diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 55c6641976a00..62c9af18ca9ca 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -62611,6 +62611,93 @@ paths: required: true schema: type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamUpsertRequest' + responses: {} + summary: Create or update a stream + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana, Elastic Cloud Serverless + name: product_name + /api/streams/{name}/_fork: + post: + description: |- + **Spaces method and path for this operation:** + +
post /s/{space_id}/api/streams/{name}/_fork
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Forks a wired stream and creates a child stream

[Required authorization] Route required privileges: manage_stream. + operationId: post-streams-name-fork + parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + additionalProperties: false + type: object + properties: + status: + enum: + - enabled + - disabled + type: string + stream: + additionalProperties: false + type: object + properties: + name: + type: string + required: + - name + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + required: + - stream + - where + responses: {} + summary: Fork a stream + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana, Elastic Cloud Serverless + name: product_name + /api/streams/{name}/_ingest: + get: + description: |- + **Spaces method and path for this operation:** + +
get /s/{space_id}/api/streams/{name}/_ingest
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Fetches the ingest settings of an ingest stream definition

[Required authorization] Route required privileges: read_stream. + operationId: get-streams-name-ingest + parameters: + - in: path + name: name + required: true + schema: + type: string requestBody: content: application/json: @@ -62618,710 +62705,250 @@ paths: anyOf: - additionalProperties: false type: object - properties: - dashboards: - items: - type: string - type: array - queries: - items: - type: object - properties: - description: - type: string - esql: - type: object - properties: - query: - type: string - required: - - query - evidence: - items: - type: string - type: array - id: - description: A non-empty string. - minLength: 1 - type: string - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string - required: - - id - - title - - description - - esql - type: array - rules: - items: - type: string - type: array - stream: - additionalProperties: false + properties: {} + - nullable: true + - {} + responses: {} + summary: Get ingest stream settings + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana, Elastic Cloud Serverless + name: product_name + put: + description: |- + **Spaces method and path for this operation:** + +
put /s/{space_id}/api/streams/{name}/_ingest
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Upserts the ingest settings of an ingest stream definition

[Required authorization] Route required privileges: manage_stream. + operationId: put-streams-name-ingest + parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + additionalProperties: false + type: object + properties: + ingest: + anyOf: + - additionalProperties: false type: object properties: - description: - type: string - ingest: + failure_store: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore' + lifecycle: + $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle' + processing: additionalProperties: false type: object properties: - failure_store: - anyOf: - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - - anyOf: - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - enabled: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - required: - - enabled - required: - - lifecycle - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - required: - - lifecycle - lifecycle: - anyOf: - - additionalProperties: false - type: object - properties: - dsl: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - downsample: - items: - type: object - properties: - after: - description: A non-empty string. - minLength: 1 - type: string - fixed_interval: - description: A non-empty string. - minLength: 1 - type: string - required: - - after - - fixed_interval - type: array - required: - - dsl - - additionalProperties: false - type: object - properties: - ilm: - additionalProperties: false - type: object - properties: - policy: - description: A non-empty string. - minLength: 1 - type: string - required: - - policy - required: - - ilm - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - processing: + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + updated_at: {} + required: + - steps + settings: + additionalProperties: false + type: object + properties: + index.number_of_replicas: additionalProperties: false type: object properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema0' - type: array - updated_at: {} + value: + type: number required: - - steps - settings: + - value + index.number_of_shards: additionalProperties: false type: object properties: - index.number_of_replicas: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.number_of_shards: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.refresh_interval: - additionalProperties: false - type: object - properties: - value: - anyOf: - - type: string - - enum: - - -1 - type: number - required: - - value - wired: + value: + type: number + required: + - value + index.refresh_interval: additionalProperties: false type: object properties: - fields: - additionalProperties: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema2' - - anyOf: - - type: object - properties: - description: - type: string - format: - description: A non-empty string. - minLength: 1 - type: string - type: - enum: - - keyword - - match_only_text - - long - - double - - date - - boolean - - ip - - geo_point - - integer - - short - - byte - - float - - half_float - - text - - wildcard - - version - - unsigned_long - - date_nanos - type: string - required: - - type - - type: object - properties: - description: - type: string - format: - not: {} - type: - not: {} - required: - - description - - type: object - properties: - description: - type: string - type: - enum: - - system - type: string - required: - - type - type: object - routing: - items: - type: object - properties: - destination: - description: A non-empty string. - minLength: 1 - type: string - status: - enum: - - enabled - - disabled - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - required: - - destination - - where - type: array + value: + anyOf: + - type: string + - enum: + - -1 + type: number required: - - fields - - routing + - value + wired: + additionalProperties: false + type: object + properties: + fields: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinition' + routing: + items: + type: object + properties: + destination: + description: A non-empty string. + minLength: 1 + type: string + status: + enum: + - enabled + - disabled + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + required: + - destination + - where + type: array required: - - lifecycle - - processing - - settings - - failure_store - - wired - query_streams: - items: - type: object - properties: - name: - type: string - required: - - name - type: array - type: - enum: - - wired - type: string + - fields + - routing required: - - description - - ingest - - type - required: - - dashboards - - rules - - queries - - stream - - additionalProperties: false - type: object - properties: - dashboards: - items: - type: string - type: array - queries: - items: - type: object - properties: - description: - type: string - esql: - type: object - properties: - query: - type: string - required: - - query - evidence: - items: - type: string - type: array - id: - description: A non-empty string. - minLength: 1 - type: string - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string - required: - - id - - title - - description - - esql - type: array - rules: - items: - type: string - type: array - stream: - additionalProperties: false + - lifecycle + - processing + - settings + - failure_store + - wired + - additionalProperties: false type: object properties: - description: - type: string - ingest: + classic: + additionalProperties: false + type: object + properties: + field_overrides: + $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinition' + failure_store: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore' + lifecycle: + $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle' + processing: + additionalProperties: false + type: object + properties: + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + updated_at: {} + required: + - steps + settings: additionalProperties: false type: object properties: - classic: + index.number_of_replicas: additionalProperties: false type: object properties: - field_overrides: - additionalProperties: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema2' - - anyOf: - - type: object - properties: - description: - type: string - format: - description: A non-empty string. - minLength: 1 - type: string - type: - enum: - - keyword - - match_only_text - - long - - double - - date - - boolean - - ip - - geo_point - - integer - - short - - byte - - float - - half_float - - text - - wildcard - - version - - unsigned_long - - date_nanos - type: string - required: - - type - - type: object - properties: - description: - type: string - type: - enum: - - system - type: string - required: - - type - type: object - failure_store: - anyOf: - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - - anyOf: - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - enabled: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - required: - - enabled - required: - - lifecycle - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - required: - - lifecycle - lifecycle: - anyOf: - - additionalProperties: false - type: object - properties: - dsl: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - downsample: - items: - type: object - properties: - after: - description: A non-empty string. - minLength: 1 - type: string - fixed_interval: - description: A non-empty string. - minLength: 1 - type: string - required: - - after - - fixed_interval - type: array - required: - - dsl - - additionalProperties: false - type: object - properties: - ilm: - additionalProperties: false - type: object - properties: - policy: - description: A non-empty string. - minLength: 1 - type: string - required: - - policy - required: - - ilm - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - processing: + value: + type: number + required: + - value + index.number_of_shards: additionalProperties: false type: object properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema0' - type: array - updated_at: {} + value: + type: number required: - - steps - settings: + - value + index.refresh_interval: additionalProperties: false type: object properties: - index.number_of_replicas: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.number_of_shards: - additionalProperties: false - type: object - properties: - value: + value: + anyOf: + - type: string + - enum: + - -1 type: number - required: - - value - index.refresh_interval: - additionalProperties: false - type: object - properties: - value: - anyOf: - - type: string - - enum: - - -1 - type: number - required: - - value - required: - - lifecycle - - processing - - settings - - failure_store - - classic - query_streams: - items: - type: object - properties: - name: - type: string - required: - - name - type: array - type: - enum: - - classic - type: string + required: + - value required: - - description - - ingest - - type - required: - - dashboards - - rules - - queries - - stream + - lifecycle + - processing + - settings + - failure_store + - classic + required: + - ingest + responses: {} + summary: Update ingest stream settings + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana, Elastic Cloud Serverless + name: product_name + /api/streams/{name}/_query: + get: + description: |- + **Spaces method and path for this operation:** + +
get /s/{space_id}/api/streams/{name}/_query
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Fetches the query settings of a query stream definition

[Required authorization] Route required privileges: read_stream. + operationId: get-streams-name-query + parameters: + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + anyOf: - additionalProperties: false type: object - properties: - dashboards: - items: - type: string - type: array - queries: - items: - type: object - properties: - description: - type: string - esql: - type: object - properties: - query: - type: string - required: - - query - evidence: - items: - type: string - type: array - id: - description: A non-empty string. - minLength: 1 - type: string - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string - required: - - id - - title - - description - - esql - type: array - rules: - items: - type: string - type: array - stream: - additionalProperties: false - type: object - properties: - description: - type: string - query: - additionalProperties: false - type: object - properties: - esql: - type: string - view: - type: string - required: - - view - - esql - query_streams: - items: - type: object - properties: - name: - type: string - required: - - name - type: array - type: - enum: - - query - type: string - required: - - description - - type - - query - required: - - dashboards - - rules - - queries - - stream + properties: {} + - nullable: true + - {} responses: {} - summary: Create or update a stream + summary: Get query stream settings tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana, Elastic Cloud Serverless name: product_name - /api/streams/{name}/_fork: - post: + put: description: |- **Spaces method and path for this operation:** -
post /s/{space_id}/api/streams/{name}/_fork
+
put /s/{space_id}/api/streams/{name}/_query
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Forks a wired stream and creates a child stream

[Required authorization] Route required privileges: manage_stream. - operationId: post-streams-name-fork + Upserts the query settings of a query stream definition

[Required authorization] Route required privileges: manage_stream. + operationId: put-streams-name-query parameters: - description: A required header to protect against CSRF attacks in: header @@ -63342,44 +62969,43 @@ paths: additionalProperties: false type: object properties: - status: - enum: - - enabled - - disabled - type: string - stream: + query: additionalProperties: false type: object properties: - name: + esql: type: string required: - - name - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_1___schema0' + - esql required: - - stream - - where + - query responses: {} - summary: Fork a stream + summary: Upsert query stream settings tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana, Elastic Cloud Serverless name: product_name - /api/streams/{name}/_ingest: - get: + /api/streams/{name}/content/export: + post: description: |- **Spaces method and path for this operation:** -
get /s/{space_id}/api/streams/{name}/_ingest
+
post /s/{space_id}/api/streams/{name}/content/export
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Fetches the ingest settings of an ingest stream definition

[Required authorization] Route required privileges: read_stream. - operationId: get-streams-name-ingest + Exports the content associated to a stream.

[Required authorization] Route required privileges: manage_stream. + operationId: post-streams-name-content-export parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string - in: path name: name required: true @@ -63389,30 +63015,40 @@ paths: content: application/json: schema: - anyOf: - - additionalProperties: false - type: object - properties: {} - - nullable: true - - {} + additionalProperties: false + type: object + properties: + description: + type: string + include: + $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0' + name: + type: string + version: + type: string + required: + - name + - description + - version + - include responses: {} - summary: Get ingest stream settings + summary: Export stream content tags: - streams - x-state: Technical Preview x-metaTags: - content: Kibana, Elastic Cloud Serverless name: product_name - put: + /api/streams/{name}/content/import: + post: description: |- **Spaces method and path for this operation:** -
put /s/{space_id}/api/streams/{name}/_ingest
+
post /s/{space_id}/api/streams/{name}/content/import
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Upserts the ingest settings of an ingest stream definition

[Required authorization] Route required privileges: manage_stream. - operationId: put-streams-name-ingest + Links content objects to a stream.

