
+ type: string
+ name:
+ description: The name of the connector.
type: string
- owner:
- $ref: '#/components/schemas/Cases_owner'
type:
- description: The type of comment.
+ description: The type of connector.
enum:
- - user
- example: user
+ - .servicenow
+ example: .servicenow
type: string
required:
- - comment
- - owner
+ - fields
+ - id
+ - name
- type
- title: Add case comment request properties for user comments
- type: object
- Cases_alert_comment_response_properties:
- title: Add case comment response properties for alerts
+ title: Create case request properties for a ServiceNow ITSM connector
+ Cases_connector_properties_servicenow_sir:
+ description: Defines properties for connectors when type is `.servicenow-sir`.
type: object
properties:
- alertId:
- items:
- example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446
- type: string
- type: array
- created_at:
- example: '2023-11-06T19:29:38.424Z'
- format: date-time
- type: string
- created_by:
+ fields:
+ description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
type: object
properties:
- email:
- example: null
+ category:
+ description: The category of the incident.
nullable: true
type: string
- full_name:
- example: null
+ destIp:
+ description: Indicates whether cases will send a comma-separated list of destination IPs.
+ nullable: true
+ type: boolean
+ malwareHash:
+ description: Indicates whether cases will send a comma-separated list of malware hashes.
+ nullable: true
+ type: boolean
+ malwareUrl:
+ description: Indicates whether cases will send a comma-separated list of malware URLs.
+ nullable: true
+ type: boolean
+ priority:
+ description: The priority of the issue.
nullable: true
type: string
- profile_uid:
- example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
+ sourceIp:
+ description: Indicates whether cases will send a comma-separated list of source IPs.
+ nullable: true
+ type: boolean
+ subcategory:
+ description: The subcategory of the incident.
+ nullable: true
type: string
- username:
- example: elastic
+ required:
+ - category
+ - destIp
+ - malwareHash
+ - malwareUrl
+ - priority
+ - sourceIp
+ - subcategory
+ id:
+ description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
+ type: string
+ name:
+ description: The name of the connector.
+ type: string
+ type:
+ description: The type of connector.
+ enum:
+ - .servicenow-sir
+ example: .servicenow-sir
+ type: string
+ required:
+ - fields
+ - id
+ - name
+ - type
+ title: Create case request properties for a ServiceNow SecOps connector
+ Cases_connector_properties_swimlane:
+ description: Defines properties for connectors when type is `.swimlane`.
+ type: object
+ properties:
+ fields:
+ description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
+ type: object
+ properties:
+ caseId:
+ description: The case identifier for Swimlane connectors.
nullable: true
type: string
required:
- - email
- - full_name
- - username
+ - caseId
id:
- example: 73362370-ab1a-11ec-985f-97e55adae8b9
+ description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
type: string
- index:
+ name:
+ description: The name of the connector.
+ type: string
+ type:
+ description: The type of connector.
+ enum:
+ - .swimlane
+ example: .swimlane
+ type: string
+ required:
+ - fields
+ - id
+ - name
+ - type
+ title: Create case request properties for a Swimlane connector
+ Cases_connector_types:
+ description: The type of connector.
+ enum:
+ - .cases-webhook
+ - .jira
+ - .none
+ - .resilient
+ - .servicenow
+ - .servicenow-sir
+ - .swimlane
+ example: .none
+ type: string
+ Cases_create_case_request:
+ description: The create case API request body varies depending on the type of connector.
+ properties:
+ assignees:
+ $ref: '#/components/schemas/Cases_assignees'
+ category:
+ $ref: '#/components/schemas/Cases_case_category'
+ connector:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_connector_properties_none'
+ - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook'
+ - $ref: '#/components/schemas/Cases_connector_properties_jira'
+ - $ref: '#/components/schemas/Cases_connector_properties_resilient'
+ - $ref: '#/components/schemas/Cases_connector_properties_servicenow'
+ - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir'
+ - $ref: '#/components/schemas/Cases_connector_properties_swimlane'
+ customFields:
+ description: |
+ Custom field values for a case. Any optional custom fields that are not specified in the request are set to null.
items:
- example: .internal.alerts-security.alerts-default-000001
- type: string
+ type: object
+ properties:
+ key:
+ description: |
+ The unique identifier for the custom field. The key value must exist in the case configuration settings.
+ type: string
+ type:
+ description: |
+ The custom field type. It must match the type specified in the case configuration settings.
+ enum:
+ - text
+ - toggle
+ type: string
+ value:
+ description: |
+ The custom field value. If the custom field is required, it cannot be explicitly set to null. However, for cases that existed when the required custom field was added, the default value stored in Elasticsearch is `undefined`. The value returned in the API and user interface in this case is `null`.
+ oneOf:
+ - maxLength: 160
+ minLength: 1
+ nullable: true
+ type: string
+ - type: boolean
+ required:
+ - key
+ - type
+ - value
+ maxItems: 10
+ minItems: 0
type: array
+ description:
+ $ref: '#/components/schemas/Cases_case_description'
owner:
$ref: '#/components/schemas/Cases_owner'
+ settings:
+ $ref: '#/components/schemas/Cases_settings'
+ severity:
+ $ref: '#/components/schemas/Cases_case_severity'
+ tags:
+ $ref: '#/components/schemas/Cases_case_tags'
+ title:
+ $ref: '#/components/schemas/Cases_case_title'
+ required:
+ - connector
+ - description
+ - owner
+ - settings
+ - tags
+ - title
+ title: Create case request
+ type: object
+ Cases_external_service:
+ nullable: true
+ type: object
+ properties:
+ connector_id:
+ type: string
+ connector_name:
+ type: string
+ external_id:
+ type: string
+ external_title:
+ type: string
+ external_url:
+ type: string
pushed_at:
- example: null
format: date-time
- nullable: true
type: string
pushed_by:
nullable: true
@@ -79721,2968 +76911,3558 @@ components:
example: elastic
nullable: true
type: string
- required:
- - email
- - full_name
- - username
- rule:
+ Cases_find_comments_response:
+ title: Find case comments response
+ type: object
+ properties:
+ comments:
+ description: Paginated list of user comments for the case.
+ items:
+ $ref: '#/components/schemas/Cases_user_comment_response_properties'
+ type: array
+ page:
+ description: The current page index.
+ type: integer
+ per_page:
+ description: The number of items per page.
+ type: integer
+ total:
+ description: The total number of comments.
+ type: integer
+ required:
+ - comments
+ - page
+ - per_page
+ - total
+ Cases_owner:
+ description: |
+ The application that owns the cases: Stack Management, Observability, or Elastic Security.
+ enum:
+ - cases
+ - observability
+ - securitySolution
+ example: cases
+ type: string
+ Cases_owners:
+ items:
+ $ref: '#/components/schemas/Cases_owner'
+ type: array
+ Cases_payload_alert_comment:
+ type: object
+ properties:
+ comment:
+ type: object
+ properties:
+ alertId:
+ oneOf:
+ - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d
+ type: string
+ - items:
+ type: string
+ type: array
+ index:
+ oneOf:
+ - example: .alerts-observability.logs.alerts-default
+ type: string
+ - items:
+ type: string
+ type: array
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ rule:
+ type: object
+ properties:
+ id:
+ description: The rule identifier.
+ example: 94d80550-aaf4-11ec-985f-97e55adae8b9
+ type: string
+ name:
+ description: The rule name.
+ example: security_rule
+ type: string
+ type:
+ enum:
+ - alert
+ type: string
+ Cases_payload_assignees:
+ type: object
+ properties:
+ assignees:
+ $ref: '#/components/schemas/Cases_assignees'
+ Cases_payload_connector:
+ type: object
+ properties:
+ connector:
type: object
properties:
+ fields:
+ description: An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.
+ example: null
+ nullable: true
+ type: object
+ properties:
+ caseId:
+ description: The case identifier for Swimlane connectors.
+ type: string
+ category:
+ description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
+ type: string
+ destIp:
+ description: Indicates whether cases will send a comma-separated list of destination IPs for ServiceNow SecOps connectors.
+ nullable: true
+ type: boolean
+ impact:
+ description: The effect an incident had on business for ServiceNow ITSM connectors.
+ type: string
+ issueType:
+ description: The type of issue for Jira connectors.
+ type: string
+ issueTypes:
+ description: The type of incident for IBM Resilient connectors.
+ items:
+ type: string
+ type: array
+ malwareHash:
+ description: Indicates whether cases will send a comma-separated list of malware hashes for ServiceNow SecOps connectors.
+ nullable: true
+ type: boolean
+ malwareUrl:
+ description: Indicates whether cases will send a comma-separated list of malware URLs for ServiceNow SecOps connectors.
+ nullable: true
+ type: boolean
+ parent:
+ description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
+ type: string
+ priority:
+ description: The priority of the issue for Jira and ServiceNow SecOps connectors.
+ type: string
+ severity:
+ description: The severity of the incident for ServiceNow ITSM connectors.
+ type: string
+ severityCode:
+ description: The severity code of the incident for IBM Resilient connectors.
+ type: string
+ sourceIp:
+ description: Indicates whether cases will send a comma-separated list of source IPs for ServiceNow SecOps connectors.
+ nullable: true
+ type: boolean
+ subcategory:
+ description: The subcategory of the incident for ServiceNow ITSM connectors.
+ type: string
+ urgency:
+ description: The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors.
+ type: string
id:
- description: The rule identifier.
- example: 94d80550-aaf4-11ec-985f-97e55adae8b9
+ description: The identifier for the connector. To create a case without a connector, use `none`.
+ example: none
type: string
name:
- description: The rule name.
- example: security_rule
+ description: The name of the connector. To create a case without a connector, use `none`.
+ example: none
type: string
- type:
- enum:
- - alert
- example: alert
- type: string
- updated_at:
- format: date-time
- nullable: true
- type: string
- updated_by:
- nullable: true
+ type:
+ $ref: '#/components/schemas/Cases_connector_types'
+ Cases_payload_create_case:
+ type: object
+ properties:
+ assignees:
+ $ref: '#/components/schemas/Cases_assignees'
+ connector:
type: object
properties:
- email:
- example: null
- nullable: true
- type: string
- full_name:
+ fields:
+ description: An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.
example: null
nullable: true
+ type: object
+ properties:
+ caseId:
+ description: The case identifier for Swimlane connectors.
+ type: string
+ category:
+ description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
+ type: string
+ destIp:
+ description: Indicates whether cases will send a comma-separated list of destination IPs for ServiceNow SecOps connectors.
+ nullable: true
+ type: boolean
+ impact:
+ description: The effect an incident had on business for ServiceNow ITSM connectors.
+ type: string
+ issueType:
+ description: The type of issue for Jira connectors.
+ type: string
+ issueTypes:
+ description: The type of incident for IBM Resilient connectors.
+ items:
+ type: string
+ type: array
+ malwareHash:
+ description: Indicates whether cases will send a comma-separated list of malware hashes for ServiceNow SecOps connectors.
+ nullable: true
+ type: boolean
+ malwareUrl:
+ description: Indicates whether cases will send a comma-separated list of malware URLs for ServiceNow SecOps connectors.
+ nullable: true
+ type: boolean
+ parent:
+ description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
+ type: string
+ priority:
+ description: The priority of the issue for Jira and ServiceNow SecOps connectors.
+ type: string
+ severity:
+ description: The severity of the incident for ServiceNow ITSM connectors.
+ type: string
+ severityCode:
+ description: The severity code of the incident for IBM Resilient connectors.
+ type: string
+ sourceIp:
+ description: Indicates whether cases will send a comma-separated list of source IPs for ServiceNow SecOps connectors.
+ nullable: true
+ type: boolean
+ subcategory:
+ description: The subcategory of the incident for ServiceNow ITSM connectors.
+ type: string
+ urgency:
+ description: The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors.
+ type: string
+ id:
+ description: The identifier for the connector. To create a case without a connector, use `none`.
+ example: none
type: string
- profile_uid:
- example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
- type: string
- username:
- example: elastic
- nullable: true
+ name:
+ description: The name of the connector. To create a case without a connector, use `none`.
+ example: none
type: string
- required:
- - email
- - full_name
- - username
- version:
- example: WzMwNDgsMV0=
+ type:
+ $ref: '#/components/schemas/Cases_connector_types'
+ description:
type: string
- required:
- - type
- Cases_alert_identifiers:
- description: |
- The alert identifiers. It is required only when `type` is `alert`. You can use an array of strings to add multiple alerts to a case, provided that they all relate to the same rule; `index` must also be an array with the same length or number of elements. Adding multiple alerts in this manner is recommended rather than calling the API multiple times. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
- example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42
- oneOf:
- - type: string
- - items:
- type: string
- maxItems: 1000
- type: array
- title: Alert identifiers
- x-state: Technical preview
- Cases_alert_indices:
- description: |
- The alert indices. It is required only when `type` is `alert`. If you are adding multiple alerts to a case, use an array of strings; the position of each index name in the array must match the position of the corresponding alert identifier in the `alertId` array. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
- oneOf:
- - type: string
- - items:
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ settings:
+ $ref: '#/components/schemas/Cases_settings'
+ severity:
+ $ref: '#/components/schemas/Cases_case_severity'
+ status:
+ $ref: '#/components/schemas/Cases_case_status'
+ tags:
+ example:
+ - tag-1
+ items:
type: string
- maxItems: 1000
type: array
- title: Alert indices
- x-state: Technical preview
- Cases_alert_response_properties:
- type: object
- properties:
- attached_at:
- format: date-time
- type: string
- id:
- description: The alert identifier.
- type: string
- index:
- description: The alert index.
+ title:
type: string
- Cases_assignees:
- description: An array containing users that are assigned to the case.
- items:
- type: object
- properties:
- uid:
- description: A unique identifier for the user profile. These identifiers can be found by using the suggest user profile API.
- example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0
- type: string
- required:
- - uid
- maxItems: 10
- nullable: true
- type: array
- Cases_case_categories:
- items:
- $ref: '#/components/schemas/Cases_case_category'
- maxItems: 100
- type: array
- Cases_case_category:
- description: A word or phrase that categorizes the case.
- maxLength: 50
- type: string
- Cases_case_description:
- description: The description for the case.
- maxLength: 30000
- type: string
- Cases_case_response_closed_by_properties:
+ Cases_payload_delete:
+ description: If the `action` is `delete` and the `type` is `delete_case`, the payload is nullable.
nullable: true
- properties:
- email:
- example: null
- nullable: true
- type: string
- full_name:
- example: null
- nullable: true
- type: string
- profile_uid:
- example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
- type: string
- username:
- example: elastic
- nullable: true
- type: string
- required:
- - email
- - full_name
- - username
- title: Case response properties for closed_by
type: object
- Cases_case_response_created_by_properties:
- title: Case response properties for created_by
+ Cases_payload_description:
type: object
properties:
- email:
- example: null
- nullable: true
- type: string
- full_name:
- example: null
- nullable: true
- type: string
- profile_uid:
- example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
- type: string
- username:
- example: elastic
- nullable: true
- type: string
- required:
- - email
- - full_name
- - username
- Cases_case_response_get_case:
- description: |
- Case details returned by the get case API. The comments property is not included in the response. Use the find case comments API to retrieve comments. totalComment reflects the actual number of user comments.
- properties:
- assignees:
- $ref: '#/components/schemas/Cases_assignees'
- category:
- description: The case category.
- nullable: true
- type: string
- closed_at:
- format: date-time
- nullable: true
- type: string
- closed_by:
- $ref: '#/components/schemas/Cases_case_response_closed_by_properties'
- connector:
- discriminator:
- mapping:
- .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook'
- .jira: '#/components/schemas/Cases_connector_properties_jira'
- .none: '#/components/schemas/Cases_connector_properties_none'
- .resilient: '#/components/schemas/Cases_connector_properties_resilient'
- .servicenow: '#/components/schemas/Cases_connector_properties_servicenow'
- .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir'
- .swimlane: '#/components/schemas/Cases_connector_properties_swimlane'
- propertyName: type
- oneOf:
- - $ref: '#/components/schemas/Cases_connector_properties_none'
- - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook'
- - $ref: '#/components/schemas/Cases_connector_properties_jira'
- - $ref: '#/components/schemas/Cases_connector_properties_resilient'
- - $ref: '#/components/schemas/Cases_connector_properties_servicenow'
- - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir'
- - $ref: '#/components/schemas/Cases_connector_properties_swimlane'
- title: Case response properties for connectors
- created_at:
- example: '2022-05-13T09:16:17.416Z'
- format: date-time
- type: string
- created_by:
- $ref: '#/components/schemas/Cases_case_response_created_by_properties'
- customFields:
- description: Custom field values for the case.
- items:
- type: object
- properties:
- key:
- description: |
- The unique identifier for the custom field. The key value must exist in the case configuration settings.
- type: string
- type:
- description: |
- The custom field type. It must match the type specified in the case configuration settings.
- enum:
- - text
- - toggle
- type: string
- value:
- description: |
- The custom field value. If the custom field is required, it cannot be explicitly set to null. However, for cases that existed when the required custom field was added, the default value stored in Elasticsearch is `undefined`. The value returned in the API and user interface in this case is `null`.
- oneOf:
- - maxLength: 160
- minLength: 1
- nullable: true
- type: string
- - type: boolean
- type: array
description:
- example: A case description.
type: string
- duration:
- description: |
- The elapsed time from the creation of the case to its closure (in seconds). If the case has not been closed, the duration is set to null. If the case was closed after less than half a second, the duration is rounded down to zero.
- example: 120
- nullable: true
- type: integer
- external_service:
+ Cases_payload_pushed:
+ type: object
+ properties:
+ externalService:
$ref: '#/components/schemas/Cases_external_service'
- id:
- example: 66b9aa00-94fa-11ea-9f74-e7e108796192
- type: string
- owner:
- $ref: '#/components/schemas/Cases_owner'
+ Cases_payload_settings:
+ type: object
+ properties:
settings:
$ref: '#/components/schemas/Cases_settings'
+ Cases_payload_severity:
+ type: object
+ properties:
severity:
$ref: '#/components/schemas/Cases_case_severity'
+ Cases_payload_status:
+ type: object
+ properties:
status:
$ref: '#/components/schemas/Cases_case_status'
+ Cases_payload_tags:
+ type: object
+ properties:
tags:
example:
- tag-1
items:
type: string
type: array
+ Cases_payload_title:
+ type: object
+ properties:
title:
- example: Case title 1
type: string
- totalAlerts:
- example: 0
- type: integer
- totalComment:
- description: The number of user comments on the case. Use the find case comments API to retrieve comment content.
- example: 1
- type: integer
- updated_at:
- format: date-time
- nullable: true
+ Cases_payload_user_comment:
+ type: object
+ properties:
+ comment:
+ type: object
+ properties:
+ comment:
+ type: string
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ type:
+ enum:
+ - user
+ type: string
+ Cases_response_4xx:
+ properties:
+ error:
+ example: Unauthorized
type: string
- updated_by:
- $ref: '#/components/schemas/Cases_case_response_updated_by_properties'
- version:
- example: WzUzMiwxXQ==
+ message:
type: string
- required:
- - closed_at
- - closed_by
- - connector
- - created_at
- - created_by
- - description
- - duration
- - external_service
- - id
- - owner
- - settings
- - severity
- - status
- - tags
- - title
- - totalAlerts
- - totalComment
- - updated_at
- - updated_by
- - version
- title: Get case response
+ statusCode:
+ example: 401
+ type: integer
+ title: Unsuccessful cases API response
type: object
- Cases_case_response_properties:
- title: Case response properties
+ Cases_rule:
+ description: |
+ The rule that is associated with the alerts. It is required only when `type` is `alert`. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
+ title: Alerting rule
type: object
properties:
- assignees:
- $ref: '#/components/schemas/Cases_assignees'
- category:
- description: The case category.
- nullable: true
+ id:
+ description: The rule identifier.
+ example: 94d80550-aaf4-11ec-985f-97e55adae8b9
type: string
- closed_at:
- format: date-time
- nullable: true
+ name:
+ description: The rule name.
+ example: security_rule
type: string
- closed_by:
- $ref: '#/components/schemas/Cases_case_response_closed_by_properties'
- comments:
- description: An array of comment objects for the case.
- items:
- discriminator:
- mapping:
- alert: '#/components/schemas/Cases_alert_comment_response_properties'
- user: '#/components/schemas/Cases_user_comment_response_properties'
- propertyName: type
- oneOf:
- - $ref: '#/components/schemas/Cases_alert_comment_response_properties'
- - $ref: '#/components/schemas/Cases_user_comment_response_properties'
- maxItems: 10000
- title: Case response properties for comments
- type: array
+ x-state: Technical preview
+ Cases_searchFieldsType:
+ description: The fields to perform the `simple_query_string` parsed query against.
+ enum:
+ - description
+ - title
+ type: string
+ Cases_searchFieldsTypeArray:
+ items:
+ $ref: '#/components/schemas/Cases_searchFieldsType'
+ type: array
+ Cases_set_case_configuration_request:
+ description: External connection details, such as the closure type and default connector for cases.
+ properties:
+ closure_type:
+ $ref: '#/components/schemas/Cases_closure_types'
connector:
- discriminator:
- mapping:
- .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook'
- .jira: '#/components/schemas/Cases_connector_properties_jira'
- .none: '#/components/schemas/Cases_connector_properties_none'
- .resilient: '#/components/schemas/Cases_connector_properties_resilient'
- .servicenow: '#/components/schemas/Cases_connector_properties_servicenow'
- .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir'
- .swimlane: '#/components/schemas/Cases_connector_properties_swimlane'
- propertyName: type
- oneOf:
- - $ref: '#/components/schemas/Cases_connector_properties_none'
- - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook'
- - $ref: '#/components/schemas/Cases_connector_properties_jira'
- - $ref: '#/components/schemas/Cases_connector_properties_resilient'
- - $ref: '#/components/schemas/Cases_connector_properties_servicenow'
- - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir'
- - $ref: '#/components/schemas/Cases_connector_properties_swimlane'
- title: Case response properties for connectors
- created_at:
- example: '2022-05-13T09:16:17.416Z'
- format: date-time
- type: string
- created_by:
- $ref: '#/components/schemas/Cases_case_response_created_by_properties'
+ description: An object that contains the connector configuration.
+ type: object
+ properties:
+ fields:
+ description: The fields specified in the case configuration are not used and are not propagated to individual cases, therefore it is recommended to set it to `null`.
+ nullable: true
+ type: object
+ id:
+ description: The identifier for the connector. If you do not want a default connector, use `none`. To retrieve connector IDs, use the find connectors API.
+ example: none
+ type: string
+ name:
+ description: The name of the connector. If you do not want a default connector, use `none`. To retrieve connector names, use the find connectors API.
+ example: none
+ type: string
+ type:
+ $ref: '#/components/schemas/Cases_connector_types'
+ required:
+ - fields
+ - id
+ - name
+ - type
customFields:
- description: Custom field values for the case.
+ description: Custom fields case configuration.
items:
type: object
properties:
+ defaultValue:
+ description: |
+ A default value for the custom field. If the `type` is `text`, the default value must be a string. If the `type` is `toggle`, the default value must be boolean.
+ oneOf:
+ - type: string
+ - type: boolean
key:
description: |
- The unique identifier for the custom field. The key value must exist in the case configuration settings.
+ A unique key for the custom field. Must be lower case and composed only of a-z, 0-9, '_', and '-' characters. It is used in API calls to refer to a specific custom field.
+ maxLength: 36
+ minLength: 1
+ type: string
+ label:
+ description: The custom field label that is displayed in the case.
+ maxLength: 50
+ minLength: 1
type: string
type:
- description: |
- The custom field type. It must match the type specified in the case configuration settings.
+ description: The type of the custom field.
enum:
- text
- toggle
- type: string
- value:
- description: |
- The custom field value. If the custom field is required, it cannot be explicitly set to null. However, for cases that existed when the required custom field was added, the default value stored in Elasticsearch is `undefined`. The value returned in the API and user interface in this case is `null`.
- oneOf:
- - maxLength: 160
- minLength: 1
- nullable: true
- type: string
- - type: boolean
- type: array
- description:
- example: A case description.
- type: string
- duration:
- description: |
- The elapsed time from the creation of the case to its closure (in seconds). If the case has not been closed, the duration is set to null. If the case was closed after less than half a second, the duration is rounded down to zero.
- example: 120
- nullable: true
- type: integer
- external_service:
- $ref: '#/components/schemas/Cases_external_service'
- id:
- example: 66b9aa00-94fa-11ea-9f74-e7e108796192
- type: string
+ type: string
+ required:
+ description: |
+ Indicates whether the field is required. If `false`, the custom field can be set to null or omitted when a case is created or updated.
+ type: boolean
+ required:
+ - key
+ - label
+ - required
+ - type
+ maxItems: 10
+ minItems: 0
+ type: array
owner:
$ref: '#/components/schemas/Cases_owner'
- settings:
- $ref: '#/components/schemas/Cases_settings'
- severity:
- $ref: '#/components/schemas/Cases_case_severity'
- status:
- $ref: '#/components/schemas/Cases_case_status'
- tags:
- example:
- - tag-1
- items:
- type: string
- type: array
- title:
- example: Case title 1
- type: string
- totalAlerts:
- example: 0
- type: integer
- totalComment:
- example: 0
- type: integer
- updated_at:
- format: date-time
- nullable: true
- type: string
- updated_by:
- $ref: '#/components/schemas/Cases_case_response_updated_by_properties'
- version:
- example: WzUzMiwxXQ==
- type: string
+ templates:
+ $ref: '#/components/schemas/Cases_templates'
required:
- - closed_at
- - closed_by
- - comments
+ - closure_type
- connector
- - created_at
- - created_by
- - description
- - duration
- - external_service
- - id
- owner
- - settings
- - severity
- - status
- - tags
- - title
- - totalAlerts
- - totalComment
- - updated_at
- - updated_by
- - version
- Cases_case_response_pushed_by_properties:
- nullable: true
- properties:
- email:
- example: null
- nullable: true
- type: string
- full_name:
- example: null
- nullable: true
- type: string
- profile_uid:
- example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
- type: string
- username:
- example: elastic
- nullable: true
- type: string
- required:
- - email
- - full_name
- - username
- title: Case response properties for pushed_by
+ title: Set case configuration request
+ type: object
+ Cases_settings:
+ description: An object that contains the case settings.
type: object
- Cases_case_response_updated_by_properties:
- nullable: true
properties:
- email:
- example: null
- nullable: true
- type: string
- full_name:
- example: null
- nullable: true
- type: string
- profile_uid:
- example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
- type: string
- username:
- example: elastic
- nullable: true
- type: string
+ extractObservables:
+ description: |
+ When true, observables (e.g. IPs, hashes, URLs) are automatically extracted from case comments. Optional; defaults to false when omitted.
+ example: false
+ type: boolean
+ syncAlerts:
+ description: Turns alert syncing on or off.
+ example: true
+ type: boolean
required:
- - email
- - full_name
- - username
- title: Case response properties for updated_by
- type: object
- Cases_case_severity:
- description: The severity of the case.
- enum:
- - critical
- - high
- - low
- - medium
- type: string
- Cases_case_status:
- description: The status of the case.
- enum:
- - closed
- - in-progress
- - open
+ - syncAlerts
+ Cases_string:
type: string
- Cases_case_tags:
+ Cases_string_array:
+ items:
+ $ref: '#/components/schemas/Cases_string'
+ maxItems: 100
+ type: array
+ Cases_template_tags:
description: |
- The words and phrases that help categorize cases. It can be an empty array.
+ The words and phrases that help categorize templates. It can be an empty array.
items:
maxLength: 256
type: string
maxItems: 200
type: array
- Cases_case_title:
- description: A title for the case.
- maxLength: 160
- type: string
- Cases_closure_types:
- description: Indicates whether a case is automatically closed when it is pushed to external systems (`close-by-pushing`) or not automatically closed (`close-by-user`).
- enum:
- - close-by-pushing
- - close-by-user
- example: close-by-user
- type: string
- Cases_connector_properties_cases_webhook:
- description: Defines properties for connectors when type is `.cases-webhook`.
+ Cases_templates:
+ items:
+ type: object
+ properties:
+ caseFields:
+ type: object
+ properties:
+ assignees:
+ $ref: '#/components/schemas/Cases_assignees'
+ category:
+ $ref: '#/components/schemas/Cases_case_category'
+ connector:
+ type: object
+ properties:
+ fields:
+ description: The fields specified in the case configuration are not used and are not propagated to individual cases, therefore it is recommended to set it to `null`.
+ nullable: true
+ type: object
+ id:
+ description: The identifier for the connector. If you do not want a default connector, use `none`. To retrieve connector IDs, use the find connectors API.
+ example: none
+ type: string
+ name:
+ description: The name of the connector. If you do not want a default connector, use `none`. To retrieve connector names, use the find connectors API.
+ example: none
+ type: string
+ type:
+ $ref: '#/components/schemas/Cases_connector_types'
+ customFields:
+ description: Custom field values in the template.
+ items:
+ type: object
+ properties:
+ key:
+ description: The unique key for the custom field.
+ type: string
+ type:
+ description: The type of the custom field.
+ enum:
+ - text
+ - toggle
+ type: string
+ value:
+ description: |
+ The default value for the custom field when a case uses the template. If the `type` is `text`, the default value must be a string. If the `type` is `toggle`, the default value must be boolean.
+ oneOf:
+ - type: string
+ - type: boolean
+ type: array
+ x-state: Technical preview
+ description:
+ $ref: '#/components/schemas/Cases_case_description'
+ settings:
+ $ref: '#/components/schemas/Cases_settings'
+ severity:
+ $ref: '#/components/schemas/Cases_case_severity'
+ tags:
+ $ref: '#/components/schemas/Cases_case_tags'
+ title:
+ $ref: '#/components/schemas/Cases_case_title'
+ description:
+ description: A description for the template.
+ type: string
+ key:
+ description: |
+ A unique key for the template. Must be lower case and composed only of a-z, 0-9, '_', and '-' characters. It is used in API calls to refer to a specific template.
+ type: string
+ name:
+ description: The name of the template.
+ type: string
+ tags:
+ $ref: '#/components/schemas/Cases_template_tags'
+ type: array
+ x-state: Technical preview
+ Cases_update_alert_comment_request_properties:
+ description: Defines properties for case comment requests when type is alert.
type: object
properties:
- fields:
- example: null
- nullable: true
- type: string
+ alertId:
+ $ref: '#/components/schemas/Cases_alert_identifiers'
id:
- description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
- type: string
- name:
- description: The name of the connector.
+ description: |
+ The identifier for the comment. To retrieve comment IDs, use the get comments API.