[Required authorization] Route required privileges: manage_stream. + operationId: post-streams-name-content-import parameters: - description: A required header to protect against CSRF attacks in: header @@ -63428,498 +63064,179 @@ paths: type: string requestBody: content: - application/json: + multipart/form-data: schema: additionalProperties: false type: object properties: - ingest: - anyOf: - - additionalProperties: false - type: object - properties: - failure_store: - anyOf: - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - - anyOf: - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - enabled: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - required: - - enabled - required: - - lifecycle - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - required: - - lifecycle - lifecycle: - anyOf: - - additionalProperties: false - type: object - properties: - dsl: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - downsample: - items: - type: object - properties: - after: - description: A non-empty string. - minLength: 1 - type: string - fixed_interval: - description: A non-empty string. - minLength: 1 - type: string - required: - - after - - fixed_interval - type: array - required: - - dsl - - additionalProperties: false - type: object - properties: - ilm: - additionalProperties: false - type: object - properties: - policy: - description: A non-empty string. - minLength: 1 - type: string - required: - - policy - required: - - ilm - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - processing: - additionalProperties: false - type: object - properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema0' - type: array - updated_at: {} - required: - - steps - settings: - additionalProperties: false - type: object - properties: - index.number_of_replicas: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.number_of_shards: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.refresh_interval: - additionalProperties: false - type: object - properties: - value: - anyOf: - - type: string - - enum: - - -1 - type: number - required: - - value - wired: - additionalProperties: false - type: object - properties: - fields: - additionalProperties: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema2' - - anyOf: - - type: object - properties: - description: - type: string - format: - description: A non-empty string. - minLength: 1 - type: string - type: - enum: - - keyword - - match_only_text - - long - - double - - date - - boolean - - ip - - geo_point - - integer - - short - - byte - - float - - half_float - - text - - wildcard - - version - - unsigned_long - - date_nanos - type: string - required: - - type - - type: object - properties: - description: - type: string - format: - not: {} - type: - not: {} - required: - - description - - type: object - properties: - description: - type: string - type: - enum: - - system - type: string - required: - - type - type: object - routing: - items: + content: {} + include: + type: string + required: + - include + - content + responses: {} + summary: Import content into a stream + tags: + - streams + x-metaTags: + - content: Kibana, Elastic Cloud Serverless + name: product_name + /api/streams/{name}/queries: + get: + description: |- + **Spaces method and path for this operation:** + +
get /s/{space_id}/api/streams/{name}/queries
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Fetches all queries linked to a stream that are visible to the current user in the current space.

[Required authorization] Route required privileges: read_stream. + operationId: get-streams-name-queries + parameters: + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + anyOf: + - additionalProperties: false + type: object + properties: {} + - nullable: true + - {} + responses: {} + summary: Get stream queries + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana, Elastic Cloud Serverless + name: product_name + /api/streams/{name}/queries/_bulk: + post: + description: |- + **Spaces method and path for this operation:** + +
post /s/{space_id}/api/streams/{name}/queries/_bulk
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Bulk update queries of a stream. Can add new queries and delete existing ones.

[Required authorization] Route required privileges: manage_stream. + operationId: post-streams-name-queries-bulk + parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + additionalProperties: false + type: object + properties: + operations: + items: + anyOf: + - type: object + properties: + index: + type: object + properties: + description: + type: string + esql: type: object properties: - destination: - description: A non-empty string. - minLength: 1 - type: string - status: - enum: - - enabled - - disabled + query: type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' required: - - destination - - where - type: array - required: - - fields - - routing - required: - - lifecycle - - processing - - settings - - failure_store - - wired - - additionalProperties: false - type: object - properties: - classic: - additionalProperties: false - type: object - properties: - field_overrides: - additionalProperties: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema2' - - anyOf: - - type: object - properties: - description: - type: string - format: - description: A non-empty string. - minLength: 1 - type: string - type: - enum: - - keyword - - match_only_text - - long - - double - - date - - boolean - - ip - - geo_point - - integer - - short - - byte - - float - - half_float - - text - - wildcard - - version - - unsigned_long - - date_nanos - type: string - required: - - type - - type: object - properties: - description: - type: string - type: - enum: - - system - type: string - required: - - type - type: object - failure_store: - anyOf: - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - - anyOf: - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - enabled: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - required: - - enabled - required: - - lifecycle - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - required: - - lifecycle - lifecycle: - anyOf: - - additionalProperties: false - type: object - properties: - dsl: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - downsample: - items: - type: object - properties: - after: - description: A non-empty string. - minLength: 1 - type: string - fixed_interval: - description: A non-empty string. - minLength: 1 - type: string - required: - - after - - fixed_interval - type: array - required: - - dsl - - additionalProperties: false - type: object - properties: - ilm: - additionalProperties: false - type: object - properties: - policy: - description: A non-empty string. - minLength: 1 - type: string - required: - - policy - required: - - ilm - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - processing: - additionalProperties: false - type: object - properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema0' - type: array - updated_at: {} - required: - - steps - settings: - additionalProperties: false - type: object - properties: - index.number_of_replicas: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.number_of_shards: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.refresh_interval: - additionalProperties: false - type: object - properties: - value: - anyOf: - - type: string - - enum: - - -1 - type: number - required: - - value - required: - - lifecycle - - processing - - settings - - failure_store - - classic + - query + evidence: + items: + type: string + type: array + id: + description: A non-empty string. + minLength: 1 + type: string + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string + required: + - id + - title + - description + - esql + required: + - index + - type: object + properties: + delete: + type: object + properties: + id: + type: string + required: + - id + required: + - delete + type: array required: - - ingest + - operations responses: {} - summary: Update ingest stream settings + summary: Bulk update queries tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana, Elastic Cloud Serverless name: product_name - /api/streams/{name}/_query: - get: + /api/streams/{name}/queries/{queryId}: + delete: description: |- **Spaces method and path for this operation:** -
get /s/{space_id}/api/streams/{name}/_query
+
delete /s/{space_id}/api/streams/{name}/queries/{queryId}
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Fetches the query settings of a query stream definition

[Required authorization] Route required privileges: read_stream. - operationId: get-streams-name-query + Remove a query from a stream. Noop if the query is not found on the stream.

[Required authorization] Route required privileges: manage_stream. + operationId: delete-streams-name-queries-queryid parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string - in: path name: name required: true schema: type: string + - in: path + name: queryId + required: true + schema: + type: string requestBody: content: application/json: @@ -63931,7 +63248,7 @@ paths: - nullable: true - {} responses: {} - summary: Get query stream settings + summary: Remove a query from a stream tags: - streams x-state: Technical Preview @@ -63942,12 +63259,12 @@ paths: description: |- **Spaces method and path for this operation:** -
put /s/{space_id}/api/streams/{name}/_query
+
put /s/{space_id}/api/streams/{name}/queries/{queryId}
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Upserts the query settings of a query stream definition

[Required authorization] Route required privileges: manage_stream. - operationId: put-streams-name-query + Adds a query to a stream. Noop if the query is already present on the stream.

[Required authorization] Route required privileges: manage_stream. + operationId: put-streams-name-queries-queryid parameters: - description: A required header to protect against CSRF attacks in: header @@ -63961,6 +63278,11 @@ paths: required: true schema: type: string + - in: path + name: queryId + required: true + schema: + type: string requestBody: content: application/json: @@ -63968,134 +63290,74 @@ paths: additionalProperties: false type: object properties: - query: + description: + default: '' + type: string + esql: additionalProperties: false type: object properties: - esql: + query: type: string required: - - esql + - query + evidence: + items: + type: string + type: array + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string required: - - query + - title + - esql responses: {} - summary: Upsert query stream settings + summary: Upsert a query to a stream tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana, Elastic Cloud Serverless name: product_name - /api/streams/{name}/content/export: - post: + /api/streams/{name}/significant_events: + get: description: |- **Spaces method and path for this operation:** -
post /s/{space_id}/api/streams/{name}/content/export
+
get /s/{space_id}/api/streams/{name}/significant_events
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Exports the content associated to a stream.

[Required authorization] Route required privileges: manage_stream. - operationId: post-streams-name-content-export + Read the significant events

[Required authorization] Route required privileges: read_stream. + operationId: get-streams-name-significant-events parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf + - in: path + name: name required: true schema: - example: 'true' type: string - - in: path - name: name + - in: query + name: from required: true schema: type: string - requestBody: - content: - application/json: - schema: - additionalProperties: false - type: object - properties: - description: - type: string - include: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0' - name: - type: string - version: - type: string - required: - - name - - description - - version - - include - responses: {} - summary: Export stream content - tags: - - streams - x-metaTags: - - content: Kibana, Elastic Cloud Serverless - name: product_name - /api/streams/{name}/content/import: - post: - description: |- - **Spaces method and path for this operation:** - -
post /s/{space_id}/api/streams/{name}/content/import
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Links content objects to a stream.

[Required authorization] Route required privileges: manage_stream. - operationId: post-streams-name-content-import - parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf + - in: query + name: to required: true schema: - example: 'true' type: string - - in: path - name: name + - in: query + name: bucketSize required: true schema: type: string - requestBody: - content: - multipart/form-data: - schema: - additionalProperties: false - type: object - properties: - content: {} - include: - type: string - required: - - include - - content - responses: {} - summary: Import content into a stream - tags: - - streams - x-metaTags: - - content: Kibana, Elastic Cloud Serverless - name: product_name - /api/streams/{name}/queries: - get: - description: |- - **Spaces method and path for this operation:** - -
get /s/{space_id}/api/streams/{name}/queries
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Fetches all queries linked to a stream that are visible to the current user in the current space.

[Required authorization] Route required privileges: read_stream. - operationId: get-streams-name-queries - parameters: - - in: path - name: name - required: true + - description: Query string to filter significant events on metadata fields + in: query + name: query + required: false schema: type: string requestBody: @@ -64109,24 +63371,24 @@ paths: - nullable: true - {} responses: {} - summary: Get stream queries + summary: Read the significant events tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana, Elastic Cloud Serverless name: product_name - /api/streams/{name}/queries/_bulk: + /api/streams/{name}/significant_events/_generate: post: description: |- **Spaces method and path for this operation:** -
post /s/{space_id}/api/streams/{name}/queries/_bulk
+
post /s/{space_id}/api/streams/{name}/significant_events/_generate
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Bulk update queries of a stream. Can add new queries and delete existing ones.

[Required authorization] Route required privileges: manage_stream. - operationId: post-streams-name-queries-bulk + Generate significant events queries based on the stream data

[Required authorization] Route required privileges: read_stream. + operationId: post-streams-name-significant-events-generate parameters: - description: A required header to protect against CSRF attacks in: header @@ -64140,102 +63402,28 @@ paths: required: true schema: type: string - requestBody: - content: - application/json: - schema: - additionalProperties: false - type: object - properties: - operations: - items: - anyOf: - - type: object - properties: - index: - type: object - properties: - description: - type: string - esql: - type: object - properties: - query: - type: string - required: - - query - evidence: - items: - type: string - type: array - id: - description: A non-empty string. - minLength: 1 - type: string - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string - required: - - id - - title - - description - - esql - required: - - index - - type: object - properties: - delete: - type: object - properties: - id: - type: string - required: - - id - required: - - delete - type: array - required: - - operations - responses: {} - summary: Bulk update queries - tags: - - streams - x-state: Technical Preview - x-metaTags: - - content: Kibana, Elastic Cloud Serverless - name: product_name - /api/streams/{name}/queries/{queryId}: - delete: - description: |- - **Spaces method and path for this operation:** - -
delete /s/{space_id}/api/streams/{name}/queries/{queryId}
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Remove a query from a stream. Noop if the query is not found on the stream.