+ example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
type: string
+ index:
+ $ref: '#/components/schemas/Cases_alert_indices'
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ rule:
+ $ref: '#/components/schemas/Cases_rule'
type:
- description: The type of connector.
+ description: The type of comment.
enum:
- - .cases-webhook
- example: .cases-webhook
+ - alert
+ example: alert
+ type: string
+ version:
+ description: |
+ The current comment version. To retrieve version values, use the get comments API.
+ example: Wzk1LDFd
type: string
required:
- - fields
+ - alertId
- id
- - name
+ - index
+ - owner
+ - rule
- type
- title: Create or upate case request properties for Cases Webhook connector
- Cases_connector_properties_jira:
- description: Defines properties for connectors when type is `.jira`.
- type: object
+ - version
+ title: Update case comment request properties for alerts
+ Cases_update_case_comment_request:
+ description: The update case comment API request body varies depending on whether you are updating an alert or a comment.
+ discriminator:
+ mapping:
+ alert: '#/components/schemas/Cases_update_alert_comment_request_properties'
+ user: '#/components/schemas/Cases_update_user_comment_request_properties'
+ propertyName: type
+ oneOf:
+ - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties'
+ - $ref: '#/components/schemas/Cases_update_user_comment_request_properties'
+ title: Update case comment request
+ Cases_update_case_configuration_request:
+ description: |
+ You can update settings such as the closure type, custom fields, templates, and the default connector for cases.
properties:
- fields:
- description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
+ closure_type:
+ $ref: '#/components/schemas/Cases_closure_types'
+ connector:
+ description: An object that contains the connector configuration.
type: object
properties:
- issueType:
- description: The type of issue.
- nullable: true
- type: string
- parent:
- description: The key of the parent issue, when the issue type is sub-task.
+ fields:
+ description: The fields specified in the case configuration are not used and are not propagated to individual cases, therefore it is recommended to set it to `null`.
nullable: true
+ type: object
+ id:
+ description: The identifier for the connector. If you do not want a default connector, use `none`. To retrieve connector IDs, use the find connectors API.
+ example: none
type: string
- priority:
- description: The priority of the issue.
- nullable: true
+ name:
+ description: The name of the connector. If you do not want a default connector, use `none`. To retrieve connector names, use the find connectors API.
+ example: none
type: string
+ type:
+ $ref: '#/components/schemas/Cases_connector_types'
required:
- - issueType
- - parent
- - priority
- id:
- description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
- type: string
- name:
- description: The name of the connector.
- type: string
- type:
- description: The type of connector.
- enum:
- - .jira
- example: .jira
- type: string
- required:
- - fields
- - id
- - name
- - type
- title: Create or update case request properties for a Jira connector
- Cases_connector_properties_none:
- description: Defines properties for connectors when type is `.none`.
- type: object
- properties:
- fields:
- description: An object containing the connector fields. To create a case without a connector, specify null. To update a case to remove the connector, specify null.
- example: null
- nullable: true
- type: string
- id:
- description: The identifier for the connector. To create a case without a connector, use `none`. To update a case to remove the connector, specify `none`.
- example: none
- type: string
- name:
- description: The name of the connector. To create a case without a connector, use `none`. To update a case to remove the connector, specify `none`.
- example: none
- type: string
- type:
- description: The type of connector. To create a case without a connector, use `.none`. To update a case to remove the connector, specify `.none`.
- enum:
- - .none
- example: .none
+ - fields
+ - id
+ - name
+ - type
+ customFields:
+ description: Custom fields case configuration.
+ items:
+ type: object
+ properties:
+ defaultValue:
+ description: |
+ A default value for the custom field. If the `type` is `text`, the default value must be a string. If the `type` is `toggle`, the default value must be boolean.
+ oneOf:
+ - type: string
+ - type: boolean
+ key:
+ description: |
+ A unique key for the custom field. Must be lower case and composed only of a-z, 0-9, '_', and '-' characters. It is used in API calls to refer to a specific custom field.
+ maxLength: 36
+ minLength: 1
+ type: string
+ label:
+ description: The custom field label that is displayed in the case.
+ maxLength: 50
+ minLength: 1
+ type: string
+ type:
+ description: The type of the custom field.
+ enum:
+ - text
+ - toggle
+ type: string
+ required:
+ description: |
+ Indicates whether the field is required. If `false`, the custom field can be set to null or omitted when a case is created or updated.
+ type: boolean
+ required:
+ - key
+ - label
+ - required
+ - type
+ type: array
+ templates:
+ $ref: '#/components/schemas/Cases_templates'
+ version:
+ description: |
+ The version of the connector. To retrieve the version value, use the get configuration API.
+ example: WzIwMiwxXQ==
type: string
required:
- - fields
- - id
- - name
- - type
- title: Create or update case request properties for no connector
- Cases_connector_properties_resilient:
- description: Defines properties for connectors when type is `.resilient`.
+ - version
+ title: Update case configuration request
type: object
+ Cases_update_case_request:
+ description: The update case API request body varies depending on the type of connector.
properties:
- fields:
- description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
- nullable: true
- type: object
- properties:
- issueTypes:
- description: The type of incident.
- items:
+ cases:
+ description: An array containing one or more case objects.
+ items:
+ type: object
+ properties:
+ assignees:
+ $ref: '#/components/schemas/Cases_assignees'
+ category:
+ $ref: '#/components/schemas/Cases_case_category'
+ connector:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_connector_properties_none'
+ - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook'
+ - $ref: '#/components/schemas/Cases_connector_properties_jira'
+ - $ref: '#/components/schemas/Cases_connector_properties_resilient'
+ - $ref: '#/components/schemas/Cases_connector_properties_servicenow'
+ - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir'
+ - $ref: '#/components/schemas/Cases_connector_properties_swimlane'
+ customFields:
+ description: |
+ Custom field values for a case. Any optional custom fields that are not specified in the request are set to null.
+ items:
+ type: object
+ properties:
+ key:
+ description: |
+ The unique identifier for the custom field. The key value must exist in the case configuration settings.
+ type: string
+ type:
+ description: |
+ The custom field type. It must match the type specified in the case configuration settings.
+ enum:
+ - text
+ - toggle
+ type: string
+ value:
+ description: |
+ The custom field value. If the custom field is required, it cannot be explicitly set to null. However, for cases that existed when the required custom field was added, the default value stored in Elasticsearch is `undefined`. The value returned in the API and user interface in this case is `null`.
+ oneOf:
+ - maxLength: 160
+ minLength: 1
+ nullable: true
+ type: string
+ - type: boolean
+ required:
+ - key
+ - type
+ - value
+ maxItems: 10
+ minItems: 0
+ type: array
+ description:
+ $ref: '#/components/schemas/Cases_case_description'
+ id:
+ description: The identifier for the case.
+ maxLength: 30000
type: string
- type: array
- severityCode:
- description: The severity code of the incident.
- type: string
- required:
- - issueTypes
- - severityCode
- id:
- description: The identifier for the connector.
+ settings:
+ $ref: '#/components/schemas/Cases_settings'
+ severity:
+ $ref: '#/components/schemas/Cases_case_severity'
+ status:
+ $ref: '#/components/schemas/Cases_case_status'
+ tags:
+ $ref: '#/components/schemas/Cases_case_tags'
+ title:
+ $ref: '#/components/schemas/Cases_case_title'
+ version:
+ description: |
+ The current version of the case. To determine this value, use the get case or search cases (`_find`) APIs.
+ type: string
+ required:
+ - id
+ - version
+ maxItems: 100
+ minItems: 1
+ type: array
+ required:
+ - cases
+ title: Update case request
+ type: object
+ Cases_update_user_comment_request_properties:
+ description: Defines properties for case comment requests when type is user.
+ properties:
+ comment:
+ description: The new comment. It is required only when `type` is `user`.
+ example: A new comment.
+ maxLength: 30000
type: string
- name:
- description: The name of the connector.
+ id:
+ description: |
+ The identifier for the comment. To retrieve comment IDs, use the get comments API.
+ example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
type: string
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
type:
- description: The type of connector.
+ description: The type of comment.
enum:
- - .resilient
- example: .resilient
+ - user
+ example: user
+ type: string
+ version:
+ description: |
+ The current comment version. To retrieve version values, use the get comments API.
+ example: Wzk1LDFd
type: string
required:
- - fields
+ - comment
- id
- - name
+ - owner
- type
- title: Create case request properties for a IBM Resilient connector
- Cases_connector_properties_servicenow:
- description: Defines properties for connectors when type is `.servicenow`.
+ - version
+ title: Update case comment request properties for user comments
+ type: object
+ Cases_user_actions_find_response_properties:
type: object
properties:
- fields:
- description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
+ action:
+ $ref: '#/components/schemas/Cases_actions'
+ comment_id:
+ example: 578608d0-03b1-11ed-920c-974bfa104448
+ nullable: true
+ type: string
+ created_at:
+ example: '2022-05-13T09:16:17.416Z'
+ format: date-time
+ type: string
+ created_by:
type: object
properties:
- category:
- description: The category of the incident.
- nullable: true
- type: string
- impact:
- description: The effect an incident had on business.
+ email:
+ example: null
nullable: true
type: string
- severity:
- description: The severity of the incident.
+ full_name:
+ example: null
nullable: true
type: string
- subcategory:
- description: The subcategory of the incident.
- nullable: true
+ profile_uid:
+ example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
type: string
- urgency:
- description: The extent to which the incident resolution can be delayed.
+ username:
+ example: elastic
nullable: true
type: string
required:
- - category
- - impact
- - severity
- - subcategory
- - urgency
+ - email
+ - full_name
+ - username
id:
- description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
- type: string
- name:
- description: The name of the connector.
+ example: 22fd3e30-03b1-11ed-920c-974bfa104448
type: string
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ payload:
+ oneOf:
+ - $ref: '#/components/schemas/Cases_payload_alert_comment'
+ - $ref: '#/components/schemas/Cases_payload_assignees'
+ - $ref: '#/components/schemas/Cases_payload_connector'
+ - $ref: '#/components/schemas/Cases_payload_create_case'
+ - $ref: '#/components/schemas/Cases_payload_delete'
+ - $ref: '#/components/schemas/Cases_payload_description'
+ - $ref: '#/components/schemas/Cases_payload_pushed'
+ - $ref: '#/components/schemas/Cases_payload_settings'
+ - $ref: '#/components/schemas/Cases_payload_severity'
+ - $ref: '#/components/schemas/Cases_payload_status'
+ - $ref: '#/components/schemas/Cases_payload_tags'
+ - $ref: '#/components/schemas/Cases_payload_title'
+ - $ref: '#/components/schemas/Cases_payload_user_comment'
type:
- description: The type of connector.
+ description: The type of action.
enum:
- - .servicenow
- example: .servicenow
+ - assignees
+ - create_case
+ - comment
+ - connector
+ - description
+ - pushed
+ - tags
+ - title
+ - status
+ - settings
+ - severity
+ example: create_case
+ type: string
+ version:
+ example: WzM1ODg4LDFd
type: string
required:
- - fields
+ - action
+ - comment_id
+ - created_at
+ - created_by
- id
- - name
+ - owner
+ - payload
- type
- title: Create case request properties for a ServiceNow ITSM connector
- Cases_connector_properties_servicenow_sir:
- description: Defines properties for connectors when type is `.servicenow-sir`.
+ - version
+ Cases_user_comment_response_properties:
+ title: Case response properties for user comments
type: object
properties:
- fields:
- description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
- type: object
- properties:
- category:
- description: The category of the incident.
- nullable: true
- type: string
- destIp:
- description: Indicates whether cases will send a comma-separated list of destination IPs.
- nullable: true
- type: boolean
- malwareHash:
- description: Indicates whether cases will send a comma-separated list of malware hashes.
- nullable: true
- type: boolean
- malwareUrl:
- description: Indicates whether cases will send a comma-separated list of malware URLs.
- nullable: true
- type: boolean
- priority:
- description: The priority of the issue.
- nullable: true
- type: string
- sourceIp:
- description: Indicates whether cases will send a comma-separated list of source IPs.
- nullable: true
- type: boolean
- subcategory:
- description: The subcategory of the incident.
- nullable: true
- type: string
- required:
- - category
- - destIp
- - malwareHash
- - malwareUrl
- - priority
- - sourceIp
- - subcategory
+ comment:
+ example: A new comment.
+ type: string
+ created_at:
+ example: '2022-05-13T09:16:17.416Z'
+ format: date-time
+ type: string
+ created_by:
+ $ref: '#/components/schemas/Cases_case_response_created_by_properties'
id:
- description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
+ example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
type: string
- name:
- description: The name of the connector.
+ owner:
+ $ref: '#/components/schemas/Cases_owner'
+ pushed_at:
+ example: null
+ format: date-time
+ nullable: true
type: string
+ pushed_by:
+ $ref: '#/components/schemas/Cases_case_response_pushed_by_properties'
type:
- description: The type of connector.
enum:
- - .servicenow-sir
- example: .servicenow-sir
+ - user
+ example: user
+ type: string
+ updated_at:
+ example: null
+ format: date-time
+ nullable: true
+ type: string
+ updated_by:
+ $ref: '#/components/schemas/Cases_case_response_updated_by_properties'
+ version:
+ example: WzIwNDMxLDFd
type: string
required:
- - fields
- - id
- - name
- type
- title: Create case request properties for a ServiceNow SecOps connector
- Cases_connector_properties_swimlane:
- description: Defines properties for connectors when type is `.swimlane`.
+ Data_views_400_response:
+ title: Bad request
type: object
properties:
- fields:
- description: An object containing the connector fields. If you want to omit any individual field, specify null as its value.
- type: object
- properties:
- caseId:
- description: The case identifier for Swimlane connectors.
- nullable: true
- type: string
- required:
- - caseId
- id:
- description: The identifier for the connector. To retrieve connector IDs, use the find connectors API.
- type: string
- name:
- description: The name of the connector.
+ error:
+ example: Bad Request
type: string
- type:
- description: The type of connector.
- enum:
- - .swimlane
- example: .swimlane
+ message:
type: string
+ statusCode:
+ example: 400
+ type: number
required:
- - fields
- - id
- - name
- - type
- title: Create case request properties for a Swimlane connector
- Cases_connector_types:
- description: The type of connector.
- enum:
- - .cases-webhook
- - .jira
- - .none
- - .resilient
- - .servicenow
- - .servicenow-sir
- - .swimlane
- example: .none
- type: string
- Cases_create_case_request:
- description: The create case API request body varies depending on the type of connector.
- properties:
- assignees:
- $ref: '#/components/schemas/Cases_assignees'
- category:
- $ref: '#/components/schemas/Cases_case_category'
- connector:
- oneOf:
- - $ref: '#/components/schemas/Cases_connector_properties_none'
- - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook'
- - $ref: '#/components/schemas/Cases_connector_properties_jira'
- - $ref: '#/components/schemas/Cases_connector_properties_resilient'
- - $ref: '#/components/schemas/Cases_connector_properties_servicenow'
- - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir'
- - $ref: '#/components/schemas/Cases_connector_properties_swimlane'
- customFields:
- description: |
- Custom field values for a case. Any optional custom fields that are not specified in the request are set to null.
- items:
- type: object
- properties:
- key:
- description: |
- The unique identifier for the custom field. The key value must exist in the case configuration settings.
- type: string
- type:
- description: |
- The custom field type. It must match the type specified in the case configuration settings.
- enum:
- - text
- - toggle
- type: string
- value:
- description: |
- The custom field value. If the custom field is required, it cannot be explicitly set to null. However, for cases that existed when the required custom field was added, the default value stored in Elasticsearch is `undefined`. The value returned in the API and user interface in this case is `null`.
- oneOf:
- - maxLength: 160
- minLength: 1
- nullable: true
- type: string
- - type: boolean
- required:
- - key
- - type
- - value
- maxItems: 10
- minItems: 0
- type: array
- description:
- $ref: '#/components/schemas/Cases_case_description'
- owner:
- $ref: '#/components/schemas/Cases_owner'
- settings:
- $ref: '#/components/schemas/Cases_settings'
- severity:
- $ref: '#/components/schemas/Cases_case_severity'
- tags:
- $ref: '#/components/schemas/Cases_case_tags'
- title:
- $ref: '#/components/schemas/Cases_case_title'
- required:
- - connector
- - description
- - owner
- - settings
- - tags
- - title
- title: Create case request
- type: object
- Cases_external_service:
- nullable: true
+ - statusCode
+ - error
+ - message
+ Data_views_404_response:
type: object
properties:
- connector_id:
- type: string
- connector_name:
- type: string
- external_id:
- type: string
- external_title:
- type: string
- external_url:
+ error:
+ enum:
+ - Not Found
+ example: Not Found
type: string
- pushed_at:
- format: date-time
+ message:
+ example: Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] not found
type: string
- pushed_by:
- nullable: true
+ statusCode:
+ enum:
+ - 404
+ example: 404
+ type: integer
+ Data_views_allownoindex:
+ description: Allows the data view saved object to exist before the data is available. Defaults to `false`.
+ type: boolean
+ Data_views_create_data_view_request_object:
+ title: Create data view request
+ type: object
+ properties:
+ data_view:
+ description: The data view object.
type: object
properties:
- email:
- example: null
- nullable: true
+ allowNoIndex:
+ $ref: '#/components/schemas/Data_views_allownoindex'
+ fieldAttrs:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_fieldattrs'
+ type: object
+ fieldFormats:
+ $ref: '#/components/schemas/Data_views_fieldformats'
+ fields:
+ type: object
+ id:
type: string
- full_name:
- example: null
- nullable: true
+ name:
+ description: The data view name.
type: string
- profile_uid:
- example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
+ namespaces:
+ $ref: '#/components/schemas/Data_views_namespaces'
+ runtimeFieldMap:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_runtimefieldmap'
+ type: object
+ sourceFilters:
+ $ref: '#/components/schemas/Data_views_sourcefilters'
+ timeFieldName:
+ $ref: '#/components/schemas/Data_views_timefieldname'
+ title:
+ $ref: '#/components/schemas/Data_views_title'
+ type:
+ $ref: '#/components/schemas/Data_views_type'
+ typeMeta:
+ $ref: '#/components/schemas/Data_views_typemeta'
+ version:
type: string
- username:
- example: elastic
- nullable: true
+ required:
+ - title
+ override:
+ default: false
+ description: Override an existing data view if a data view with the provided title already exists.
+ type: boolean
+ required:
+ - data_view
+ Data_views_data_view_response_object:
+ title: Data view response properties
+ type: object
+ properties:
+ data_view:
+ type: object
+ properties:
+ allowNoIndex:
+ $ref: '#/components/schemas/Data_views_allownoindex'
+ fieldAttrs:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_fieldattrs'
+ type: object
+ fieldFormats:
+ $ref: '#/components/schemas/Data_views_fieldformats'
+ fields:
+ type: object
+ id:
+ example: ff959d40-b880-11e8-a6d9-e546fe2bba5f
type: string
- Cases_find_comments_response:
- title: Find case comments response
+ name:
+ description: The data view name.
+ type: string
+ namespaces:
+ $ref: '#/components/schemas/Data_views_namespaces'
+ runtimeFieldMap:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_runtimefieldmap'
+ type: object
+ sourceFilters:
+ $ref: '#/components/schemas/Data_views_sourcefilters'
+ timeFieldName:
+ $ref: '#/components/schemas/Data_views_timefieldname'
+ title:
+ $ref: '#/components/schemas/Data_views_title'
+ typeMeta:
+ $ref: '#/components/schemas/Data_views_typemeta_response'
+ version:
+ example: WzQ2LDJd
+ type: string
+ Data_views_fieldattrs:
+ description: A map of field attributes by field name.
type: object
properties:
- comments:
- description: Paginated list of user comments for the case.
- items:
- $ref: '#/components/schemas/Cases_user_comment_response_properties'
- type: array
- page:
- description: The current page index.
- type: integer
- per_page:
- description: The number of items per page.
- type: integer
- total:
- description: The total number of comments.
+ count:
+ description: Popularity count for the field.
type: integer
- required:
- - comments
- - page
- - per_page
- - total
- Cases_owner:
- description: |
- The application that owns the cases: Stack Management, Observability, or Elastic Security.
- enum:
- - cases
- - observability
- - securitySolution
- example: cases
- type: string
- Cases_owners:
+ customDescription:
+ description: Custom description for the field.
+ maxLength: 300
+ type: string
+ customLabel:
+ description: Custom label for the field.
+ type: string
+ Data_views_fieldformats:
+ description: A map of field formats by field name.
+ type: object
+ Data_views_namespaces:
+ description: An array of space identifiers for sharing the data view between multiple spaces.
items:
- $ref: '#/components/schemas/Cases_owner'
+ default: default
+ type: string
type: array
- Cases_payload_alert_comment:
+ Data_views_runtimefieldmap:
+ description: A map of runtime field definitions by field name.
type: object
properties:
- comment:
+ script:
type: object
properties:
- alertId:
- oneOf:
- - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d
- type: string
- - items:
- type: string
- type: array
- index:
- oneOf:
- - example: .alerts-observability.logs.alerts-default
- type: string
- - items:
- type: string
- type: array
- owner:
- $ref: '#/components/schemas/Cases_owner'
- rule:
- type: object
- properties:
- id:
- description: The rule identifier.
- example: 94d80550-aaf4-11ec-985f-97e55adae8b9
- type: string
- name:
- description: The rule name.
- example: security_rule
- type: string
- type:
- enum:
- - alert
+ source:
+ description: Script for the runtime field.
type: string
- Cases_payload_assignees:
+ type:
+ description: Mapping type of the runtime field.
+ type: string
+ required:
+ - script
+ - type
+ Data_views_sourcefilters:
+ description: The array of field names you want to filter out in Discover.
+ items:
+ type: object
+ properties:
+ value:
+ type: string
+ required:
+ - value
+ type: array
+ Data_views_swap_data_view_request_object:
+ title: Data view reference swap request
type: object
properties:
- assignees:
- $ref: '#/components/schemas/Cases_assignees'
- Cases_payload_connector:
+ delete:
+ description: Deletes referenced saved object if all references are removed.
+ type: boolean
+ forId:
+ description: Limit the affected saved objects to one or more by identifier.
+ oneOf:
+ - type: string
+ - items:
+ type: string
+ type: array
+ forType:
+ description: Limit the affected saved objects by type.
+ type: string
+ fromId:
+ description: The saved object reference to change.
+ type: string
+ fromType:
+ description: |
+ Specify the type of the saved object reference to alter. The default value is `index-pattern` for data views.
+ type: string
+ toId:
+ description: New saved object reference value to replace the old value.
+ type: string
+ required:
+ - fromId
+ - toId
+ Data_views_timefieldname:
+ description: The timestamp field name, which you use for time-based data views.
+ type: string
+ Data_views_title:
+ description: Comma-separated list of data streams, indices, and aliases that you want to search. Supports wildcards (`*`).
+ type: string
+ Data_views_type:
+ description: When set to `rollup`, identifies the rollup data views.
+ type: string
+ Data_views_typemeta:
+ description: When you use rollup indices, contains the field list for the rollup data view API endpoints.
type: object
properties:
- connector:
+ aggs:
+ description: A map of rollup restrictions by aggregation type and field name.
+ type: object
+ params:
+ description: Properties for retrieving rollup fields.
+ type: object
+ required:
+ - aggs
+ - params
+ Data_views_typemeta_response:
+ description: When you use rollup indices, contains the field list for the rollup data view API endpoints.
+ nullable: true
+ type: object
+ properties:
+ aggs:
+ description: A map of rollup restrictions by aggregation type and field name.
+ type: object
+ params:
+ description: Properties for retrieving rollup fields.
+ type: object
+ Data_views_update_data_view_request_object:
+ title: Update data view request
+ type: object
+ properties:
+ data_view:
+ description: |
+ The data view properties you want to update. Only the specified properties are updated in the data view. Unspecified fields stay as they are persisted.
type: object
properties:
+ allowNoIndex:
+ $ref: '#/components/schemas/Data_views_allownoindex'
+ fieldFormats:
+ $ref: '#/components/schemas/Data_views_fieldformats'
fields:
- description: An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.
- example: null
- nullable: true
type: object
- properties:
- caseId:
- description: The case identifier for Swimlane connectors.
- type: string
- category:
- description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
- type: string
- destIp:
- description: Indicates whether cases will send a comma-separated list of destination IPs for ServiceNow SecOps connectors.
- nullable: true
- type: boolean
- impact:
- description: The effect an incident had on business for ServiceNow ITSM connectors.
- type: string
- issueType:
- description: The type of issue for Jira connectors.
- type: string
- issueTypes:
- description: The type of incident for IBM Resilient connectors.
- items:
- type: string
- type: array
- malwareHash:
- description: Indicates whether cases will send a comma-separated list of malware hashes for ServiceNow SecOps connectors.
- nullable: true
- type: boolean
- malwareUrl:
- description: Indicates whether cases will send a comma-separated list of malware URLs for ServiceNow SecOps connectors.
- nullable: true
- type: boolean
- parent:
- description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
- type: string
- priority:
- description: The priority of the issue for Jira and ServiceNow SecOps connectors.
- type: string
- severity:
- description: The severity of the incident for ServiceNow ITSM connectors.
- type: string
- severityCode:
- description: The severity code of the incident for IBM Resilient connectors.
- type: string
- sourceIp:
- description: Indicates whether cases will send a comma-separated list of source IPs for ServiceNow SecOps connectors.
- nullable: true
- type: boolean
- subcategory:
- description: The subcategory of the incident for ServiceNow ITSM connectors.
- type: string
- urgency:
- description: The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors.
- type: string
- id:
- description: The identifier for the connector. To create a case without a connector, use `none`.
- example: none
- type: string
name:
- description: The name of the connector. To create a case without a connector, use `none`.
- example: none
type: string
+ runtimeFieldMap:
+ additionalProperties:
+ $ref: '#/components/schemas/Data_views_runtimefieldmap'
+ type: object
+ sourceFilters:
+ $ref: '#/components/schemas/Data_views_sourcefilters'
+ timeFieldName:
+ $ref: '#/components/schemas/Data_views_timefieldname'
+ title:
+ $ref: '#/components/schemas/Data_views_title'
type:
- $ref: '#/components/schemas/Cases_connector_types'
- Cases_payload_create_case:
- type: object
- properties:
- assignees:
- $ref: '#/components/schemas/Cases_assignees'
- connector:
+ $ref: '#/components/schemas/Data_views_type'
+ typeMeta:
+ $ref: '#/components/schemas/Data_views_typemeta'
+ refresh_fields:
+ default: false
+ description: Reloads the data view fields after the data view is updated.
+ type: boolean
+ required:
+ - data_view
+ Kibana_HTTP_APIs__zod_v4_3___schema0:
+ anyOf:
+ - additionalProperties: false
type: object
properties:
- fields:
- description: An object containing the connector fields. To create a case without a connector, specify null. If you want to omit any individual field, specify null as its value.
- example: null
- nullable: true
+ objects:
+ additionalProperties: false
type: object
properties:
- caseId:
- description: The case identifier for Swimlane connectors.
- type: string
- category:
- description: The category of the incident for ServiceNow ITSM and ServiceNow SecOps connectors.
- type: string
- destIp:
- description: Indicates whether cases will send a comma-separated list of destination IPs for ServiceNow SecOps connectors.
- nullable: true
+ all:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - all
+ required:
+ - objects
+ - additionalProperties: false
+ type: object
+ properties:
+ objects:
+ additionalProperties: false
+ type: object
+ properties:
+ mappings:
type: boolean
- impact:
- description: The effect an incident had on business for ServiceNow ITSM connectors.
- type: string
- issueType:
- description: The type of issue for Jira connectors.
- type: string
- issueTypes:
- description: The type of incident for IBM Resilient connectors.
+ queries:
items:
- type: string
+ type: object
+ properties:
+ id:
+ type: string
+ required:
+ - id
type: array
- malwareHash:
- description: Indicates whether cases will send a comma-separated list of malware hashes for ServiceNow SecOps connectors.
- nullable: true
- type: boolean
- malwareUrl:
- description: Indicates whether cases will send a comma-separated list of malware URLs for ServiceNow SecOps connectors.
- nullable: true
- type: boolean
- parent:
- description: The key of the parent issue, when the issue type is sub-task for Jira connectors.
+ routing:
+ items:
+ allOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0'
+ - type: object
+ properties:
+ destination:
+ type: string
+ required:
+ - destination
+ type: array
+ required:
+ - mappings
+ - queries
+ - routing
+ required:
+ - objects
+ Kibana_HTTP_APIs_ClassicFieldDefinition:
+ additionalProperties:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinitionConfig'
+ type: object
+ Kibana_HTTP_APIs_ClassicFieldDefinitionConfig:
+ allOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord'
+ - anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ description:
type: string
- priority:
- description: The priority of the issue for Jira and ServiceNow SecOps connectors.
+ format:
+ description: A non-empty string.
+ minLength: 1
type: string
- severity:
- description: The severity of the incident for ServiceNow ITSM connectors.
+ type:
+ enum:
+ - keyword
+ - match_only_text
+ - long
+ - double
+ - date
+ - boolean
+ - ip
+ - geo_point
+ - integer
+ - short
+ - byte
+ - float
+ - half_float
+ - text
+ - wildcard
+ - version
+ - unsigned_long
+ - date_nanos
type: string
- severityCode:
- description: The severity code of the incident for IBM Resilient connectors.
+ required:
+ - type
+ - additionalProperties: false
+ type: object
+ properties:
+ description:
type: string
- sourceIp:
- description: Indicates whether cases will send a comma-separated list of source IPs for ServiceNow SecOps connectors.
- nullable: true
- type: boolean
- subcategory:
- description: The subcategory of the incident for ServiceNow ITSM connectors.
+ type:
+ enum:
+ - system
type: string
- urgency:
- description: The extent to which the incident resolution can be delayed for ServiceNow ITSM connectors.
+ required:
+ - type
+ Kibana_HTTP_APIs_ClassicStreamUpsertRequest:
+ additionalProperties: false
+ type: object
+ properties:
+ dashboards:
+ items:
+ type: string
+ type: array
+ queries:
+ items:
+ type: object
+ properties:
+ description:
+ type: string
+ esql:
+ type: object
+ properties:
+ query:
+ type: string
+ required:
+ - query
+ evidence:
+ items:
type: string
- id:
- description: The identifier for the connector. To create a case without a connector, use `none`.
- example: none
- type: string
- name:
- description: The name of the connector. To create a case without a connector, use `none`.