[Required authorization] Route required privileges: manage_stream. - operationId: delete-streams-name-queries-queryid - parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true + - description: Optional connector ID. If not provided, the default AI connector from settings will be used. + in: query + name: connectorId + required: false schema: - example: 'true' type: string - - in: path - name: name + - in: query + name: from required: true schema: type: string - - in: path - name: queryId + - in: query + name: to required: true schema: type: string + - description: Number of sample documents to use for generation from the current data of stream + in: query + name: sampleDocsSize + required: false + schema: + type: number requestBody: content: application/json: @@ -64247,23 +63435,24 @@ paths: - nullable: true - {} responses: {} - summary: Remove a query from a stream + summary: Generate significant events tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana, Elastic Cloud Serverless name: product_name - put: + /api/streams/{name}/significant_events/_preview: + post: description: |- **Spaces method and path for this operation:** -
put /s/{space_id}/api/streams/{name}/queries/{queryId}
+
post /s/{space_id}/api/streams/{name}/significant_events/_preview
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Adds a query to a stream. Noop if the query is already present on the stream.

[Required authorization] Route required privileges: manage_stream. - operationId: put-streams-name-queries-queryid + Preview significant event results based on a given query

[Required authorization] Route required privileges: read_stream. + operationId: post-streams-name-significant-events-preview parameters: - description: A required header to protect against CSRF attacks in: header @@ -64277,8 +63466,18 @@ paths: required: true schema: type: string - - in: path - name: queryId + - in: query + name: from + required: true + schema: + type: string + - in: query + name: to + required: true + schema: + type: string + - in: query + name: bucketSize required: true schema: type: string @@ -64289,234 +63488,36 @@ paths: additionalProperties: false type: object properties: - description: - default: '' - type: string - esql: + query: additionalProperties: false type: object properties: - query: - type: string + esql: + additionalProperties: false + type: object + properties: + query: + type: string + required: + - query required: - - query - evidence: - items: - type: string - type: array - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string + - esql required: - - title - - esql + - query responses: {} - summary: Upsert a query to a stream + summary: Preview significant events tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana, Elastic Cloud Serverless name: product_name - /api/streams/{name}/significant_events: + /api/streams/{streamName}/attachments: get: description: |- **Spaces method and path for this operation:** -
get /s/{space_id}/api/streams/{name}/significant_events
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Read the significant events

[Required authorization] Route required privileges: read_stream. - operationId: get-streams-name-significant-events - parameters: - - in: path - name: name - required: true - schema: - type: string - - in: query - name: from - required: true - schema: - type: string - - in: query - name: to - required: true - schema: - type: string - - in: query - name: bucketSize - required: true - schema: - type: string - - description: Query string to filter significant events on metadata fields - in: query - name: query - required: false - schema: - type: string - requestBody: - content: - application/json: - schema: - anyOf: - - additionalProperties: false - type: object - properties: {} - - nullable: true - - {} - responses: {} - summary: Read the significant events - tags: - - streams - x-state: Technical Preview - x-metaTags: - - content: Kibana, Elastic Cloud Serverless - name: product_name - /api/streams/{name}/significant_events/_generate: - post: - description: |- - **Spaces method and path for this operation:** - -
post /s/{space_id}/api/streams/{name}/significant_events/_generate
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Generate significant events queries based on the stream data

[Required authorization] Route required privileges: read_stream. - operationId: post-streams-name-significant-events-generate - parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - type: string - - description: Optional connector ID. If not provided, the default AI connector from settings will be used. - in: query - name: connectorId - required: false - schema: - type: string - - in: query - name: from - required: true - schema: - type: string - - in: query - name: to - required: true - schema: - type: string - - description: Number of sample documents to use for generation from the current data of stream - in: query - name: sampleDocsSize - required: false - schema: - type: number - requestBody: - content: - application/json: - schema: - anyOf: - - additionalProperties: false - type: object - properties: {} - - nullable: true - - {} - responses: {} - summary: Generate significant events - tags: - - streams - x-state: Technical Preview - x-metaTags: - - content: Kibana, Elastic Cloud Serverless - name: product_name - /api/streams/{name}/significant_events/_preview: - post: - description: |- - **Spaces method and path for this operation:** - -
post /s/{space_id}/api/streams/{name}/significant_events/_preview
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Preview significant event results based on a given query