- example: none
- type: string
- type:
- $ref: '#/components/schemas/Cases_connector_types'
- description:
- type: string
- owner:
- $ref: '#/components/schemas/Cases_owner'
- settings:
- $ref: '#/components/schemas/Cases_settings'
- severity:
- $ref: '#/components/schemas/Cases_case_severity'
- status:
- $ref: '#/components/schemas/Cases_case_status'
- tags:
- example:
- - tag-1
+ type: array
+ id:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ severity_score:
+ type: number
+ title:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ required:
+ - id
+ - title
+ - description
+ - esql
+ type: array
+ rules:
items:
type: string
type: array
- title:
- type: string
- Cases_payload_delete:
- description: If the `action` is `delete` and the `type` is `delete_case`, the payload is nullable.
- nullable: true
- type: object
- Cases_payload_description:
- type: object
- properties:
- description:
- type: string
- Cases_payload_pushed:
- type: object
- properties:
- externalService:
- $ref: '#/components/schemas/Cases_external_service'
- Cases_payload_settings:
- type: object
- properties:
- settings:
- $ref: '#/components/schemas/Cases_settings'
- Cases_payload_severity:
- type: object
- properties:
- severity:
- $ref: '#/components/schemas/Cases_case_severity'
- Cases_payload_status:
- type: object
+ stream:
+ additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ ingest:
+ additionalProperties: false
+ type: object
+ properties:
+ classic:
+ additionalProperties: false
+ type: object
+ properties:
+ field_overrides:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinition'
+ failure_store:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore'
+ lifecycle:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle'
+ processing:
+ additionalProperties: false
+ type: object
+ properties:
+ steps:
+ items:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep'
+ type: array
+ updated_at: {}
+ required:
+ - steps
+ settings:
+ additionalProperties: false
+ type: object
+ properties:
+ index.number_of_replicas:
+ additionalProperties: false
+ type: object
+ properties:
+ value:
+ type: number
+ required:
+ - value
+ index.number_of_shards:
+ additionalProperties: false
+ type: object
+ properties:
+ value:
+ type: number
+ required:
+ - value
+ index.refresh_interval:
+ additionalProperties: false
+ type: object
+ properties:
+ value:
+ anyOf:
+ - type: string
+ - enum:
+ - -1
+ type: number
+ required:
+ - value
+ required:
+ - lifecycle
+ - processing
+ - settings
+ - failure_store
+ - classic
+ query_streams:
+ items:
+ type: object
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: array
+ type:
+ enum:
+ - classic
+ type: string
+ required:
+ - description
+ - ingest
+ - type
+ required:
+ - dashboards
+ - rules
+ - queries
+ - stream
+ Kibana_HTTP_APIs_Condition:
+ anyOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_FilterCondition'
+ - additionalProperties: false
+ description: A logical AND that groups multiple conditions.
+ type: object
+ properties:
+ and:
+ description: An array of conditions. All sub-conditions must be true for this condition to be true.
+ items:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ type: array
+ required:
+ - and
+ - additionalProperties: false
+ description: A logical OR that groups multiple conditions.
+ type: object
+ properties:
+ or:
+ description: An array of conditions. At least one sub-condition must be true for this condition to be true.
+ items:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ type: array
+ required:
+ - or
+ - additionalProperties: false
+ description: A logical NOT that negates a condition.
+ type: object
+ properties:
+ not:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ description: A condition that negates another condition.
+ required:
+ - not
+ - additionalProperties: false
+ description: A condition that always evaluates to false.
+ type: object
+ properties:
+ never:
+ additionalProperties: false
+ description: An empty object. This condition never matches.
+ type: object
+ properties: {}
+ required:
+ - never
+ - additionalProperties: false
+ description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered.
+ type: object
+ properties:
+ always:
+ additionalProperties: false
+ description: An empty object. This condition always matches.
+ type: object
+ properties: {}
+ required:
+ - always
+ description: The root condition object. It can be a simple filter or a combination of other conditions.
+ Kibana_HTTP_APIs_ConditionWithSteps:
+ allOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ - additionalProperties: false
+ type: object
+ properties:
+ steps:
+ items:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep'
+ type: array
+ required:
+ - steps
+ Kibana_HTTP_APIs_core_status_redactedResponse:
+ additionalProperties: false
+ description: A minimal representation of Kibana's operational status.
properties:
status:
- $ref: '#/components/schemas/Cases_case_status'
- Cases_payload_tags:
- type: object
- properties:
- tags:
- example:
- - tag-1
- items:
- type: string
- type: array
- Cases_payload_title:
- type: object
- properties:
- title:
- type: string
- Cases_payload_user_comment:
+ additionalProperties: false
+ type: object
+ properties:
+ overall:
+ additionalProperties: false
+ type: object
+ properties:
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ required:
+ - level
+ required:
+ - overall
+ required:
+ - status
+ title: core_status_redactedResponse
type: object
+ Kibana_HTTP_APIs_core_status_response:
+ additionalProperties: false
+ description: Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request.
properties:
- comment:
+ metrics:
+ additionalProperties: false
+ description: Metric groups collected by Kibana.
type: object
properties:
- comment:
- type: string
- owner:
- $ref: '#/components/schemas/Cases_owner'
- type:
- enum:
- - user
+ collection_interval_in_millis:
+ description: The interval at which metrics should be collected.
+ type: number
+ elasticsearch_client:
+ additionalProperties: false
+ description: Current network metrics of Kibana's Elasticsearch client.
+ type: object
+ properties:
+ totalActiveSockets:
+ description: Count of network sockets currently in use.
+ type: number
+ totalIdleSockets:
+ description: Count of network sockets currently idle.
+ type: number
+ totalQueuedRequests:
+ description: Count of requests not yet assigned to sockets.
+ type: number
+ required:
+ - totalActiveSockets
+ - totalIdleSockets
+ - totalQueuedRequests
+ last_updated:
+ description: The time metrics were collected.
type: string
- Cases_response_4xx:
- properties:
- error:
- example: Unauthorized
- type: string
- message:
- type: string
- statusCode:
- example: 401
- type: integer
- title: Unsuccessful cases API response
- type: object
- Cases_rule:
- description: |
- The rule that is associated with the alerts. It is required only when `type` is `alert`. This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.
- title: Alerting rule
- type: object
- properties:
- id:
- description: The rule identifier.
- example: 94d80550-aaf4-11ec-985f-97e55adae8b9
- type: string
+ required:
+ - elasticsearch_client
+ - last_updated
+ - collection_interval_in_millis
name:
- description: The rule name.
- example: security_rule
+ description: Kibana instance name.
type: string
- x-state: Technical preview
- Cases_searchFieldsType:
- description: The fields to perform the `simple_query_string` parsed query against.
- enum:
- - description
- - title
- type: string
- Cases_searchFieldsTypeArray:
- items:
- $ref: '#/components/schemas/Cases_searchFieldsType'
- type: array
- Cases_set_case_configuration_request:
- description: External connection details, such as the closure type and default connector for cases.
- properties:
- closure_type:
- $ref: '#/components/schemas/Cases_closure_types'
- connector:
- description: An object that contains the connector configuration.
+ status:
+ additionalProperties: false
type: object
properties:
- fields:
- description: The fields specified in the case configuration are not used and are not propagated to individual cases, therefore it is recommended to set it to `null`.
- nullable: true
+ core:
+ additionalProperties: false
+ description: Statuses of core Kibana services.
type: object
- id:
- description: The identifier for the connector. If you do not want a default connector, use `none`. To retrieve connector IDs, use the find connectors API.
- example: none
- type: string
- name:
- description: The name of the connector. If you do not want a default connector, use `none`. To retrieve connector names, use the find connectors API.
- example: none
- type: string
- type:
- $ref: '#/components/schemas/Cases_connector_types'
- required:
- - fields
- - id
- - name
- - type
- customFields:
- description: Custom fields case configuration.
- items:
- type: object
- properties:
- defaultValue:
- description: |
- A default value for the custom field. If the `type` is `text`, the default value must be a string. If the `type` is `toggle`, the default value must be boolean.
- oneOf:
- - type: string
- - type: boolean
- key:
- description: |
- A unique key for the custom field. Must be lower case and composed only of a-z, 0-9, '_', and '-' characters. It is used in API calls to refer to a specific custom field.
- maxLength: 36
- minLength: 1
- type: string
- label:
- description: The custom field label that is displayed in the case.
- maxLength: 50
- minLength: 1
- type: string
- type:
- description: The type of the custom field.
- enum:
- - text
- - toggle
- type: string
- required:
- description: |
- Indicates whether the field is required. If `false`, the custom field can be set to null or omitted when a case is created or updated.
- type: boolean
- required:
- - key
- - label
- - required
- - type
- maxItems: 10
- minItems: 0
- type: array
- owner:
- $ref: '#/components/schemas/Cases_owner'
- templates:
- $ref: '#/components/schemas/Cases_templates'
- required:
- - closure_type
- - connector
- - owner
- title: Set case configuration request
- type: object
- Cases_settings:
- description: An object that contains the case settings.
- type: object
- properties:
- extractObservables:
- description: |
- When true, observables (e.g. IPs, hashes, URLs) are automatically extracted from case comments. Optional; defaults to false when omitted.
- example: false
- type: boolean
- syncAlerts:
- description: Turns alert syncing on or off.
- example: true
- type: boolean
- required:
- - syncAlerts
- Cases_string:
- type: string
- Cases_string_array:
- items:
- $ref: '#/components/schemas/Cases_string'
- maxItems: 100
- type: array
- Cases_template_tags:
- description: |
- The words and phrases that help categorize templates. It can be an empty array.
- items:
- maxLength: 256
- type: string
- maxItems: 200
- type: array
- Cases_templates:
- items:
- type: object
- properties:
- caseFields:
- type: object
- properties:
- assignees:
- $ref: '#/components/schemas/Cases_assignees'
- category:
- $ref: '#/components/schemas/Cases_case_category'
- connector:
- type: object
- properties:
- fields:
- description: The fields specified in the case configuration are not used and are not propagated to individual cases, therefore it is recommended to set it to `null`.
- nullable: true
- type: object
- id:
- description: The identifier for the connector. If you do not want a default connector, use `none`. To retrieve connector IDs, use the find connectors API.
- example: none
- type: string
- name:
- description: The name of the connector. If you do not want a default connector, use `none`. To retrieve connector names, use the find connectors API.
- example: none
- type: string
- type:
- $ref: '#/components/schemas/Cases_connector_types'
- customFields:
- description: Custom field values in the template.
- items:
+ properties:
+ elasticsearch:
+ additionalProperties: false
type: object
properties:
- key:
- description: The unique key for the custom field.
+ detail:
+ description: Human readable detail of the service status.
type: string
- type:
- description: The type of the custom field.
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
enum:
- - text
- - toggle
+ - available
+ - degraded
+ - unavailable
+ - critical
type: string
- value:
- description: |
- The default value for the custom field when a case uses the template. If the `type` is `text`, the default value must be a string. If the `type` is `toggle`, the default value must be boolean.
- oneOf:
- - type: string
- - type: boolean
- type: array
- x-state: Technical preview
- description:
- $ref: '#/components/schemas/Cases_case_description'
- settings:
- $ref: '#/components/schemas/Cases_settings'
- severity:
- $ref: '#/components/schemas/Cases_case_severity'
- tags:
- $ref: '#/components/schemas/Cases_case_tags'
- title:
- $ref: '#/components/schemas/Cases_case_title'
- description:
- description: A description for the template.
- type: string
- key:
- description: |
- A unique key for the template. Must be lower case and composed only of a-z, 0-9, '_', and '-' characters. It is used in API calls to refer to a specific template.
- type: string
- name:
- description: The name of the template.
- type: string
- tags:
- $ref: '#/components/schemas/Cases_template_tags'
- type: array
- x-state: Technical preview
- Cases_update_alert_comment_request_properties:
- description: Defines properties for case comment requests when type is alert.
- type: object
- properties:
- alertId:
- $ref: '#/components/schemas/Cases_alert_identifiers'
- id:
- description: |
- The identifier for the comment. To retrieve comment IDs, use the get comments API.
- example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
- type: string
- index:
- $ref: '#/components/schemas/Cases_alert_indices'
- owner:
- $ref: '#/components/schemas/Cases_owner'
- rule:
- $ref: '#/components/schemas/Cases_rule'
- type:
- description: The type of comment.
- enum:
- - alert
- example: alert
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ http:
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ savedObjects:
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ required:
+ - elasticsearch
+ - savedObjects
+ overall:
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ plugins:
+ additionalProperties:
+ additionalProperties: false
+ type: object
+ properties:
+ detail:
+ description: Human readable detail of the service status.
+ type: string
+ documentationUrl:
+ description: A URL to further documentation regarding this service.
+ type: string
+ level:
+ description: Service status levels as human and machine readable values.
+ enum:
+ - available
+ - degraded
+ - unavailable
+ - critical
+ type: string
+ meta:
+ additionalProperties: {}
+ description: An unstructured set of extra metadata about this service.
+ type: object
+ summary:
+ description: A human readable summary of the service status.
+ type: string
+ required:
+ - level
+ - summary
+ - meta
+ description: A dynamic mapping of plugin ID to plugin status.
+ type: object
+ required:
+ - overall
+ - core
+ - plugins
+ uuid:
+ description: Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts.
type: string
version:
- description: |
- The current comment version. To retrieve version values, use the get comments API.
- example: Wzk1LDFd
- type: string
- required:
- - alertId
- - id
- - index
- - owner
- - rule
- - type
- - version
- title: Update case comment request properties for alerts
- Cases_update_case_comment_request:
- description: The update case comment API request body varies depending on whether you are updating an alert or a comment.
- discriminator:
- mapping:
- alert: '#/components/schemas/Cases_update_alert_comment_request_properties'
- user: '#/components/schemas/Cases_update_user_comment_request_properties'
- propertyName: type
- oneOf:
- - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties'
- - $ref: '#/components/schemas/Cases_update_user_comment_request_properties'
- title: Update case comment request
- Cases_update_case_configuration_request:
- description: |
- You can update settings such as the closure type, custom fields, templates, and the default connector for cases.
- properties:
- closure_type:
- $ref: '#/components/schemas/Cases_closure_types'
- connector:
- description: An object that contains the connector configuration.
+ additionalProperties: false
type: object
properties:
- fields:
- description: The fields specified in the case configuration are not used and are not propagated to individual cases, therefore it is recommended to set it to `null`.
- nullable: true
- type: object
- id:
- description: The identifier for the connector. If you do not want a default connector, use `none`. To retrieve connector IDs, use the find connectors API.
- example: none
+ build_date:
+ description: The date and time of this build.
type: string
- name:
- description: The name of the connector. If you do not want a default connector, use `none`. To retrieve connector names, use the find connectors API.
- example: none
+ build_flavor:
+ description: The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the "traditional" flavour, while other flavours are reserved for Elastic-specific use cases.
+ enum:
+ - serverless
+ - traditional
+ type: string
+ build_hash:
+ description: A unique hash value representing the git commit of this Kibana build.
+ type: string
+ build_number:
+ description: A monotonically increasing number, each subsequent build will have a higher number.
+ type: number
+ build_snapshot:
+ description: Whether this build is a snapshot build.
+ type: boolean
+ number:
+ description: A semantic version number.
type: string
- type:
- $ref: '#/components/schemas/Cases_connector_types'
required:
- - fields
- - id
- - name
- - type
- customFields:
- description: Custom fields case configuration.
- items:
- type: object
- properties:
- defaultValue:
- description: |
- A default value for the custom field. If the `type` is `text`, the default value must be a string. If the `type` is `toggle`, the default value must be boolean.
- oneOf:
- - type: string
- - type: boolean
- key:
- description: |
- A unique key for the custom field. Must be lower case and composed only of a-z, 0-9, '_', and '-' characters. It is used in API calls to refer to a specific custom field.
- maxLength: 36
- minLength: 1
- type: string
- label:
- description: The custom field label that is displayed in the case.
- maxLength: 50
- minLength: 1
- type: string
- type:
- description: The type of the custom field.
- enum:
- - text
- - toggle
- type: string
- required:
- description: |
- Indicates whether the field is required. If `false`, the custom field can be set to null or omitted when a case is created or updated.
- type: boolean
- required:
- - key
- - label
- - required
- - type
- type: array
- templates:
- $ref: '#/components/schemas/Cases_templates'
- version:
- description: |
- The version of the connector. To retrieve the version value, use the get configuration API.
- example: WzIwMiwxXQ==
- type: string
+ - number
+ - build_hash
+ - build_number
+ - build_snapshot
+ - build_flavor
+ - build_date
required:
+ - name
+ - uuid
- version
- title: Update case configuration request
+ - status
+ - metrics
+ title: core_status_response
type: object
- Cases_update_case_request:
- description: The update case API request body varies depending on the type of connector.
- properties:
- cases:
- description: An array containing one or more case objects.
- items:
- type: object
- properties:
- assignees:
- $ref: '#/components/schemas/Cases_assignees'
- category:
- $ref: '#/components/schemas/Cases_case_category'
- connector:
- oneOf:
- - $ref: '#/components/schemas/Cases_connector_properties_none'
- - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook'
- - $ref: '#/components/schemas/Cases_connector_properties_jira'
- - $ref: '#/components/schemas/Cases_connector_properties_resilient'
- - $ref: '#/components/schemas/Cases_connector_properties_servicenow'
- - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir'
- - $ref: '#/components/schemas/Cases_connector_properties_swimlane'
- customFields:
- description: |
- Custom field values for a case. Any optional custom fields that are not specified in the request are set to null.
- items:
+ Kibana_HTTP_APIs_FailureStore:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ inherit:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - inherit
+ - additionalProperties: false
+ type: object
+ properties:
+ disabled:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - disabled
+ - additionalProperties: false
+ type: object
+ properties:
+ lifecycle:
+ additionalProperties: false
+ type: object
+ properties:
+ enabled:
+ additionalProperties: false
type: object
properties:
- key:
- description: |
- The unique identifier for the custom field. The key value must exist in the case configuration settings.
- type: string
- type:
- description: |
- The custom field type. It must match the type specified in the case configuration settings.
- enum:
- - text
- - toggle
+ data_retention:
+ description: A non-empty string.
+ minLength: 1
type: string
- value:
- description: |
- The custom field value. If the custom field is required, it cannot be explicitly set to null. However, for cases that existed when the required custom field was added, the default value stored in Elasticsearch is `undefined`. The value returned in the API and user interface in this case is `null`.
- oneOf:
- - maxLength: 160
- minLength: 1
- nullable: true
- type: string
- - type: boolean
- required:
- - key
- - type
- - value
- maxItems: 10
- minItems: 0
- type: array
- description:
- $ref: '#/components/schemas/Cases_case_description'
- id:
- description: The identifier for the case.
- maxLength: 30000
- type: string
- settings:
- $ref: '#/components/schemas/Cases_settings'
- severity:
- $ref: '#/components/schemas/Cases_case_severity'
- status:
- $ref: '#/components/schemas/Cases_case_status'
- tags:
- $ref: '#/components/schemas/Cases_case_tags'
- title:
- $ref: '#/components/schemas/Cases_case_title'
- version:
- description: |
- The current version of the case. To determine this value, use the get case or search cases (`_find`) APIs.
- type: string
- required:
- - id
- - version
- maxItems: 100
- minItems: 1
- type: array
- required:
- - cases
- title: Update case request
+ required:
+ - enabled
+ required:
+ - lifecycle
+ - additionalProperties: false
+ type: object
+ properties:
+ lifecycle:
+ additionalProperties: false
+ type: object
+ properties:
+ disabled:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - disabled
+ required:
+ - lifecycle
+ Kibana_HTTP_APIs_FieldDefinition:
+ additionalProperties:
+ $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinitionConfig'
type: object
- Cases_update_user_comment_request_properties:
- description: Defines properties for case comment requests when type is user.
+ Kibana_HTTP_APIs_FieldDefinitionConfig:
+ allOf:
+ - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord'
+ - anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ format:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ type:
+ enum:
+ - keyword
+ - match_only_text
+ - long
+ - double
+ - date
+ - boolean
+ - ip
+ - geo_point
+ - integer
+ - short
+ - byte
+ - float
+ - half_float
+ - text
+ - wildcard
+ - version
+ - unsigned_long
+ - date_nanos
+ type: string
+ required:
+ - type
+ - additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ format:
+ not: {}
+ type:
+ not: {}
+ required:
+ - description
+ - additionalProperties: false
+ type: object
+ properties:
+ description:
+ type: string
+ type:
+ enum:
+ - system
+ type: string
+ required:
+ - type
+ Kibana_HTTP_APIs_FilterCondition:
+ anyOf:
+ - additionalProperties: false
+ description: A condition that compares a field to a value or range using an operator as the key.
+ type: object
+ properties:
+ contains:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Contains comparison value.
+ endsWith:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Ends-with comparison value.
+ eq:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Equality comparison value.
+ field:
+ description: The document field to filter on.
+ minLength: 1
+ type: string
+ gt:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Greater-than comparison value.
+ gte:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Greater-than-or-equal comparison value.
+ includes:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Checks if multivalue field includes the value.
+ lt:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Less-than comparison value.
+ lte:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Less-than-or-equal comparison value.
+ neq:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Inequality comparison value.
+ range:
+ additionalProperties: false
+ description: Range comparison values.
+ type: object
+ properties:
+ gt:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: A value that can be a string, number, or boolean.
+ gte:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: A value that can be a string, number, or boolean.
+ lt:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: A value that can be a string, number, or boolean.
+ lte:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: A value that can be a string, number, or boolean.
+ startsWith:
+ anyOf:
+ - type: string
+ - type: number
+ - type: boolean
+ description: Starts-with comparison value.
+ required:
+ - field
+ - additionalProperties: false
+ description: A condition that checks for the existence or non-existence of a field.
+ type: object
+ properties:
+ exists:
+ description: Indicates whether the field exists or not.
+ type: boolean
+ field:
+ description: The document field to check.
+ minLength: 1
+ type: string
+ required:
+ - field
+ description: A basic filter condition, either unary or binary.
+ Kibana_HTTP_APIs_IngestStreamLifecycle:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ dsl:
+ additionalProperties: false
+ type: object
+ properties:
+ data_retention:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ downsample:
+ items:
+ type: object
+ properties:
+ after:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ fixed_interval:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ required:
+ - after
+ - fixed_interval
+ type: array
+ required:
+ - dsl
+ - additionalProperties: false
+ type: object
+ properties:
+ ilm:
+ additionalProperties: false
+ type: object
+ properties:
+ policy:
+ description: A non-empty string.
+ minLength: 1
+ type: string
+ required:
+ - policy
+ required:
+ - ilm
+ - additionalProperties: false
+ type: object
+ properties:
+ inherit:
+ additionalProperties: false
+ type: object
+ properties: {}
+ required:
+ - inherit
+ Kibana_HTTP_APIs_new_output_elasticsearch:
+ additionalProperties: false
properties:
- comment:
- description: The new comment. It is required only when `type` is `user`.
- example: A new comment.
- maxLength: 30000
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ format: uri
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
id:
- description: |
- The identifier for the comment. To retrieve comment IDs, use the get comments API.
- example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
type: string
- owner:
- $ref: '#/components/schemas/Cases_owner'
- type:
- description: The type of comment.
- enum:
- - user
- example: user
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ name:
type: string
- version:
- description: |
- The current comment version. To retrieve version values, use the get comments API.
- example: Wzk1LDFd
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
type: string
- required:
- - comment
- - id
- - owner
- - type
- - version
- title: Update case comment request properties for user comments
- type: object
- Cases_user_actions_find_response_properties:
- type: object
- properties:
- action:
- $ref: '#/components/schemas/Cases_actions'
- comment_id:
- example: 578608d0-03b1-11ed-920c-974bfa104448
+ proxy_id:
nullable: true
type: string
- created_at:
- example: '2022-05-13T09:16:17.416Z'
- format: date-time
- type: string
- created_by:
+ secrets:
+ additionalProperties: false
type: object
properties:
- email:
- example: null
+ ssl:
+ additionalProperties: false
+ type: object
+ properties:
+ key:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ shipper:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
nullable: true
type: string
- full_name:
- example: null
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
nullable: true
+ type: number
+ required:
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ certificate:
type: string
- profile_uid:
- example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
type: string
- username:
- example: elastic
- nullable: true
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
type: string
- required:
- - email
- - full_name
- - username
- id:
- example: 22fd3e30-03b1-11ed-920c-974bfa104448
- type: string
- owner:
- $ref: '#/components/schemas/Cases_owner'
- payload:
- oneOf:
- - $ref: '#/components/schemas/Cases_payload_alert_comment'
- - $ref: '#/components/schemas/Cases_payload_assignees'
- - $ref: '#/components/schemas/Cases_payload_connector'
- - $ref: '#/components/schemas/Cases_payload_create_case'
- - $ref: '#/components/schemas/Cases_payload_delete'
- - $ref: '#/components/schemas/Cases_payload_description'
- - $ref: '#/components/schemas/Cases_payload_pushed'
- - $ref: '#/components/schemas/Cases_payload_settings'
- - $ref: '#/components/schemas/Cases_payload_severity'
- - $ref: '#/components/schemas/Cases_payload_status'
- - $ref: '#/components/schemas/Cases_payload_tags'
- - $ref: '#/components/schemas/Cases_payload_title'
- - $ref: '#/components/schemas/Cases_payload_user_comment'
type:
- description: The type of action.
enum:
- - assignees
- - create_case
- - comment
- - connector
- - description
- - pushed
- - tags
- - title
- - status
- - settings
- - severity
- example: create_case
- type: string
- version:
- example: WzM1ODg4LDFd
+ - elasticsearch
type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
required:
- - action
- - comment_id
- - created_at
- - created_by
- - id
- - owner
- - payload
+ - name
- type
- - version
- Cases_user_comment_response_properties:
- title: Case response properties for user comments
+ - hosts
+ title: new_output_elasticsearch
type: object
+ Kibana_HTTP_APIs_new_output_kafka:
+ additionalProperties: false
properties:
- comment:
- example: A new comment.
- type: string
- created_at:
- example: '2022-05-13T09:16:17.416Z'
- format: date-time
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ auth_type:
+ enum:
+ - none
+ - user_pass
+ - ssl
+ - kerberos
type: string
- created_by:
- $ref: '#/components/schemas/Cases_case_response_created_by_properties'
- id:
- example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6
+ broker_timeout:
+ type: number
+ ca_sha256:
+ nullable: true
type: string
- owner:
- $ref: '#/components/schemas/Cases_owner'
- pushed_at:
- example: null
- format: date-time
+ ca_trusted_fingerprint:
nullable: true
type: string
- pushed_by:
- $ref: '#/components/schemas/Cases_case_response_pushed_by_properties'
- type:
+ client_id:
+ type: string
+ compression:
enum:
- - user
- example: user
+ - gzip
+ - snappy
+ - lz4
+ - none
type: string
- updated_at:
- example: null
- format: date-time
+ compression_level:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: number
+ - not: {}
+ config_yaml:
nullable: true
type: string
- updated_by:
- $ref: '#/components/schemas/Cases_case_response_updated_by_properties'
- version:
- example: WzIwNDMxLDFd
+ connection_type:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - enum:
+ - plaintext
+ - encryption
+ type: string
+ - not: {}
+ hash:
+ additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ random:
+ type: boolean
+ headers:
+ items:
+ additionalProperties: false
+ type: object
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ - value
+ maxItems: 100
+ type: array
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
type: string
- required:
- - type
- Data_views_400_response:
- title: Bad request
- type: object
- properties:
- error:
- example: Bad Request
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ key:
type: string
- message:
+ name:
type: string
- statusCode:
- example: 400
- type: number
- required:
- - statusCode
- - error
- - message
- Data_views_404_response:
- type: object
- properties:
- error:
+ partition:
enum:
- - Not Found
- example: Not Found
+ - random
+ - round_robin
+ - hash
type: string
- message:
- example: Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] not found
+ password:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - not: {}
+ - anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ proxy_id:
+ nullable: true
type: string
- statusCode:
+ random:
+ additionalProperties: false
+ type: object
+ properties:
+ group_events:
+ type: number
+ required_acks:
enum:
- - 404
- example: 404
+ - 1
+ - 0
+ - -1
type: integer
- Data_views_allownoindex:
- description: Allows the data view saved object to exist before the data is available. Defaults to `false`.
- type: boolean
- Data_views_create_data_view_request_object:
- title: Create data view request
- type: object
- properties:
- data_view:
- description: The data view object.
+ round_robin:
+ additionalProperties: false
type: object
properties:
- allowNoIndex:
- $ref: '#/components/schemas/Data_views_allownoindex'
- fieldAttrs:
- additionalProperties:
- $ref: '#/components/schemas/Data_views_fieldattrs'
- type: object
- fieldFormats:
- $ref: '#/components/schemas/Data_views_fieldformats'
- fields:
- type: object
- id:
- type: string
- name:
- description: The data view name.
- type: string
- namespaces:
- $ref: '#/components/schemas/Data_views_namespaces'
- runtimeFieldMap:
- additionalProperties:
- $ref: '#/components/schemas/Data_views_runtimefieldmap'
- type: object
- sourceFilters:
- $ref: '#/components/schemas/Data_views_sourcefilters'
- timeFieldName:
- $ref: '#/components/schemas/Data_views_timefieldname'
- title:
- $ref: '#/components/schemas/Data_views_title'
- type:
- $ref: '#/components/schemas/Data_views_type'
- typeMeta:
- $ref: '#/components/schemas/Data_views_typemeta'
- version:
- type: string
- required:
- - title
- override:
- default: false
- description: Override an existing data view if a data view with the provided title already exists.
- type: boolean
- required:
- - data_view
- Data_views_data_view_response_object:
- title: Data view response properties
- type: object
- properties:
- data_view:
+ group_events:
+ type: number
+ sasl:
+ additionalProperties: false
+ nullable: true
type: object
properties:
- allowNoIndex:
- $ref: '#/components/schemas/Data_views_allownoindex'
- fieldAttrs:
- additionalProperties:
- $ref: '#/components/schemas/Data_views_fieldattrs'
- type: object
- fieldFormats:
- $ref: '#/components/schemas/Data_views_fieldformats'
- fields:
- type: object
- id:
- example: ff959d40-b880-11e8-a6d9-e546fe2bba5f
- type: string
- name:
- description: The data view name.