[Required authorization] Route required privileges: read_stream. - operationId: post-streams-name-significant-events-preview - parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - type: string - - in: query - name: from - required: true - schema: - type: string - - in: query - name: to - required: true - schema: - type: string - - in: query - name: bucketSize - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - additionalProperties: false - type: object - properties: - query: - additionalProperties: false - type: object - properties: - esql: - additionalProperties: false - type: object - properties: - query: - type: string - required: - - query - required: - - esql - required: - - query - responses: {} - summary: Preview significant events - tags: - - streams - x-state: Technical Preview - x-metaTags: - - content: Kibana, Elastic Cloud Serverless - name: product_name - /api/streams/{streamName}/attachments: - get: - description: |- - **Spaces method and path for this operation:** - -
get /s/{space_id}/api/streams/{streamName}/attachments
+
get /s/{space_id}/api/streams/{streamName}/attachments
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. @@ -69675,1265 +68676,1007 @@ components: additionalProperties: $ref: '#/components/schemas/Data_views_runtimefieldmap' type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - default: false - description: Reloads the data view fields after the data view is updated. - type: boolean - required: - - data_view - Kibana_HTTP_APIs__zod_v4_0___schema0: - anyOf: - - anyOf: - - additionalProperties: false - description: Grok processor - Extract fields from text using grok patterns - type: object - properties: - action: - enum: - - grok - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to parse with grok patterns - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - pattern_definitions: - additionalProperties: - type: string - type: object - patterns: - description: Grok patterns applied in order to extract fields - items: - description: A non-empty string. - minLength: 1 - type: string - minItems: 1 - type: array - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - patterns - - additionalProperties: false - description: Dissect processor - Extract fields from text using a lightweight, delimiter-based parser - type: object - properties: - action: - enum: - - dissect - type: string - append_separator: - description: Separator inserted when target fields are concatenated - minLength: 1 - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to parse with dissect pattern - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - pattern: - description: Dissect pattern describing field boundaries - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - pattern - - additionalProperties: false - description: Date processor - Parse dates from strings using one or more expected formats - type: object - properties: - action: - enum: - - date - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - formats: - description: Accepted input date formats, tried in order - items: - description: A non-empty string. - minLength: 1 - type: string - type: array - from: - description: Source field containing the date/time text - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - locale: - description: Optional locale for date parsing - minLength: 1 - type: string - output_format: - description: Optional output format for storing the parsed date as text - minLength: 1 - type: string - timezone: - description: Optional timezone for date parsing - minLength: 1 - type: string - to: - description: Target field for the parsed date (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - formats - - additionalProperties: false - type: object - properties: - action: - enum: - - drop_document - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - additionalProperties: false - type: object - properties: - action: - enum: - - math - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - expression: - description: A non-empty string. - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - expression - - to - - additionalProperties: false - description: Rename processor - Change a field name and optionally its location - type: object - properties: - action: - enum: - - rename - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Existing source field to rename or move - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip when source field is missing - type: boolean - override: - description: Allow overwriting the target field if it already exists - type: boolean - to: - description: New field name or destination path - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - to - - additionalProperties: false - description: Set processor - Assign a literal or copied value to a field (mutually exclusive inputs) - type: object - properties: - action: - enum: - - set - type: string - copy_from: - description: Copy value from another field instead of providing a literal - minLength: 1 - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - override: - description: Allow overwriting an existing target field - type: boolean - to: - description: Target field to set or create - minLength: 1 - type: string - value: - description: Literal value to assign to the target field - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - to - - additionalProperties: false - description: Append processor - Append one or more values to an existing or new array field - type: object - properties: - action: - enum: - - append - type: string - allow_duplicates: - description: If true, do not deduplicate appended values - type: boolean - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - to: - description: Array field to append values to - minLength: 1 - type: string - value: - description: Values to append (must be literal, no templates) - items: {} - minItems: 1 - type: array - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - to - - value - - additionalProperties: false - description: Remove by prefix processor - Remove a field and all nested fields matching the prefix - type: object - properties: - action: - enum: - - remove_by_prefix - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Field to remove along with all its nested fields - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - required: - - action - - from - - additionalProperties: false - description: Remove processor - Delete one or more fields from the document - type: object - properties: - action: - enum: - - remove - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Field to remove from the document - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false - type: object - properties: - action: - enum: - - replace - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - pattern: - minLength: 1 - type: string - replacement: - type: string - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - pattern - - replacement - - additionalProperties: false - description: Redact processor - Mask sensitive data using Grok patterns - type: object - properties: - action: - enum: - - redact - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to redact sensitive data from - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing (defaults to true) - type: boolean - pattern_definitions: - additionalProperties: - type: string - description: Custom pattern definitions to use in the patterns - type: object - patterns: - description: Grok patterns to match sensitive data (for example, "%{IP:client}", "%{EMAILADDRESS:email}") - items: - description: A non-empty string. - minLength: 1 - type: string - minItems: 1 - type: array - prefix: - description: Prefix to prepend to the redacted pattern name (defaults to "<") - type: string - suffix: - description: Suffix to append to the redacted pattern name (defaults to ">") - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - patterns - - additionalProperties: false - type: object - properties: - action: - enum: - - uppercase - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Kibana_HTTP_APIs__zod_v4_3___schema0: + anyOf: + - additionalProperties: false + type: object + properties: + objects: + additionalProperties: false type: object properties: - action: - enum: - - lowercase - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs + all: + additionalProperties: false + type: object + properties: {} required: - - action - - from - - additionalProperties: false + - all + required: + - objects + - additionalProperties: false + type: object + properties: + objects: + additionalProperties: false type: object properties: - action: - enum: - - trim - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: + mappings: type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false - type: object - properties: - action: - enum: - - join - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - delimiter: - type: string - description: - description: Human-readable notes about this processor step - type: string - from: + queries: items: - minLength: 1 - type: string - minItems: 1 + type: object + properties: + id: + type: string + required: + - id + type: array + routing: + items: + allOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0' + - type: object + properties: + destination: + type: string + required: + - destination type: array - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - delimiter - - to - - additionalProperties: false - description: Split processor - Split a field value into an array using a separator - type: object - properties: - action: - enum: - - split - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to split into an array - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - preserve_trailing: - description: Preserve empty trailing fields in the split result - type: boolean - separator: - description: Regex separator used to split the field value into an array - minLength: 1 - type: string - to: - description: Target field for the split array (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - separator - - additionalProperties: false - type: object - properties: - action: - enum: - - sort - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Array field to sort - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - order: - description: Sort order - "asc" (ascending) or "desc" (descending). Defaults to "asc" - enum: - - asc - - desc - type: string - to: - description: Target field for the sorted array (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs required: - - action - - from + - mappings + - queries + - routing + required: + - objects + Kibana_HTTP_APIs_ClassicFieldDefinition: + additionalProperties: + $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinitionConfig' + type: object + Kibana_HTTP_APIs_ClassicFieldDefinitionConfig: + allOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord' + - anyOf: - additionalProperties: false - description: Convert processor - Change the data type of a field value (integer, long, double, boolean, or string) type: object properties: - action: - enum: - - convert - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to convert to a different data type - minLength: 1 type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - to: - description: Target field for the converted value (defaults to source) + format: + description: A non-empty string. minLength: 1 type: string type: - description: 'Target data type: integer, long, double, boolean, or string' enum: - - integer + - keyword + - match_only_text - long - double + - date - boolean - - string + - ip + - geo_point + - integer + - short + - byte + - float + - half_float + - text + - wildcard + - version + - unsigned_long + - date_nanos type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs required: - - action - - from - - type - - additionalProperties: false + - type + - additionalProperties: false + type: object + properties: + description: + type: string + type: + enum: + - system + type: string + required: + - type + Kibana_HTTP_APIs_ClassicStreamUpsertRequest: + additionalProperties: false + type: object + properties: + dashboards: + items: + type: string + type: array + queries: + items: + type: object + properties: + description: + type: string + esql: + type: object + properties: + query: + type: string + required: + - query + evidence: + items: + type: string + type: array + id: + description: A non-empty string. + minLength: 1 + type: string + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string + required: + - id + - title + - description + - esql + type: array + rules: + items: + type: string + type: array + stream: + additionalProperties: false + type: object + properties: + description: + type: string + ingest: + additionalProperties: false + type: object + properties: + classic: + additionalProperties: false + type: object + properties: + field_overrides: + $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinition' + failure_store: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore' + lifecycle: + $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle' + processing: + additionalProperties: false + type: object + properties: + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + updated_at: {} + required: + - steps + settings: + additionalProperties: false + type: object + properties: + index.number_of_replicas: + additionalProperties: false + type: object + properties: + value: + type: number + required: + - value + index.number_of_shards: + additionalProperties: false + type: object + properties: + value: + type: number + required: + - value + index.refresh_interval: + additionalProperties: false + type: object + properties: + value: + anyOf: + - type: string + - enum: + - -1 + type: number + required: + - value + required: + - lifecycle + - processing + - settings + - failure_store + - classic + query_streams: + items: + type: object + properties: + name: + type: string + required: + - name + type: array + type: + enum: + - classic + type: string + required: + - description + - ingest + - type + required: + - dashboards + - rules + - queries + - stream + Kibana_HTTP_APIs_Condition: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_FilterCondition' + - additionalProperties: false + description: A logical AND that groups multiple conditions. + type: object + properties: + and: + description: An array of conditions. All sub-conditions must be true for this condition to be true. + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + type: array + required: + - and + - additionalProperties: false + description: A logical OR that groups multiple conditions. + type: object + properties: + or: + description: An array of conditions. At least one sub-condition must be true for this condition to be true. + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + type: array + required: + - or + - additionalProperties: false + description: A logical NOT that negates a condition. + type: object + properties: + not: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: A condition that negates another condition. + required: + - not + - additionalProperties: false + description: A condition that always evaluates to false. + type: object + properties: + never: + additionalProperties: false + description: An empty object. This condition never matches. + type: object + properties: {} + required: + - never + - additionalProperties: false + description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered. + type: object + properties: + always: + additionalProperties: false + description: An empty object. This condition always matches. + type: object + properties: {} + required: + - always + description: The root condition object. It can be a simple filter or a combination of other conditions. + Kibana_HTTP_APIs_ConditionWithSteps: + allOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + - additionalProperties: false + type: object + properties: + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + required: + - steps + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + title: core_status_redactedResponse + type: object + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request. + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. + type: string + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. type: object properties: - action: - enum: - - concat - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - items: - anyOf: - - type: object - properties: - type: - enum: - - field - type: string - value: - minLength: 1 - type: string - required: - - type - - value - - type: object - properties: - type: - enum: - - literal - type: string - value: - type: string - required: - - type - - value - minItems: 1 - type: array - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - to - - allOf: - - additionalProperties: false + elasticsearch: + additionalProperties: false type: object properties: - action: - enum: - - network_direction - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step + detail: + description: Human readable detail of the service status. type: string - destination_ip: - minLength: 1 + documentationUrl: + description: A URL to further documentation regarding this service. type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - source_ip: - minLength: 1 + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical type: string - target_field: - minLength: 1 + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs required: - - action - - source_ip - - destination_ip - - anyOf: - - additionalProperties: false - type: object - properties: - internal_networks: - items: - type: string - type: array - required: - - internal_networks - - additionalProperties: false - type: object - properties: - internal_networks_field: - minLength: 1 - type: string - required: - - internal_networks_field - - additionalProperties: false - description: Manual ingest pipeline wrapper around native Elasticsearch processors - type: object - properties: - action: - description: Manual ingest pipeline - executes raw Elasticsearch ingest processors - enum: - - manual_ingest_pipeline - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - on_failure: - description: Fallback processors to run when a processor fails - items: - additionalProperties: {} - type: object - type: array - processors: - description: List of raw Elasticsearch ingest processors to run - items: - additionalProperties: {} - type: object - type: array - tag: - description: Optional ingest processor tag for Elasticsearch - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - processors - - additionalProperties: false - type: object - properties: - condition: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - - additionalProperties: false + - level + - summary + - meta + http: + additionalProperties: false type: object properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema0' - type: array - required: - - steps - customIdentifier: - type: string - required: - - condition - Kibana_HTTP_APIs__zod_v4_0___schema1: - anyOf: - - anyOf: - - additionalProperties: false - description: A condition that compares a field to a value or range using an operator as the key. - type: object - properties: - contains: - anyOf: - - type: string - - type: number - - type: boolean - description: Contains comparison value. - endsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Ends-with comparison value. - eq: - anyOf: - - type: string - - type: number - - type: boolean - description: Equality comparison value. - field: - description: The document field to filter on. - minLength: 1 - type: string - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: Greater-than comparison value. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: Greater-than-or-equal comparison value. - includes: - anyOf: - - type: string - - type: number - - type: boolean - description: Checks if multivalue field includes the value. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: Less-than comparison value. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: Less-than-or-equal comparison value. - neq: - anyOf: - - type: string - - type: number - - type: boolean - description: Inequality comparison value. - range: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: additionalProperties: false - description: Range comparison values. type: object properties: - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - startsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Starts-with comparison value. + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta required: - - field - - additionalProperties: false - description: A condition that checks for the existence or non-existence of a field. + - elasticsearch + - savedObjects + overall: + additionalProperties: false type: object properties: - exists: - description: Indicates whether the field exists or not. - type: boolean - field: - description: The document field to check. - minLength: 1 + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. type: string required: - - field - description: A basic filter condition, either unary or binary. + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. + type: string + build_flavor: + description: The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the "traditional" flavour, while other flavours are reserved for Elastic-specific use cases. + enum: + - serverless + - traditional + type: string + build_hash: + description: A unique hash value representing the git commit of this Kibana build. + type: string + build_number: + description: A monotonically increasing number, each subsequent build will have a higher number. + type: number + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. + type: string + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + title: core_status_response + type: object + Kibana_HTTP_APIs_FailureStore: + anyOf: - additionalProperties: false - description: A logical AND that groups multiple conditions. type: object properties: - and: - description: An array of conditions. All sub-conditions must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - type: array + inherit: + additionalProperties: false + type: object + properties: {} required: - - and + - inherit - additionalProperties: false - description: A logical OR that groups multiple conditions. type: object properties: - or: - description: An array of conditions. At least one sub-condition must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - type: array + disabled: + additionalProperties: false + type: object + properties: {} required: - - or + - disabled - additionalProperties: false - description: A logical NOT that negates a condition. type: object properties: - not: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: A condition that negates another condition. + lifecycle: + additionalProperties: false + type: object + properties: + enabled: + additionalProperties: false + type: object + properties: + data_retention: + description: A non-empty string. + minLength: 1 + type: string + required: + - enabled required: - - not + - lifecycle - additionalProperties: false - description: A condition that always evaluates to false. type: object properties: - never: + lifecycle: additionalProperties: false - description: An empty object. This condition never matches. type: object - properties: {} + properties: + disabled: + additionalProperties: false + type: object + properties: {} + required: + - disabled required: - - never + - lifecycle + Kibana_HTTP_APIs_FieldDefinition: + additionalProperties: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinitionConfig' + type: object + Kibana_HTTP_APIs_FieldDefinitionConfig: + allOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord' + - anyOf: + - additionalProperties: false + type: object + properties: + description: + type: string + format: + description: A non-empty string. + minLength: 1 + type: string + type: + enum: + - keyword + - match_only_text + - long + - double + - date + - boolean + - ip + - geo_point + - integer + - short + - byte + - float + - half_float + - text + - wildcard + - version + - unsigned_long + - date_nanos + type: string + required: + - type + - additionalProperties: false + type: object + properties: + description: + type: string + format: + not: {} + type: + not: {} + required: + - description + - additionalProperties: false + type: object + properties: + description: + type: string + type: + enum: + - system + type: string + required: + - type + Kibana_HTTP_APIs_FilterCondition: + anyOf: - additionalProperties: false - description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered. + description: A condition that compares a field to a value or range using an operator as the key. type: object properties: - always: - additionalProperties: false - description: An empty object. This condition always matches. - type: object - properties: {} - required: - - always - description: The root condition object. It can be a simple filter or a combination of other conditions. - Kibana_HTTP_APIs__zod_v4_0___schema2: - additionalProperties: - anyOf: - - anyOf: - - type: string - - type: number - - type: boolean - - nullable: true - - {} - - items: + contains: anyOf: - type: string - type: number - type: boolean - - nullable: true - - {} - type: array - - items: {} - type: array - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema2' - type: object - Kibana_HTTP_APIs__zod_v4_1___schema0: - anyOf: - - anyOf: - - additionalProperties: false - description: A condition that compares a field to a value or range using an operator as the key. + description: Contains comparison value. + endsWith: + anyOf: + - type: string + - type: number + - type: boolean + description: Ends-with comparison value. + eq: + anyOf: + - type: string + - type: number + - type: boolean + description: Equality comparison value. + field: + description: The document field to filter on. + minLength: 1 + type: string + gt: + anyOf: + - type: string + - type: number + - type: boolean + description: Greater-than comparison value. + gte: + anyOf: + - type: string + - type: number + - type: boolean + description: Greater-than-or-equal comparison value. + includes: + anyOf: + - type: string + - type: number + - type: boolean + description: Checks if multivalue field includes the value. + lt: + anyOf: + - type: string + - type: number + - type: boolean + description: Less-than comparison value. + lte: + anyOf: + - type: string + - type: number + - type: boolean + description: Less-than-or-equal comparison value. + neq: + anyOf: + - type: string + - type: number + - type: boolean + description: Inequality comparison value. + range: + additionalProperties: false + description: Range comparison values. type: object properties: - contains: - anyOf: - - type: string - - type: number - - type: boolean - description: Contains comparison value. - endsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Ends-with comparison value. - eq: - anyOf: - - type: string - - type: number - - type: boolean - description: Equality comparison value. - field: - description: The document field to filter on. - minLength: 1 - type: string gt: anyOf: - type: string - type: number - type: boolean - description: Greater-than comparison value. + description: A value that can be a string, number, or boolean. gte: anyOf: - type: string - type: number - type: boolean - description: Greater-than-or-equal comparison value. - includes: - anyOf: - - type: string - - type: number - - type: boolean - description: Checks if multivalue field includes the value. + description: A value that can be a string, number, or boolean. lt: anyOf: - type: string - type: number - type: boolean - description: Less-than comparison value. + description: A value that can be a string, number, or boolean. lte: anyOf: - type: string - type: number - type: boolean - description: Less-than-or-equal comparison value. - neq: - anyOf: - - type: string - - type: number - - type: boolean - description: Inequality comparison value. - range: - additionalProperties: false - description: Range comparison values. - type: object - properties: - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - startsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Starts-with comparison value. - required: - - field - - additionalProperties: false - description: A condition that checks for the existence or non-existence of a field. - type: object - properties: - exists: - description: Indicates whether the field exists or not. - type: boolean - field: - description: The document field to check. - minLength: 1 - type: string - required: - - field - description: A basic filter condition, either unary or binary. + description: A value that can be a string, number, or boolean. + startsWith: + anyOf: + - type: string + - type: number + - type: boolean + description: Starts-with comparison value. + required: + - field - additionalProperties: false - description: A logical AND that groups multiple conditions. + description: A condition that checks for the existence or non-existence of a field. type: object properties: - and: - description: An array of conditions. All sub-conditions must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_1___schema0' - type: array + exists: + description: Indicates whether the field exists or not. + type: boolean + field: + description: The document field to check. + minLength: 1 + type: string required: - - and + - field + description: A basic filter condition, either unary or binary. + Kibana_HTTP_APIs_IngestStreamLifecycle: + anyOf: - additionalProperties: false - description: A logical OR that groups multiple conditions. type: object properties: - or: - description: An array of conditions. At least one sub-condition must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_1___schema0' - type: array + dsl: + additionalProperties: false + type: object + properties: + data_retention: + description: A non-empty string. + minLength: 1 + type: string + downsample: + items: + type: object + properties: + after: + description: A non-empty string. + minLength: 1 + type: string + fixed_interval: + description: A non-empty string. + minLength: 1 + type: string + required: + - after + - fixed_interval + type: array required: - - or + - dsl - additionalProperties: false - description: A logical NOT that negates a condition. type: object properties: - not: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_1___schema0' - description: A condition that negates another condition. + ilm: + additionalProperties: false + type: object + properties: + policy: + description: A non-empty string. + minLength: 1 + type: string + required: + - policy required: - - not + - ilm - additionalProperties: false - description: A condition that always evaluates to false. type: object properties: - never: + inherit: additionalProperties: false - description: An empty object. This condition never matches. type: object properties: {} required: - - never - - additionalProperties: false - description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered. + - inherit + Kibana_HTTP_APIs_QueryStreamUpsertRequest: + additionalProperties: false + type: object + properties: + dashboards: + items: + type: string + type: array + queries: + items: + type: object + properties: + description: + type: string + esql: + type: object + properties: + query: + type: string + required: + - query + evidence: + items: + type: string + type: array + id: + description: A non-empty string. + minLength: 1 + type: string + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string + required: + - id + - title + - description + - esql + type: array + rules: + items: + type: string + type: array + stream: + additionalProperties: false type: object properties: - always: + description: + type: string + query: additionalProperties: false - description: An empty object. This condition always matches. type: object - properties: {} + properties: + esql: + type: string + view: + type: string + required: + - view + - esql + query_streams: + items: + type: object + properties: + name: + type: string + required: + - name + type: array + type: + enum: + - query + type: string required: - - always - description: The root condition object. It can be a simple filter or a combination of other conditions. - Kibana_HTTP_APIs__zod_v4_2___schema0: + - description + - type + - query + required: + - dashboards + - rules + - queries + - stream + Kibana_HTTP_APIs_RecursiveRecord: + additionalProperties: + anyOf: + - anyOf: + - type: string + - type: number + - type: boolean + - nullable: true + - {} + - items: + anyOf: + - type: string + - type: number + - type: boolean + - nullable: true + - {} + type: array + - items: {} + type: array + - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord' + type: object + Kibana_HTTP_APIs_StreamlangConditionBlock: + additionalProperties: false + type: object + properties: + condition: + $ref: '#/components/schemas/Kibana_HTTP_APIs_ConditionWithSteps' + customIdentifier: + type: string + required: + - condition + Kibana_HTTP_APIs_StreamlangStep: anyOf: - anyOf: - additionalProperties: false @@ -70974,7 +69717,7 @@ components: minItems: 1 type: array where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71014,7 +69757,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71066,7 +69809,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71090,7 +69833,7 @@ components: description: Continue pipeline execution if this processor fails type: boolean where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71121,7 +69864,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71160,7 +69903,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71198,7 +69941,7 @@ components: value: description: Literal value to assign to the target field where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71234,7 +69977,7 @@ components: minItems: 1 type: array where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71291,7 +70034,7 @@ components: description: Skip processing when source field is missing type: boolean where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71327,7 +70070,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71379,7 +70122,7 @@ components: description: Suffix to append to the redacted pattern name (defaults to ">") type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71411,7 +70154,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71442,7 +70185,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71473,7 +70216,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -71509,260 +70252,20 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action - from - delimiter - - to - - additionalProperties: false - description: Split processor - Split a field value into an array using a separator - type: object - properties: - action: - enum: - - split - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to split into an array - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - preserve_trailing: - description: Preserve empty trailing fields in the split result - type: boolean - separator: - description: Regex separator used to split the field value into an array - minLength: 1 - type: string - to: - description: Target field for the split array (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - separator - - additionalProperties: false - type: object - properties: - action: - enum: - - sort - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Array field to sort - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - order: - description: Sort order - "asc" (ascending) or "desc" (descending). Defaults to "asc" - enum: - - asc - - desc - type: string - to: - description: Target field for the sorted array (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false - description: Convert processor - Change the data type of a field value (integer, long, double, boolean, or string) - type: object - properties: - action: - enum: - - convert - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to convert to a different data type - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - to: - description: Target field for the converted value (defaults to source) - minLength: 1 - type: string - type: - description: 'Target data type: integer, long, double, boolean, or string' - enum: - - integer - - long - - double - - boolean - - string - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - type - - additionalProperties: false - type: object - properties: - action: - enum: - - concat - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - items: - anyOf: - - type: object - properties: - type: - enum: - - field - type: string - value: - minLength: 1 - type: string - required: - - type - - value - - type: object - properties: - type: - enum: - - literal - type: string - value: - type: string - required: - - type - - value - minItems: 1 - type: array - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - to - - allOf: - - additionalProperties: false - type: object - properties: - action: - enum: - - network_direction - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - destination_ip: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - source_ip: - minLength: 1 - type: string - target_field: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - source_ip - - destination_ip - - anyOf: - - additionalProperties: false - type: object - properties: - internal_networks: - items: - type: string - type: array - required: - - internal_networks - - additionalProperties: false - type: object - properties: - internal_networks_field: - minLength: 1 - type: string - required: - - internal_networks_field + - to - additionalProperties: false - description: Manual ingest pipeline wrapper around native Elasticsearch processors + description: Split processor - Split a field value into an array using a separator type: object properties: action: - description: Manual ingest pipeline - executes raw Elasticsearch ingest processors enum: - - manual_ingest_pipeline + - split type: string customIdentifier: description: Custom identifier to correlate this processor across outputs @@ -71771,567 +70274,434 @@ components: description: description: Human-readable notes about this processor step type: string + from: + description: Source field to split into an array + minLength: 1 + type: string ignore_failure: description: Continue pipeline execution if this processor fails type: boolean - on_failure: - description: Fallback processors to run when a processor fails - items: - additionalProperties: {} - type: object - type: array - processors: - description: List of raw Elasticsearch ingest processors to run - items: - additionalProperties: {} - type: object - type: array - tag: - description: Optional ingest processor tag for Elasticsearch + ignore_missing: + description: Skip processing when source field is missing + type: boolean + preserve_trailing: + description: Preserve empty trailing fields in the split result + type: boolean + separator: + description: Regex separator used to split the field value into an array + minLength: 1 + type: string + to: + description: Target field for the split array (defaults to source) + minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action - - processors - - additionalProperties: false - type: object - properties: - condition: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - - additionalProperties: false - type: object - properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema0' - type: array - required: - - steps - customIdentifier: - type: string - required: - - condition - Kibana_HTTP_APIs__zod_v4_2___schema1: - anyOf: - - anyOf: + - from + - separator - additionalProperties: false - description: A condition that compares a field to a value or range using an operator as the key. type: object properties: - contains: - anyOf: - - type: string - - type: number - - type: boolean - description: Contains comparison value. - endsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Ends-with comparison value. - eq: - anyOf: - - type: string - - type: number - - type: boolean - description: Equality comparison value. - field: - description: The document field to filter on. + action: + enum: + - sort + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs minLength: 1 type: string - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: Greater-than comparison value. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: Greater-than-or-equal comparison value. - includes: - anyOf: - - type: string - - type: number - - type: boolean - description: Checks if multivalue field includes the value. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: Less-than comparison value. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: Less-than-or-equal comparison value. - neq: - anyOf: - - type: string - - type: number - - type: boolean - description: Inequality comparison value. - range: - additionalProperties: false - description: Range comparison values. - type: object - properties: - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - startsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Starts-with comparison value. - required: - - field - - additionalProperties: false - description: A condition that checks for the existence or non-existence of a field. - type: object - properties: - exists: - description: Indicates whether the field exists or not. + description: + description: Human-readable notes about this processor step + type: string + from: + description: Array field to sort + minLength: 1 + type: string + ignore_failure: + description: Continue pipeline execution if this processor fails type: boolean - field: - description: The document field to check. + ignore_missing: + description: Skip processing when source field is missing + type: boolean + order: + description: Sort order - "asc" (ascending) or "desc" (descending). Defaults to "asc" + enum: + - asc + - desc + type: string + to: + description: Target field for the sorted array (defaults to source) minLength: 1 type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs required: - - field - description: A basic filter condition, either unary or binary. - - additionalProperties: false - description: A logical AND that groups multiple conditions. - type: object - properties: - and: - description: An array of conditions. All sub-conditions must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - type: array - required: - - and - - additionalProperties: false - description: A logical OR that groups multiple conditions. - type: object - properties: - or: - description: An array of conditions. At least one sub-condition must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - type: array - required: - - or - - additionalProperties: false - description: A logical NOT that negates a condition. - type: object - properties: - not: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: A condition that negates another condition. - required: - - not - - additionalProperties: false - description: A condition that always evaluates to false. - type: object - properties: - never: - additionalProperties: false - description: An empty object. This condition never matches. - type: object - properties: {} - required: - - never - - additionalProperties: false - description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered. - type: object - properties: - always: - additionalProperties: false - description: An empty object. This condition always matches. - type: object - properties: {} - required: - - always - description: The root condition object. It can be a simple filter or a combination of other conditions. - Kibana_HTTP_APIs__zod_v4_2___schema2: - additionalProperties: - anyOf: - - anyOf: - - type: string - - type: number - - type: boolean - - nullable: true - - {} - - items: - anyOf: - - type: string - - type: number - - type: boolean - - nullable: true - - {} - type: array - - items: {} - type: array - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema2' - type: object - Kibana_HTTP_APIs__zod_v4_3___schema0: - anyOf: - - additionalProperties: false - type: object - properties: - objects: - additionalProperties: false + - action + - from + - additionalProperties: false + description: Convert processor - Change the data type of a field value (integer, long, double, boolean, or string) type: object properties: - all: - additionalProperties: false - type: object - properties: {} + action: + enum: + - convert + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs + minLength: 1 + type: string + description: + description: Human-readable notes about this processor step + type: string + from: + description: Source field to convert to a different data type + minLength: 1 + type: string + ignore_failure: + description: Continue pipeline execution if this processor fails + type: boolean + ignore_missing: + description: Skip processing when source field is missing + type: boolean + to: + description: Target field for the converted value (defaults to source) + minLength: 1 + type: string + type: + description: 'Target data type: integer, long, double, boolean, or string' + enum: + - integer + - long + - double + - boolean + - string + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs required: - - all - required: - - objects - - additionalProperties: false - type: object - properties: - objects: - additionalProperties: false + - action + - from + - type + - additionalProperties: false type: object properties: - mappings: - type: boolean - queries: - items: - type: object - properties: - id: - type: string - required: - - id - type: array - routing: + action: + enum: + - concat + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs + minLength: 1 + type: string + description: + description: Human-readable notes about this processor step + type: string + from: items: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0' + anyOf: - type: object properties: - destination: + type: + enum: + - field + type: string + value: + minLength: 1 type: string required: - - destination + - type + - value + - type: object + properties: + type: + enum: + - literal + type: string + value: + type: string + required: + - type + - value + minItems: 1 type: array + ignore_failure: + description: Continue pipeline execution if this processor fails + type: boolean + ignore_missing: + type: boolean + to: + minLength: 1 + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs required: - - mappings - - queries - - routing - required: - - objects - Kibana_HTTP_APIs_core_status_redactedResponse: - additionalProperties: false - description: A minimal representation of Kibana's operational status. - properties: - status: - additionalProperties: false - type: object - properties: - overall: - additionalProperties: false + - action + - from + - to + - allOf: + - additionalProperties: false + type: object + properties: + action: + enum: + - network_direction + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs + minLength: 1 + type: string + description: + description: Human-readable notes about this processor step + type: string + destination_ip: + minLength: 1 + type: string + ignore_failure: + description: Continue pipeline execution if this processor fails + type: boolean + ignore_missing: + type: boolean + source_ip: + minLength: 1 + type: string + target_field: + minLength: 1 + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs + required: + - action + - source_ip + - destination_ip + - anyOf: + - additionalProperties: false + type: object + properties: + internal_networks: + items: + type: string + type: array + required: + - internal_networks + - additionalProperties: false + type: object + properties: + internal_networks_field: + minLength: 1 + type: string + required: + - internal_networks_field + - additionalProperties: false + description: Manual ingest pipeline wrapper around native Elasticsearch processors type: object properties: - level: - description: Service status levels as human and machine readable values. + action: + description: Manual ingest pipeline - executes raw Elasticsearch ingest processors enum: - - available - - degraded - - unavailable - - critical + - manual_ingest_pipeline + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs + minLength: 1 + type: string + description: + description: Human-readable notes about this processor step + type: string + ignore_failure: + description: Continue pipeline execution if this processor fails + type: boolean + on_failure: + description: Fallback processors to run when a processor fails + items: + additionalProperties: {} + type: object + type: array + processors: + description: List of raw Elasticsearch ingest processors to run + items: + additionalProperties: {} + type: object + type: array + tag: + description: Optional ingest processor tag for Elasticsearch type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs required: - - level - required: - - overall - required: - - status - title: core_status_redactedResponse - type: object - Kibana_HTTP_APIs_core_status_response: + - action + - processors + - $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangConditionBlock' + Kibana_HTTP_APIs_StreamUpsertRequest: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_WiredStreamUpsertRequest' + - $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicStreamUpsertRequest' + - $ref: '#/components/schemas/Kibana_HTTP_APIs_QueryStreamUpsertRequest' + Kibana_HTTP_APIs_WiredStreamUpsertRequest: additionalProperties: false - description: Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request. + type: object properties: - metrics: - additionalProperties: false - description: Metric groups collected by Kibana. - type: object - properties: - collection_interval_in_millis: - description: The interval at which metrics should be collected. - type: number - elasticsearch_client: - additionalProperties: false - description: Current network metrics of Kibana's Elasticsearch client. - type: object - properties: - totalActiveSockets: - description: Count of network sockets currently in use. - type: number - totalIdleSockets: - description: Count of network sockets currently idle. - type: number - totalQueuedRequests: - description: Count of requests not yet assigned to sockets. - type: number - required: - - totalActiveSockets - - totalIdleSockets - - totalQueuedRequests - last_updated: - description: The time metrics were collected. - type: string - required: - - elasticsearch_client - - last_updated - - collection_interval_in_millis - name: - description: Kibana instance name. - type: string - status: + dashboards: + items: + type: string + type: array + queries: + items: + type: object + properties: + description: + type: string + esql: + type: object + properties: + query: + type: string + required: + - query + evidence: + items: + type: string + type: array + id: + description: A non-empty string. + minLength: 1 + type: string + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string + required: + - id + - title + - description + - esql + type: array + rules: + items: + type: string + type: array + stream: additionalProperties: false type: object properties: - core: + description: + type: string + ingest: additionalProperties: false - description: Statuses of core Kibana services. type: object properties: - elasticsearch: + failure_store: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore' + lifecycle: + $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle' + processing: additionalProperties: false type: object properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + updated_at: {} required: - - level - - summary - - meta - http: + - steps + settings: additionalProperties: false type: object properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. + index.number_of_replicas: + additionalProperties: false type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - savedObjects: + properties: + value: + type: number + required: + - value + index.number_of_shards: + additionalProperties: false + type: object + properties: + value: + type: number + required: + - value + index.refresh_interval: + additionalProperties: false + type: object + properties: + value: + anyOf: + - type: string + - enum: + - -1 + type: number + required: + - value + wired: additionalProperties: false type: object properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string + fields: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinition' + routing: + items: + type: object + properties: + destination: + description: A non-empty string. + minLength: 1 + type: string + status: + enum: + - enabled + - disabled + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + required: + - destination + - where + type: array required: - - level - - summary - - meta - required: - - elasticsearch - - savedObjects - overall: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string + - fields + - routing required: - - level - - summary - - meta - plugins: - additionalProperties: - additionalProperties: false + - lifecycle + - processing + - settings + - failure_store + - wired + query_streams: + items: type: object properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. + name: type: string required: - - level - - summary - - meta - description: A dynamic mapping of plugin ID to plugin status. - type: object - required: - - overall - - core - - plugins - uuid: - description: Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts. - type: string - version: - additionalProperties: false - type: object - properties: - build_date: - description: The date and time of this build. - type: string - build_flavor: - description: The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the "traditional" flavour, while other flavours are reserved for Elastic-specific use cases. + - name + type: array + type: enum: - - serverless - - traditional - type: string - build_hash: - description: A unique hash value representing the git commit of this Kibana build. - type: string - build_number: - description: A monotonically increasing number, each subsequent build will have a higher number. - type: number - build_snapshot: - description: Whether this build is a snapshot build. - type: boolean - number: - description: A semantic version number. + - wired type: string required: - - number - - build_hash - - build_number - - build_snapshot - - build_flavor - - build_date + - description + - ingest + - type required: - - name - - uuid - - version - - status - - metrics - title: core_status_response - type: object + - dashboards + - rules + - queries + - stream Machine_learning_APIs_mlSync200Response: properties: datafeedsAdded: diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index 8297a67cae491..515438bc39503 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -67071,6 +67071,93 @@ paths: required: true schema: type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamUpsertRequest' + responses: {} + summary: Create or update a stream + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana + name: product_name + /api/streams/{name}/_fork: + post: + description: |- + **Spaces method and path for this operation:** + +
post /s/{space_id}/api/streams/{name}/_fork
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Forks a wired stream and creates a child stream

[Required authorization] Route required privileges: manage_stream. + operationId: post-streams-name-fork + parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + additionalProperties: false + type: object + properties: + status: + enum: + - enabled + - disabled + type: string + stream: + additionalProperties: false + type: object + properties: + name: + type: string + required: + - name + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + required: + - stream + - where + responses: {} + summary: Fork a stream + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana + name: product_name + /api/streams/{name}/_ingest: + get: + description: |- + **Spaces method and path for this operation:** + +
get /s/{space_id}/api/streams/{name}/_ingest
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Fetches the ingest settings of an ingest stream definition

[Required authorization] Route required privileges: read_stream. + operationId: get-streams-name-ingest + parameters: + - in: path + name: name + required: true + schema: + type: string requestBody: content: application/json: @@ -67078,710 +67165,250 @@ paths: anyOf: - additionalProperties: false type: object - properties: - dashboards: - items: - type: string - type: array - queries: - items: - type: object - properties: - description: - type: string - esql: - type: object - properties: - query: - type: string - required: - - query - evidence: - items: - type: string - type: array - id: - description: A non-empty string. - minLength: 1 - type: string - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string - required: - - id - - title - - description - - esql - type: array - rules: - items: - type: string - type: array - stream: - additionalProperties: false + properties: {} + - nullable: true + - {} + responses: {} + summary: Get ingest stream settings + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana + name: product_name + put: + description: |- + **Spaces method and path for this operation:** + +
put /s/{space_id}/api/streams/{name}/_ingest
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Upserts the ingest settings of an ingest stream definition