+ mechanism:
+ enum:
+ - PLAIN
+ - SCRAM-SHA-256
+ - SCRAM-SHA-512
type: string
- namespaces:
- $ref: '#/components/schemas/Data_views_namespaces'
- runtimeFieldMap:
- additionalProperties:
- $ref: '#/components/schemas/Data_views_runtimefieldmap'
+ secrets:
+ additionalProperties: false
+ type: object
+ properties:
+ password:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ ssl:
+ additionalProperties: false
type: object
- sourceFilters:
- $ref: '#/components/schemas/Data_views_sourcefilters'
- timeFieldName:
- $ref: '#/components/schemas/Data_views_timefieldname'
- title:
- $ref: '#/components/schemas/Data_views_title'
- typeMeta:
- $ref: '#/components/schemas/Data_views_typemeta_response'
- version:
- example: WzQ2LDJd
+ properties:
+ key:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ required:
+ - key
+ shipper:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
type: string
- Data_views_fieldattrs:
- description: A map of field attributes by field name.
- type: object
- properties:
- count:
- description: Popularity count for the field.
- type: integer
- customDescription:
- description: Custom description for the field.
- maxLength: 300
- type: string
- customLabel:
- description: Custom label for the field.
- type: string
- Data_views_fieldformats:
- description: A map of field formats by field name.
- type: object
- Data_views_namespaces:
- description: An array of space identifiers for sharing the data view between multiple spaces.
- items:
- default: default
- type: string
- type: array
- Data_views_runtimefieldmap:
- description: A map of runtime field definitions by field name.
- type: object
- properties:
- script:
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
+ required:
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: false
+ nullable: true
type: object
properties:
- source:
- description: Script for the runtime field.
+ certificate:
+ type: string
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ timeout:
+ type: number
+ topic:
+ type: string
type:
- description: Mapping type of the runtime field.
+ enum:
+ - kafka
+ type: string
+ username:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ version:
type: string
required:
- - script
+ - name
- type
- Data_views_sourcefilters:
- description: The array of field names you want to filter out in Discover.
- items:
- type: object
- properties:
- value:
- type: string
- required:
- - value
- type: array
- Data_views_swap_data_view_request_object:
- title: Data view reference swap request
+ - hosts
+ - compression_level
+ - auth_type
+ - connection_type
+ - username
+ - password
+ title: new_output_kafka
type: object
+ Kibana_HTTP_APIs_new_output_logstash:
+ additionalProperties: false
properties:
- delete:
- description: Deletes referenced saved object if all references are removed.
- type: boolean
- forId:
- description: Limit the affected saved objects to one or more by identifier.
- oneOf:
- - type: string
- - items:
- type: string
- type: array
- forType:
- description: Limit the affected saved objects by type.
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
type: string
- fromId:
- description: The saved object reference to change.
+ ca_trusted_fingerprint:
+ nullable: true
type: string
- fromType:
- description: |
- Specify the type of the saved object reference to alter. The default value is `index-pattern` for data views.
+ config_yaml:
+ nullable: true
type: string
- toId:
- description: New saved object reference value to replace the old value.
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
type: string
- required:
- - fromId
- - toId
- Data_views_timefieldname:
- description: The timestamp field name, which you use for time-based data views.
- type: string
- Data_views_title:
- description: Comma-separated list of data streams, indices, and aliases that you want to search. Supports wildcards (`*`).
- type: string
- Data_views_type:
- description: When set to `rollup`, identifies the rollup data views.
- type: string
- Data_views_typemeta:
- description: When you use rollup indices, contains the field list for the rollup data view API endpoints.
- type: object
- properties:
- aggs:
- description: A map of rollup restrictions by aggregation type and field name.
- type: object
- params:
- description: Properties for retrieving rollup fields.
- type: object
- required:
- - aggs
- - params
- Data_views_typemeta_response:
- description: When you use rollup indices, contains the field list for the rollup data view API endpoints.
- nullable: true
- type: object
- properties:
- aggs:
- description: A map of rollup restrictions by aggregation type and field name.
- type: object
- params:
- description: Properties for retrieving rollup fields.
- type: object
- Data_views_update_data_view_request_object:
- title: Update data view request
- type: object
- properties:
- data_view:
- description: |
- The data view properties you want to update. Only the specified properties are updated in the data view. Unspecified fields stay as they are persisted.
- type: object
- properties:
- allowNoIndex:
- $ref: '#/components/schemas/Data_views_allownoindex'
- fieldFormats:
- $ref: '#/components/schemas/Data_views_fieldformats'
- fields:
- type: object
- name:
- type: string
- runtimeFieldMap:
- additionalProperties:
- $ref: '#/components/schemas/Data_views_runtimefieldmap'
- type: object
- sourceFilters:
- $ref: '#/components/schemas/Data_views_sourcefilters'
- timeFieldName:
- $ref: '#/components/schemas/Data_views_timefieldname'
- title:
- $ref: '#/components/schemas/Data_views_title'
- type:
- $ref: '#/components/schemas/Data_views_type'
- typeMeta:
- $ref: '#/components/schemas/Data_views_typemeta'
- refresh_fields:
+ is_default:
default: false
- description: Reloads the data view fields after the data view is updated.
type: boolean
- required:
- - data_view
- Kibana_HTTP_APIs__zod_v4_3___schema0:
- anyOf:
- - additionalProperties: false
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ name:
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
+ additionalProperties: false
type: object
properties:
- objects:
+ ssl:
additionalProperties: false
type: object
properties:
- all:
- additionalProperties: false
- type: object
- properties: {}
- required:
- - all
- required:
- - objects
- - additionalProperties: false
+ key:
+ anyOf:
+ - additionalProperties: false
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ shipper:
+ additionalProperties: false
+ nullable: true
type: object
properties:
- objects:
- additionalProperties: false
- type: object
- properties:
- mappings:
- type: boolean
- queries:
- items:
- type: object
- properties:
- id:
- type: string
- required:
- - id
- type: array
- routing:
- items:
- allOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0'
- - type: object
- properties:
- destination:
- type: string
- required:
- - destination
- type: array
- required:
- - mappings
- - queries
- - routing
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - objects
- Kibana_HTTP_APIs_ClassicFieldDefinition:
- additionalProperties:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinitionConfig'
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: false
+ nullable: true
+ type: object
+ properties:
+ certificate:
+ type: string
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ type:
+ enum:
+ - logstash
+ type: string
+ required:
+ - name
+ - type
+ - hosts
+ title: new_output_logstash
type: object
- Kibana_HTTP_APIs_ClassicFieldDefinitionConfig:
- allOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord'
- - anyOf:
- - additionalProperties: false
- type: object
- properties:
- description:
- type: string
- format:
- description: A non-empty string.
- minLength: 1
- type: string
- type:
- enum:
- - keyword
- - match_only_text
- - long
- - double
- - date
- - boolean
- - ip
- - geo_point
- - integer
- - short
- - byte
- - float
- - half_float
- - text
- - wildcard
- - version
- - unsigned_long
- - date_nanos
- type: string
- required:
- - type
- - additionalProperties: false
- type: object
- properties:
- description:
- type: string
- type:
- enum:
- - system
- type: string
- required:
- - type
- Kibana_HTTP_APIs_ClassicStreamUpsertRequest:
+ Kibana_HTTP_APIs_new_output_remote_elasticsearch:
additionalProperties: false
- type: object
properties:
- dashboards:
+ allow_edit:
items:
type: string
+ maxItems: 1000
type: array
- queries:
- items:
- type: object
- properties:
- description:
- type: string
- esql:
- type: object
- properties:
- query:
- type: string
- required:
- - query
- evidence:
- items:
- type: string
- type: array
- id:
- description: A non-empty string.
- minLength: 1
- type: string
- severity_score:
- type: number
- title:
- description: A non-empty string.
- minLength: 1
- type: string
- required:
- - id
- - title
- - description
- - esql
- type: array
- rules:
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
items:
+ format: uri
type: string
+ maxItems: 10
+ minItems: 1
type: array
- stream:
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ kibana_api_key:
+ nullable: true
+ type: string
+ kibana_url:
+ nullable: true
+ type: string
+ name:
+ type: string
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
additionalProperties: false
type: object
properties:
- description:
- type: string
- ingest:
- additionalProperties: false
- type: object
- properties:
- classic:
- additionalProperties: false
- type: object
- properties:
- field_overrides:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinition'
- failure_store:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore'
- lifecycle:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle'
- processing:
- additionalProperties: false
+ service_token:
+ anyOf:
+ - additionalProperties: false
type: object
properties:
- steps:
- items:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep'
- type: array
- updated_at: {}
+ hash:
+ type: string
+ id:
+ type: string
required:
- - steps
- settings:
- additionalProperties: false
- type: object
- properties:
- index.number_of_replicas:
- additionalProperties: false
- type: object
- properties:
- value:
- type: number
- required:
- - value
- index.number_of_shards:
- additionalProperties: false
- type: object
- properties:
- value:
- type: number
- required:
- - value
- index.refresh_interval:
- additionalProperties: false
+ - id
+ - type: string
+ ssl:
+ additionalProperties: false
+ type: object
+ properties:
+ key:
+ anyOf:
+ - additionalProperties: false
type: object
properties:
- value:
- anyOf:
- - type: string
- - enum:
- - -1
- type: number
+ hash:
+ type: string
+ id:
+ type: string
required:
- - value
- required:
- - lifecycle
- - processing
- - settings
- - failure_store
- - classic
- query_streams:
- items:
- type: object
- properties:
- name:
- type: string
- required:
- - name
- type: array
- type:
- enum:
- - classic
- type: string
- required:
- - description
- - ingest
- - type
- required:
- - dashboards
- - rules
- - queries
- - stream
- Kibana_HTTP_APIs_Condition:
- anyOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs_FilterCondition'
- - additionalProperties: false
- description: A logical AND that groups multiple conditions.
+ - id
+ - type: string
+ service_token:
+ nullable: true
+ type: string
+ shipper:
+ additionalProperties: false
+ nullable: true
type: object
properties:
- and:
- description: An array of conditions. All sub-conditions must be true for this condition to be true.
- items:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
- type: array
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - and
- - additionalProperties: false
- description: A logical OR that groups multiple conditions.
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: false
+ nullable: true
type: object
properties:
- or:
- description: An array of conditions. At least one sub-condition must be true for this condition to be true.
+ certificate:
+ type: string
+ certificate_authorities:
items:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
+ type: string
+ maxItems: 10
type: array
- required:
- - or
- - additionalProperties: false
- description: A logical NOT that negates a condition.
- type: object
- properties:
- not:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
- description: A condition that negates another condition.
- required:
- - not
- - additionalProperties: false
- description: A condition that always evaluates to false.
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ sync_integrations:
+ type: boolean
+ sync_uninstalled_integrations:
+ type: boolean
+ type:
+ enum:
+ - remote_elasticsearch
+ type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
+ required:
+ - name
+ - type
+ - hosts
+ title: new_output_remote_elasticsearch
+ type: object
+ Kibana_HTTP_APIs_output_elasticsearch:
+ additionalProperties: true
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ format: uri
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ name:
+ type: string
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
+ additionalProperties: true
type: object
properties:
- never:
- additionalProperties: false
- description: An empty object. This condition never matches.
+ ssl:
+ additionalProperties: true
type: object
- properties: {}
- required:
- - never
- - additionalProperties: false
- description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered.
+ properties:
+ key:
+ anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ shipper:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- always:
- additionalProperties: false
- description: An empty object. This condition always matches.
- type: object
- properties: {}
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - always
- description: The root condition object. It can be a simple filter or a combination of other conditions.
- Kibana_HTTP_APIs_ConditionWithSteps:
- allOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition'
- - additionalProperties: false
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- steps:
+ certificate:
+ type: string
+ certificate_authorities:
items:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep'
+ type: string
+ maxItems: 10
type: array
- required:
- - steps
- Kibana_HTTP_APIs_core_status_redactedResponse:
- additionalProperties: false
- description: A minimal representation of Kibana's operational status.
- properties:
- status:
- additionalProperties: false
- type: object
- properties:
- overall:
- additionalProperties: false
- type: object
- properties:
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- required:
- - level
- required:
- - overall
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ type:
+ enum:
+ - elasticsearch
+ type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
required:
- - status
- title: core_status_redactedResponse
+ - name
+ - type
+ - hosts
+ title: output_elasticsearch
type: object
- Kibana_HTTP_APIs_core_status_response:
- additionalProperties: false
- description: Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request.
+ Kibana_HTTP_APIs_output_kafka:
+ additionalProperties: true
properties:
- metrics:
- additionalProperties: false
- description: Metric groups collected by Kibana.
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ auth_type:
+ enum:
+ - none
+ - user_pass
+ - ssl
+ - kerberos
+ type: string
+ broker_timeout:
+ type: number
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ client_id:
+ type: string
+ compression:
+ enum:
+ - gzip
+ - snappy
+ - lz4
+ - none
+ type: string
+ compression_level:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: number
+ - not: {}
+ config_yaml:
+ nullable: true
+ type: string
+ connection_type:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - enum:
+ - plaintext
+ - encryption
+ type: string
+ - not: {}
+ hash:
+ additionalProperties: true
type: object
properties:
- collection_interval_in_millis:
- description: The interval at which metrics should be collected.
- type: number
- elasticsearch_client:
- additionalProperties: false
- description: Current network metrics of Kibana's Elasticsearch client.
- type: object
- properties:
- totalActiveSockets:
- description: Count of network sockets currently in use.
- type: number
- totalIdleSockets:
- description: Count of network sockets currently idle.
- type: number
- totalQueuedRequests:
- description: Count of requests not yet assigned to sockets.
- type: number
- required:
- - totalActiveSockets
- - totalIdleSockets
- - totalQueuedRequests
- last_updated:
- description: The time metrics were collected.
+ hash:
type: string
- required:
- - elasticsearch_client
- - last_updated
- - collection_interval_in_millis
+ random:
+ type: boolean
+ headers:
+ items:
+ additionalProperties: true
+ type: object
+ properties:
+ key:
+ type: string
+ value:
+ type: string
+ required:
+ - key
+ - value
+ maxItems: 100
+ type: array
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ key:
+ type: string
name:
- description: Kibana instance name.
type: string
- status:
- additionalProperties: false
+ partition:
+ enum:
+ - random
+ - round_robin
+ - hash
+ type: string
+ password:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - not: {}
+ - anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ proxy_id:
+ nullable: true
+ type: string
+ random:
+ additionalProperties: true
type: object
properties:
- core:
- additionalProperties: false
- description: Statuses of core Kibana services.
- type: object
- properties:
- elasticsearch:
- additionalProperties: false
- type: object
- properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
- type: string
- required:
- - level
- - summary
- - meta
- http:
- additionalProperties: false
- type: object
- properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
- type: string
- required:
- - level
- - summary
- - meta
- savedObjects:
- additionalProperties: false
+ group_events:
+ type: number
+ required_acks:
+ enum:
+ - 1
+ - 0
+ - -1
+ type: integer
+ round_robin:
+ additionalProperties: true
+ type: object
+ properties:
+ group_events:
+ type: number
+ sasl:
+ additionalProperties: true
+ nullable: true
+ type: object
+ properties:
+ mechanism:
+ enum:
+ - PLAIN
+ - SCRAM-SHA-256
+ - SCRAM-SHA-512
+ type: string
+ secrets:
+ additionalProperties: true
+ type: object
+ properties:
+ password:
+ anyOf:
+ - additionalProperties: true
type: object
properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
+ hash:
type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
+ id:
type: string
required:
- - level
- - summary
- - meta
- required:
- - elasticsearch
- - savedObjects
- overall:
- additionalProperties: false
+ - id
+ - type: string
+ ssl:
+ additionalProperties: true
type: object
properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
- type: string
+ key:
+ anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
required:
- - level
- - summary
- - meta
- plugins:
- additionalProperties:
- additionalProperties: false
- type: object
- properties:
- detail:
- description: Human readable detail of the service status.