[Required authorization] Route required privileges: manage_stream. + operationId: put-streams-name-ingest + parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + additionalProperties: false + type: object + properties: + ingest: + anyOf: + - additionalProperties: false type: object properties: - description: - type: string - ingest: + failure_store: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore' + lifecycle: + $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle' + processing: additionalProperties: false type: object properties: - failure_store: - anyOf: - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - - anyOf: - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - enabled: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - required: - - enabled - required: - - lifecycle - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - required: - - lifecycle - lifecycle: - anyOf: - - additionalProperties: false - type: object - properties: - dsl: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - downsample: - items: - type: object - properties: - after: - description: A non-empty string. - minLength: 1 - type: string - fixed_interval: - description: A non-empty string. - minLength: 1 - type: string - required: - - after - - fixed_interval - type: array - required: - - dsl - - additionalProperties: false - type: object - properties: - ilm: - additionalProperties: false - type: object - properties: - policy: - description: A non-empty string. - minLength: 1 - type: string - required: - - policy - required: - - ilm - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - processing: + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + updated_at: {} + required: + - steps + settings: + additionalProperties: false + type: object + properties: + index.number_of_replicas: additionalProperties: false type: object properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema0' - type: array - updated_at: {} + value: + type: number required: - - steps - settings: + - value + index.number_of_shards: additionalProperties: false type: object properties: - index.number_of_replicas: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.number_of_shards: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.refresh_interval: - additionalProperties: false - type: object - properties: - value: - anyOf: - - type: string - - enum: - - -1 - type: number - required: - - value - wired: + value: + type: number + required: + - value + index.refresh_interval: additionalProperties: false type: object properties: - fields: - additionalProperties: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema2' - - anyOf: - - type: object - properties: - description: - type: string - format: - description: A non-empty string. - minLength: 1 - type: string - type: - enum: - - keyword - - match_only_text - - long - - double - - date - - boolean - - ip - - geo_point - - integer - - short - - byte - - float - - half_float - - text - - wildcard - - version - - unsigned_long - - date_nanos - type: string - required: - - type - - type: object - properties: - description: - type: string - format: - not: {} - type: - not: {} - required: - - description - - type: object - properties: - description: - type: string - type: - enum: - - system - type: string - required: - - type - type: object - routing: - items: - type: object - properties: - destination: - description: A non-empty string. - minLength: 1 - type: string - status: - enum: - - enabled - - disabled - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - required: - - destination - - where - type: array + value: + anyOf: + - type: string + - enum: + - -1 + type: number required: - - fields - - routing + - value + wired: + additionalProperties: false + type: object + properties: + fields: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinition' + routing: + items: + type: object + properties: + destination: + description: A non-empty string. + minLength: 1 + type: string + status: + enum: + - enabled + - disabled + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + required: + - destination + - where + type: array required: - - lifecycle - - processing - - settings - - failure_store - - wired - query_streams: - items: - type: object - properties: - name: - type: string - required: - - name - type: array - type: - enum: - - wired - type: string + - fields + - routing required: - - description - - ingest - - type - required: - - dashboards - - rules - - queries - - stream - - additionalProperties: false - type: object - properties: - dashboards: - items: - type: string - type: array - queries: - items: - type: object - properties: - description: - type: string - esql: - type: object - properties: - query: - type: string - required: - - query - evidence: - items: - type: string - type: array - id: - description: A non-empty string. - minLength: 1 - type: string - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string - required: - - id - - title - - description - - esql - type: array - rules: - items: - type: string - type: array - stream: - additionalProperties: false + - lifecycle + - processing + - settings + - failure_store + - wired + - additionalProperties: false type: object properties: - description: - type: string - ingest: + classic: + additionalProperties: false + type: object + properties: + field_overrides: + $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinition' + failure_store: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore' + lifecycle: + $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle' + processing: + additionalProperties: false + type: object + properties: + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + updated_at: {} + required: + - steps + settings: additionalProperties: false type: object properties: - classic: + index.number_of_replicas: additionalProperties: false type: object properties: - field_overrides: - additionalProperties: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema2' - - anyOf: - - type: object - properties: - description: - type: string - format: - description: A non-empty string. - minLength: 1 - type: string - type: - enum: - - keyword - - match_only_text - - long - - double - - date - - boolean - - ip - - geo_point - - integer - - short - - byte - - float - - half_float - - text - - wildcard - - version - - unsigned_long - - date_nanos - type: string - required: - - type - - type: object - properties: - description: - type: string - type: - enum: - - system - type: string - required: - - type - type: object - failure_store: - anyOf: - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - - anyOf: - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - enabled: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - required: - - enabled - required: - - lifecycle - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - required: - - lifecycle - lifecycle: - anyOf: - - additionalProperties: false - type: object - properties: - dsl: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - downsample: - items: - type: object - properties: - after: - description: A non-empty string. - minLength: 1 - type: string - fixed_interval: - description: A non-empty string. - minLength: 1 - type: string - required: - - after - - fixed_interval - type: array - required: - - dsl - - additionalProperties: false - type: object - properties: - ilm: - additionalProperties: false - type: object - properties: - policy: - description: A non-empty string. - minLength: 1 - type: string - required: - - policy - required: - - ilm - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - processing: + value: + type: number + required: + - value + index.number_of_shards: additionalProperties: false type: object properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema0' - type: array - updated_at: {} + value: + type: number required: - - steps - settings: + - value + index.refresh_interval: additionalProperties: false type: object properties: - index.number_of_replicas: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.number_of_shards: - additionalProperties: false - type: object - properties: - value: + value: + anyOf: + - type: string + - enum: + - -1 type: number - required: - - value - index.refresh_interval: - additionalProperties: false - type: object - properties: - value: - anyOf: - - type: string - - enum: - - -1 - type: number - required: - - value - required: - - lifecycle - - processing - - settings - - failure_store - - classic - query_streams: - items: - type: object - properties: - name: - type: string - required: - - name - type: array - type: - enum: - - classic - type: string + required: + - value required: - - description - - ingest - - type - required: - - dashboards - - rules - - queries - - stream + - lifecycle + - processing + - settings + - failure_store + - classic + required: + - ingest + responses: {} + summary: Update ingest stream settings + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana + name: product_name + /api/streams/{name}/_query: + get: + description: |- + **Spaces method and path for this operation:** + +
get /s/{space_id}/api/streams/{name}/_query
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Fetches the query settings of a query stream definition

[Required authorization] Route required privileges: read_stream. + operationId: get-streams-name-query + parameters: + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + anyOf: - additionalProperties: false type: object - properties: - dashboards: - items: - type: string - type: array - queries: - items: - type: object - properties: - description: - type: string - esql: - type: object - properties: - query: - type: string - required: - - query - evidence: - items: - type: string - type: array - id: - description: A non-empty string. - minLength: 1 - type: string - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string - required: - - id - - title - - description - - esql - type: array - rules: - items: - type: string - type: array - stream: - additionalProperties: false - type: object - properties: - description: - type: string - query: - additionalProperties: false - type: object - properties: - esql: - type: string - view: - type: string - required: - - view - - esql - query_streams: - items: - type: object - properties: - name: - type: string - required: - - name - type: array - type: - enum: - - query - type: string - required: - - description - - type - - query - required: - - dashboards - - rules - - queries - - stream + properties: {} + - nullable: true + - {} responses: {} - summary: Create or update a stream + summary: Get query stream settings tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana name: product_name - /api/streams/{name}/_fork: - post: + put: description: |- **Spaces method and path for this operation:** -
post /s/{space_id}/api/streams/{name}/_fork
+
put /s/{space_id}/api/streams/{name}/_query
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Forks a wired stream and creates a child stream

[Required authorization] Route required privileges: manage_stream. - operationId: post-streams-name-fork + Upserts the query settings of a query stream definition

[Required authorization] Route required privileges: manage_stream. + operationId: put-streams-name-query parameters: - description: A required header to protect against CSRF attacks in: header @@ -67802,44 +67429,43 @@ paths: additionalProperties: false type: object properties: - status: - enum: - - enabled - - disabled - type: string - stream: + query: additionalProperties: false type: object properties: - name: + esql: type: string required: - - name - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_1___schema0' + - esql required: - - stream - - where + - query responses: {} - summary: Fork a stream + summary: Upsert query stream settings tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana name: product_name - /api/streams/{name}/_ingest: - get: + /api/streams/{name}/content/export: + post: description: |- **Spaces method and path for this operation:** -
get /s/{space_id}/api/streams/{name}/_ingest
+
post /s/{space_id}/api/streams/{name}/content/export
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Fetches the ingest settings of an ingest stream definition

[Required authorization] Route required privileges: read_stream. - operationId: get-streams-name-ingest + Exports the content associated to a stream.

[Required authorization] Route required privileges: manage_stream. + operationId: post-streams-name-content-export parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string - in: path name: name required: true @@ -67849,30 +67475,40 @@ paths: content: application/json: schema: - anyOf: - - additionalProperties: false - type: object - properties: {} - - nullable: true - - {} + additionalProperties: false + type: object + properties: + description: + type: string + include: + $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0' + name: + type: string + version: + type: string + required: + - name + - description + - version + - include responses: {} - summary: Get ingest stream settings + summary: Export stream content tags: - streams - x-state: Technical Preview x-metaTags: - content: Kibana name: product_name - put: + /api/streams/{name}/content/import: + post: description: |- **Spaces method and path for this operation:** -
put /s/{space_id}/api/streams/{name}/_ingest
+
post /s/{space_id}/api/streams/{name}/content/import
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Upserts the ingest settings of an ingest stream definition

[Required authorization] Route required privileges: manage_stream. - operationId: put-streams-name-ingest + Links content objects to a stream.

[Required authorization] Route required privileges: manage_stream. + operationId: post-streams-name-content-import parameters: - description: A required header to protect against CSRF attacks in: header @@ -67888,498 +67524,179 @@ paths: type: string requestBody: content: - application/json: + multipart/form-data: schema: additionalProperties: false type: object properties: - ingest: - anyOf: - - additionalProperties: false - type: object - properties: - failure_store: - anyOf: - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - - anyOf: - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - enabled: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - required: - - enabled - required: - - lifecycle - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - required: - - lifecycle - lifecycle: - anyOf: - - additionalProperties: false - type: object - properties: - dsl: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - downsample: - items: - type: object - properties: - after: - description: A non-empty string. - minLength: 1 - type: string - fixed_interval: - description: A non-empty string. - minLength: 1 - type: string - required: - - after - - fixed_interval - type: array - required: - - dsl - - additionalProperties: false - type: object - properties: - ilm: - additionalProperties: false - type: object - properties: - policy: - description: A non-empty string. - minLength: 1 - type: string - required: - - policy - required: - - ilm - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - processing: - additionalProperties: false - type: object - properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema0' - type: array - updated_at: {} - required: - - steps - settings: - additionalProperties: false - type: object - properties: - index.number_of_replicas: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.number_of_shards: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.refresh_interval: - additionalProperties: false - type: object - properties: - value: - anyOf: - - type: string - - enum: - - -1 - type: number - required: - - value - wired: - additionalProperties: false - type: object - properties: - fields: - additionalProperties: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema2' - - anyOf: - - type: object - properties: - description: - type: string - format: - description: A non-empty string. - minLength: 1 - type: string - type: - enum: - - keyword - - match_only_text - - long - - double - - date - - boolean - - ip - - geo_point - - integer - - short - - byte - - float - - half_float - - text - - wildcard - - version - - unsigned_long - - date_nanos - type: string - required: - - type - - type: object - properties: - description: - type: string - format: - not: {} - type: - not: {} - required: - - description - - type: object - properties: - description: - type: string - type: - enum: - - system - type: string - required: - - type - type: object - routing: - items: + content: {} + include: + type: string + required: + - include + - content + responses: {} + summary: Import content into a stream + tags: + - streams + x-metaTags: + - content: Kibana + name: product_name + /api/streams/{name}/queries: + get: + description: |- + **Spaces method and path for this operation:** + +
get /s/{space_id}/api/streams/{name}/queries
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Fetches all queries linked to a stream that are visible to the current user in the current space.

[Required authorization] Route required privileges: read_stream. + operationId: get-streams-name-queries + parameters: + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + anyOf: + - additionalProperties: false + type: object + properties: {} + - nullable: true + - {} + responses: {} + summary: Get stream queries + tags: + - streams + x-state: Technical Preview + x-metaTags: + - content: Kibana + name: product_name + /api/streams/{name}/queries/_bulk: + post: + description: |- + **Spaces method and path for this operation:** + +
post /s/{space_id}/api/streams/{name}/queries/_bulk
+ + Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. + + Bulk update queries of a stream. Can add new queries and delete existing ones.