- type: string
- documentationUrl:
- description: A URL to further documentation regarding this service.
- type: string
- level:
- description: Service status levels as human and machine readable values.
- enum:
- - available
- - degraded
- - unavailable
- - critical
- type: string
- meta:
- additionalProperties: {}
- description: An unstructured set of extra metadata about this service.
- type: object
- summary:
- description: A human readable summary of the service status.
- type: string
- required:
- - level
- - summary
- - meta
- description: A dynamic mapping of plugin ID to plugin status.
- type: object
- required:
- - overall
- - core
- - plugins
- uuid:
- description: Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts.
- type: string
- version:
- additionalProperties: false
+ - key
+ shipper:
+ additionalProperties: true
+ nullable: true
+ type: object
+ properties:
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
+ required:
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- build_date:
- description: The date and time of this build.
- type: string
- build_flavor:
- description: The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the "traditional" flavour, while other flavours are reserved for Elastic-specific use cases.
- enum:
- - serverless
- - traditional
+ certificate:
type: string
- build_hash:
- description: A unique hash value representing the git commit of this Kibana build.
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
type: string
- build_number:
- description: A monotonically increasing number, each subsequent build will have a higher number.
- type: number
- build_snapshot:
- description: Whether this build is a snapshot build.
- type: boolean
- number:
- description: A semantic version number.
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
type: string
- required:
- - number
- - build_hash
- - build_number
- - build_snapshot
- - build_flavor
- - build_date
+ timeout:
+ type: number
+ topic:
+ type: string
+ type:
+ enum:
+ - kafka
+ type: string
+ username:
+ anyOf:
+ - items: {}
+ type: array
+ - type: boolean
+ - type: number
+ - type: object
+ - type: string
+ nullable: true
+ oneOf:
+ - type: string
+ - not: {}
+ version:
+ type: string
required:
- name
- - uuid
- - version
- - status
- - metrics
- title: core_status_response
+ - type
+ - hosts
+ - compression_level
+ - auth_type
+ - connection_type
+ - username
+ - password
+ title: output_kafka
type: object
- Kibana_HTTP_APIs_FailureStore:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- inherit:
- additionalProperties: false
- type: object
- properties: {}
- required:
- - inherit
- - additionalProperties: false
+ Kibana_HTTP_APIs_output_logstash:
+ additionalProperties: true
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ name:
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
+ additionalProperties: true
type: object
properties:
- disabled:
- additionalProperties: false
+ ssl:
+ additionalProperties: true
type: object
- properties: {}
- required:
- - disabled
- - additionalProperties: false
+ properties:
+ key:
+ anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - type: string
+ shipper:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- lifecycle:
- additionalProperties: false
- type: object
- properties:
- enabled:
- additionalProperties: false
- type: object
- properties:
- data_retention:
- description: A non-empty string.
- minLength: 1
- type: string
- required:
- - enabled
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
+ type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - lifecycle
- - additionalProperties: false
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- lifecycle:
- additionalProperties: false
- type: object
- properties:
- disabled:
- additionalProperties: false
- type: object
- properties: {}
- required:
- - disabled
- required:
- - lifecycle
- Kibana_HTTP_APIs_FieldDefinition:
- additionalProperties:
- $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinitionConfig'
+ certificate:
+ type: string
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ type:
+ enum:
+ - logstash
+ type: string
+ required:
+ - name
+ - type
+ - hosts
+ title: output_logstash
type: object
- Kibana_HTTP_APIs_FieldDefinitionConfig:
- allOf:
- - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord'
- - anyOf:
- - additionalProperties: false
- type: object
- properties:
- description:
- type: string
- format:
- description: A non-empty string.
- minLength: 1
- type: string
- type:
- enum:
- - keyword
- - match_only_text
- - long
- - double
- - date
- - boolean
- - ip
- - geo_point
- - integer
- - short
- - byte
- - float
- - half_float
- - text
- - wildcard
- - version
- - unsigned_long
- - date_nanos
- type: string
- required:
- - type
- - additionalProperties: false
- type: object
- properties:
- description:
- type: string
- format:
- not: {}
- type:
- not: {}
- required:
- - description
- - additionalProperties: false
- type: object
- properties:
- description:
- type: string
- type:
- enum:
- - system
- type: string
- required:
- - type
- Kibana_HTTP_APIs_FilterCondition:
- anyOf:
- - additionalProperties: false
- description: A condition that compares a field to a value or range using an operator as the key.
+ Kibana_HTTP_APIs_output_remote_elasticsearch:
+ additionalProperties: true
+ properties:
+ allow_edit:
+ items:
+ type: string
+ maxItems: 1000
+ type: array
+ ca_sha256:
+ nullable: true
+ type: string
+ ca_trusted_fingerprint:
+ nullable: true
+ type: string
+ config_yaml:
+ nullable: true
+ type: string
+ hosts:
+ items:
+ format: uri
+ type: string
+ maxItems: 10
+ minItems: 1
+ type: array
+ id:
+ type: string
+ is_default:
+ default: false
+ type: boolean
+ is_default_monitoring:
+ default: false
+ type: boolean
+ is_internal:
+ type: boolean
+ is_preconfigured:
+ type: boolean
+ kibana_api_key:
+ nullable: true
+ type: string
+ kibana_url:
+ nullable: true
+ type: string
+ name:
+ type: string
+ preset:
+ enum:
+ - balanced
+ - custom
+ - throughput
+ - scale
+ - latency
+ type: string
+ proxy_id:
+ nullable: true
+ type: string
+ secrets:
+ additionalProperties: true
type: object
properties:
- contains:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Contains comparison value.
- endsWith:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Ends-with comparison value.
- eq:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Equality comparison value.
- field:
- description: The document field to filter on.
- minLength: 1
- type: string
- gt:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Greater-than comparison value.
- gte:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Greater-than-or-equal comparison value.
- includes:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Checks if multivalue field includes the value.
- lt:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Less-than comparison value.
- lte:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Less-than-or-equal comparison value.
- neq:
+ service_token:
anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
- type: string
- - type: number
- - type: boolean
- description: Inequality comparison value.
- range:
- additionalProperties: false
- description: Range comparison values.
+ ssl:
+ additionalProperties: true
type: object
properties:
- gt:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: A value that can be a string, number, or boolean.
- gte:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: A value that can be a string, number, or boolean.
- lt:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: A value that can be a string, number, or boolean.
- lte:
+ key:
anyOf:
+ - additionalProperties: true
+ type: object
+ properties:
+ hash:
+ type: string
+ id:
+ type: string
+ required:
+ - id
- type: string
- - type: number
- - type: boolean
- description: A value that can be a string, number, or boolean.
- startsWith:
- anyOf:
- - type: string
- - type: number
- - type: boolean
- description: Starts-with comparison value.
- required:
- - field
- - additionalProperties: false
- description: A condition that checks for the existence or non-existence of a field.
+ service_token:
+ nullable: true
+ type: string
+ shipper:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- exists:
- description: Indicates whether the field exists or not.
+ compression_level:
+ nullable: true
+ type: number
+ disk_queue_compression_enabled:
+ nullable: true
type: boolean
- field:
- description: The document field to check.
- minLength: 1
+ disk_queue_enabled:
+ default: false
+ nullable: true
+ type: boolean
+ disk_queue_encryption_enabled:
+ nullable: true
+ type: boolean
+ disk_queue_max_size:
+ nullable: true
+ type: number
+ disk_queue_path:
+ nullable: true
type: string
+ loadbalance:
+ nullable: true
+ type: boolean
+ max_batch_bytes:
+ nullable: true
+ type: number
+ mem_queue_events:
+ nullable: true
+ type: number
+ queue_flush_timeout:
+ nullable: true
+ type: number
required:
- - field
- description: A basic filter condition, either unary or binary.
- Kibana_HTTP_APIs_IngestStreamLifecycle:
- anyOf:
- - additionalProperties: false
- type: object
- properties:
- dsl:
- additionalProperties: false
- type: object
- properties:
- data_retention:
- description: A non-empty string.
- minLength: 1
- type: string
- downsample:
- items:
- type: object
- properties:
- after:
- description: A non-empty string.
- minLength: 1
- type: string
- fixed_interval:
- description: A non-empty string.
- minLength: 1
- type: string
- required:
- - after
- - fixed_interval
- type: array
- required:
- - dsl
- - additionalProperties: false
- type: object
- properties:
- ilm:
- additionalProperties: false
- type: object
- properties:
- policy:
- description: A non-empty string.
- minLength: 1
- type: string
- required:
- - policy
- required:
- - ilm
- - additionalProperties: false
+ - disk_queue_path
+ - disk_queue_max_size
+ - disk_queue_encryption_enabled
+ - disk_queue_compression_enabled
+ - compression_level
+ - loadbalance
+ - mem_queue_events
+ - queue_flush_timeout
+ - max_batch_bytes
+ ssl:
+ additionalProperties: true
+ nullable: true
type: object
properties:
- inherit:
- additionalProperties: false
- type: object
- properties: {}
- required:
- - inherit
+ certificate:
+ type: string
+ certificate_authorities:
+ items:
+ type: string
+ maxItems: 10
+ type: array
+ key:
+ type: string
+ verification_mode:
+ enum:
+ - full
+ - none
+ - certificate
+ - strict
+ type: string
+ sync_integrations:
+ type: boolean
+ sync_uninstalled_integrations:
+ type: boolean
+ type:
+ enum:
+ - remote_elasticsearch
+ type: string
+ write_to_logs_streams:
+ nullable: true
+ type: boolean
+ required:
+ - name
+ - type
+ - hosts
+ title: output_remote_elasticsearch
+ type: object
Kibana_HTTP_APIs_QueryStreamUpsertRequest:
additionalProperties: false
type: object
diff --git a/packages/kbn-api-contracts/allowlist.json b/packages/kbn-api-contracts/allowlist.json
index f862051b9e397..e803018b574e4 100644
--- a/packages/kbn-api-contracts/allowlist.json
+++ b/packages/kbn-api-contracts/allowlist.json
@@ -1,5 +1,13 @@
{
"$schema": "./allowlist.schema.json",
"description": "Approved API breaking changes that should be ignored by the contract checker",
- "entries": []
+ "entries": [
+ {
+ "path": "/api/fleet/outputs",
+ "method": "post",
+ "reason": "POST request body uses NewOutputSchema with meta IDs, changing inline anyOf members to $ref components. Data shape is identical. Approved: https://github.com/elastic/kibana/pull/258986#discussion_r2978192160",
+ "approvedBy": "@elastic/terraform-provider",
+ "prUrl": "https://github.com/elastic/kibana/pull/258986"
+ }
+ ]
}
diff --git a/src/platform/packages/private/kbn-ui-shared-deps-npm/version_dependencies.txt b/src/platform/packages/private/kbn-ui-shared-deps-npm/version_dependencies.txt
index ed0a120953f13..5c446cc8dc7a8 100644
--- a/src/platform/packages/private/kbn-ui-shared-deps-npm/version_dependencies.txt
+++ b/src/platform/packages/private/kbn-ui-shared-deps-npm/version_dependencies.txt
@@ -21,21 +21,20 @@
@elastic/eui@113.3.0
@elastic/numeral@2.5.1
@elastic/prismjs-esql@1.1.2
-@emotion/babel-plugin@11.11.0
-@emotion/cache@11.11.0
-@emotion/hash@0.9.1
+@emotion/babel-plugin@11.13.5
+@emotion/cache@11.14.0
+@emotion/hash@0.9.2
@emotion/is-prop-valid@1.4.0
-@emotion/memoize@0.8.1
@emotion/memoize@0.9.0
-@emotion/react@11.11.1
-@emotion/serialize@1.1.2
+@emotion/react@11.14.0
+@emotion/serialize@1.3.3
@emotion/sheet@1.4.1
@emotion/stylis@0.8.5
+@emotion/unitless@0.10.0
@emotion/unitless@0.7.5
-@emotion/unitless@0.8.1
-@emotion/use-insertion-effect-with-fallbacks@1.0.1
-@emotion/utils@1.2.1
-@emotion/weak-memoize@0.3.1
+@emotion/use-insertion-effect-with-fallbacks@1.2.0
+@emotion/utils@1.4.2
+@emotion/weak-memoize@0.4.0
@hello-pangea/dnd@18.0.1
@jridgewell/gen-mapping@0.3.5
@jridgewell/resolve-uri@3.1.2
diff --git a/x-pack/platform/plugins/shared/fleet/server/types/models/output.ts b/x-pack/platform/plugins/shared/fleet/server/types/models/output.ts
index 20ad16e8149ed..476f6d3ddd583 100644
--- a/x-pack/platform/plugins/shared/fleet/server/types/models/output.ts
+++ b/x-pack/platform/plugins/shared/fleet/server/types/models/output.ts
@@ -336,10 +336,23 @@ const KafkaUpdateSchema = {
};
export const OutputSchema = schema.oneOf([
- schema.object({ ...ElasticSearchSchema }),
- schema.object({ ...RemoteElasticSearchSchema }),
- schema.object({ ...LogstashSchema }),
- schema.object({ ...KafkaSchema }),
+ schema.object({ ...ElasticSearchSchema }, { meta: { id: 'output_elasticsearch' } }),
+ schema.object({ ...RemoteElasticSearchSchema }, { meta: { id: 'output_remote_elasticsearch' } }),
+ schema.object({ ...LogstashSchema }, { meta: { id: 'output_logstash' } }),
+ schema.object({ ...KafkaSchema }, { meta: { id: 'output_kafka' } }),
+]);
+
+// Separate schema for create operations: uses distinct meta IDs so OAS codegen
+// emits named $ref components instead of inline anyOf members, which the
+// Terraform provider requires to distinguish create vs read types.
+export const NewOutputSchema = schema.oneOf([
+ schema.object({ ...ElasticSearchSchema }, { meta: { id: 'new_output_elasticsearch' } }),
+ schema.object(
+ { ...RemoteElasticSearchSchema },
+ { meta: { id: 'new_output_remote_elasticsearch' } }
+ ),
+ schema.object({ ...LogstashSchema }, { meta: { id: 'new_output_logstash' } }),
+ schema.object({ ...KafkaSchema }, { meta: { id: 'new_output_kafka' } }),
]);
export const OutputResponseSchema = schema.object({
diff --git a/x-pack/platform/plugins/shared/fleet/server/types/rest_spec/output.ts b/x-pack/platform/plugins/shared/fleet/server/types/rest_spec/output.ts
index e6e2832b102a4..54c7763978d67 100644
--- a/x-pack/platform/plugins/shared/fleet/server/types/rest_spec/output.ts
+++ b/x-pack/platform/plugins/shared/fleet/server/types/rest_spec/output.ts
@@ -7,7 +7,7 @@
import { schema } from '@kbn/config-schema';
-import { OutputSchema, UpdateOutputSchema } from '../models';
+import { NewOutputSchema, OutputSchema, UpdateOutputSchema } from '../models';
import { ListResponseSchema } from '../../routes/schema/utils';
export const GetOneOutputRequestSchema = {
@@ -39,7 +39,7 @@ export const GetOutputsResponseSchema = ListResponseSchema(
);
export const PostOutputRequestSchema = {
- body: OutputSchema,
+ body: NewOutputSchema,
};
export const PutOutputRequestSchema = {