[Required authorization] Route required privileges: manage_stream. + operationId: post-streams-name-queries-bulk + parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - in: path + name: name + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + additionalProperties: false + type: object + properties: + operations: + items: + anyOf: + - type: object + properties: + index: + type: object + properties: + description: + type: string + esql: type: object properties: - destination: - description: A non-empty string. - minLength: 1 - type: string - status: - enum: - - enabled - - disabled + query: type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' required: - - destination - - where - type: array - required: - - fields - - routing - required: - - lifecycle - - processing - - settings - - failure_store - - wired - - additionalProperties: false - type: object - properties: - classic: - additionalProperties: false - type: object - properties: - field_overrides: - additionalProperties: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema2' - - anyOf: - - type: object - properties: - description: - type: string - format: - description: A non-empty string. - minLength: 1 - type: string - type: - enum: - - keyword - - match_only_text - - long - - double - - date - - boolean - - ip - - geo_point - - integer - - short - - byte - - float - - half_float - - text - - wildcard - - version - - unsigned_long - - date_nanos - type: string - required: - - type - - type: object - properties: - description: - type: string - type: - enum: - - system - type: string - required: - - type - type: object - failure_store: - anyOf: - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - - anyOf: - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - enabled: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - required: - - enabled - required: - - lifecycle - - additionalProperties: false - type: object - properties: - lifecycle: - additionalProperties: false - type: object - properties: - disabled: - additionalProperties: false - type: object - properties: {} - required: - - disabled - required: - - lifecycle - lifecycle: - anyOf: - - additionalProperties: false - type: object - properties: - dsl: - additionalProperties: false - type: object - properties: - data_retention: - description: A non-empty string. - minLength: 1 - type: string - downsample: - items: - type: object - properties: - after: - description: A non-empty string. - minLength: 1 - type: string - fixed_interval: - description: A non-empty string. - minLength: 1 - type: string - required: - - after - - fixed_interval - type: array - required: - - dsl - - additionalProperties: false - type: object - properties: - ilm: - additionalProperties: false - type: object - properties: - policy: - description: A non-empty string. - minLength: 1 - type: string - required: - - policy - required: - - ilm - - additionalProperties: false - type: object - properties: - inherit: - additionalProperties: false - type: object - properties: {} - required: - - inherit - processing: - additionalProperties: false - type: object - properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema0' - type: array - updated_at: {} - required: - - steps - settings: - additionalProperties: false - type: object - properties: - index.number_of_replicas: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.number_of_shards: - additionalProperties: false - type: object - properties: - value: - type: number - required: - - value - index.refresh_interval: - additionalProperties: false - type: object - properties: - value: - anyOf: - - type: string - - enum: - - -1 - type: number - required: - - value - required: - - lifecycle - - processing - - settings - - failure_store - - classic + - query + evidence: + items: + type: string + type: array + id: + description: A non-empty string. + minLength: 1 + type: string + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string + required: + - id + - title + - description + - esql + required: + - index + - type: object + properties: + delete: + type: object + properties: + id: + type: string + required: + - id + required: + - delete + type: array required: - - ingest + - operations responses: {} - summary: Update ingest stream settings + summary: Bulk update queries tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana name: product_name - /api/streams/{name}/_query: - get: + /api/streams/{name}/queries/{queryId}: + delete: description: |- **Spaces method and path for this operation:** -
get /s/{space_id}/api/streams/{name}/_query
+
delete /s/{space_id}/api/streams/{name}/queries/{queryId}
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Fetches the query settings of a query stream definition

[Required authorization] Route required privileges: read_stream. - operationId: get-streams-name-query + Remove a query from a stream. Noop if the query is not found on the stream.

[Required authorization] Route required privileges: manage_stream. + operationId: delete-streams-name-queries-queryid parameters: + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string - in: path name: name required: true schema: type: string + - in: path + name: queryId + required: true + schema: + type: string requestBody: content: application/json: @@ -68391,7 +67708,7 @@ paths: - nullable: true - {} responses: {} - summary: Get query stream settings + summary: Remove a query from a stream tags: - streams x-state: Technical Preview @@ -68402,12 +67719,12 @@ paths: description: |- **Spaces method and path for this operation:** -
put /s/{space_id}/api/streams/{name}/_query
+
put /s/{space_id}/api/streams/{name}/queries/{queryId}
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Upserts the query settings of a query stream definition

[Required authorization] Route required privileges: manage_stream. - operationId: put-streams-name-query + Adds a query to a stream. Noop if the query is already present on the stream.

[Required authorization] Route required privileges: manage_stream. + operationId: put-streams-name-queries-queryid parameters: - description: A required header to protect against CSRF attacks in: header @@ -68421,6 +67738,11 @@ paths: required: true schema: type: string + - in: path + name: queryId + required: true + schema: + type: string requestBody: content: application/json: @@ -68428,134 +67750,74 @@ paths: additionalProperties: false type: object properties: - query: + description: + default: '' + type: string + esql: additionalProperties: false type: object properties: - esql: + query: type: string required: - - esql + - query + evidence: + items: + type: string + type: array + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string required: - - query + - title + - esql responses: {} - summary: Upsert query stream settings + summary: Upsert a query to a stream tags: - streams x-state: Technical Preview x-metaTags: - content: Kibana name: product_name - /api/streams/{name}/content/export: - post: + /api/streams/{name}/significant_events: + get: description: |- **Spaces method and path for this operation:** -
post /s/{space_id}/api/streams/{name}/content/export
+
get /s/{space_id}/api/streams/{name}/significant_events
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Exports the content associated to a stream.

[Required authorization] Route required privileges: manage_stream. - operationId: post-streams-name-content-export + Read the significant events

[Required authorization] Route required privileges: read_stream. + operationId: get-streams-name-significant-events parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf + - in: path + name: name required: true schema: - example: 'true' type: string - - in: path - name: name + - in: query + name: from required: true schema: type: string - requestBody: - content: - application/json: - schema: - additionalProperties: false - type: object - properties: - description: - type: string - include: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0' - name: - type: string - version: - type: string - required: - - name - - description - - version - - include - responses: {} - summary: Export stream content - tags: - - streams - x-metaTags: - - content: Kibana - name: product_name - /api/streams/{name}/content/import: - post: - description: |- - **Spaces method and path for this operation:** - -
post /s/{space_id}/api/streams/{name}/content/import
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Links content objects to a stream.

[Required authorization] Route required privileges: manage_stream. - operationId: post-streams-name-content-import - parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf + - in: query + name: to required: true schema: - example: 'true' type: string - - in: path - name: name + - in: query + name: bucketSize required: true schema: type: string - requestBody: - content: - multipart/form-data: - schema: - additionalProperties: false - type: object - properties: - content: {} - include: - type: string - required: - - include - - content - responses: {} - summary: Import content into a stream - tags: - - streams - x-metaTags: - - content: Kibana - name: product_name - /api/streams/{name}/queries: - get: - description: |- - **Spaces method and path for this operation:** - -
get /s/{space_id}/api/streams/{name}/queries
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Fetches all queries linked to a stream that are visible to the current user in the current space.

[Required authorization] Route required privileges: read_stream. - operationId: get-streams-name-queries - parameters: - - in: path - name: name - required: true + - description: Query string to filter significant events on metadata fields + in: query + name: query + required: false schema: type: string requestBody: @@ -68569,24 +67831,24 @@ paths: - nullable: true - {} responses: {} - summary: Get stream queries + summary: Read the significant events tags: - streams - x-state: Technical Preview + x-state: Technical Preview; added in 9.1.0 x-metaTags: - content: Kibana name: product_name - /api/streams/{name}/queries/_bulk: + /api/streams/{name}/significant_events/_generate: post: description: |- **Spaces method and path for this operation:** -
post /s/{space_id}/api/streams/{name}/queries/_bulk
+
post /s/{space_id}/api/streams/{name}/significant_events/_generate
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Bulk update queries of a stream. Can add new queries and delete existing ones.

[Required authorization] Route required privileges: manage_stream. - operationId: post-streams-name-queries-bulk + Generate significant events queries based on the stream data

[Required authorization] Route required privileges: read_stream. + operationId: post-streams-name-significant-events-generate parameters: - description: A required header to protect against CSRF attacks in: header @@ -68600,102 +67862,28 @@ paths: required: true schema: type: string - requestBody: - content: - application/json: - schema: - additionalProperties: false - type: object - properties: - operations: - items: - anyOf: - - type: object - properties: - index: - type: object - properties: - description: - type: string - esql: - type: object - properties: - query: - type: string - required: - - query - evidence: - items: - type: string - type: array - id: - description: A non-empty string. - minLength: 1 - type: string - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string - required: - - id - - title - - description - - esql - required: - - index - - type: object - properties: - delete: - type: object - properties: - id: - type: string - required: - - id - required: - - delete - type: array - required: - - operations - responses: {} - summary: Bulk update queries - tags: - - streams - x-state: Technical Preview - x-metaTags: - - content: Kibana - name: product_name - /api/streams/{name}/queries/{queryId}: - delete: - description: |- - **Spaces method and path for this operation:** - -
delete /s/{space_id}/api/streams/{name}/queries/{queryId}
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Remove a query from a stream. Noop if the query is not found on the stream.

[Required authorization] Route required privileges: manage_stream. - operationId: delete-streams-name-queries-queryid - parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true + - description: Optional connector ID. If not provided, the default AI connector from settings will be used. + in: query + name: connectorId + required: false schema: - example: 'true' type: string - - in: path - name: name + - in: query + name: from required: true schema: type: string - - in: path - name: queryId + - in: query + name: to required: true schema: type: string + - description: Number of sample documents to use for generation from the current data of stream + in: query + name: sampleDocsSize + required: false + schema: + type: number requestBody: content: application/json: @@ -68707,23 +67895,24 @@ paths: - nullable: true - {} responses: {} - summary: Remove a query from a stream + summary: Generate significant events tags: - streams - x-state: Technical Preview + x-state: Technical Preview; added in 9.2.0 x-metaTags: - content: Kibana name: product_name - put: + /api/streams/{name}/significant_events/_preview: + post: description: |- **Spaces method and path for this operation:** -
put /s/{space_id}/api/streams/{name}/queries/{queryId}
+
post /s/{space_id}/api/streams/{name}/significant_events/_preview
Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - Adds a query to a stream. Noop if the query is already present on the stream.

[Required authorization] Route required privileges: manage_stream. - operationId: put-streams-name-queries-queryid + Preview significant event results based on a given query

[Required authorization] Route required privileges: read_stream. + operationId: post-streams-name-significant-events-preview parameters: - description: A required header to protect against CSRF attacks in: header @@ -68737,8 +67926,18 @@ paths: required: true schema: type: string - - in: path - name: queryId + - in: query + name: from + required: true + schema: + type: string + - in: query + name: to + required: true + schema: + type: string + - in: query + name: bucketSize required: true schema: type: string @@ -68749,225 +67948,27 @@ paths: additionalProperties: false type: object properties: - description: - default: '' - type: string - esql: + query: additionalProperties: false type: object properties: - query: - type: string + esql: + additionalProperties: false + type: object + properties: + query: + type: string + required: + - query required: - - query - evidence: - items: - type: string - type: array - severity_score: - type: number - title: - description: A non-empty string. - minLength: 1 - type: string + - esql required: - - title - - esql + - query responses: {} - summary: Upsert a query to a stream + summary: Preview significant events tags: - streams - x-state: Technical Preview - x-metaTags: - - content: Kibana - name: product_name - /api/streams/{name}/significant_events: - get: - description: |- - **Spaces method and path for this operation:** - -
get /s/{space_id}/api/streams/{name}/significant_events
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Read the significant events

[Required authorization] Route required privileges: read_stream. - operationId: get-streams-name-significant-events - parameters: - - in: path - name: name - required: true - schema: - type: string - - in: query - name: from - required: true - schema: - type: string - - in: query - name: to - required: true - schema: - type: string - - in: query - name: bucketSize - required: true - schema: - type: string - - description: Query string to filter significant events on metadata fields - in: query - name: query - required: false - schema: - type: string - requestBody: - content: - application/json: - schema: - anyOf: - - additionalProperties: false - type: object - properties: {} - - nullable: true - - {} - responses: {} - summary: Read the significant events - tags: - - streams - x-state: Technical Preview; added in 9.1.0 - x-metaTags: - - content: Kibana - name: product_name - /api/streams/{name}/significant_events/_generate: - post: - description: |- - **Spaces method and path for this operation:** - -
post /s/{space_id}/api/streams/{name}/significant_events/_generate
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Generate significant events queries based on the stream data

[Required authorization] Route required privileges: read_stream. - operationId: post-streams-name-significant-events-generate - parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - type: string - - description: Optional connector ID. If not provided, the default AI connector from settings will be used. - in: query - name: connectorId - required: false - schema: - type: string - - in: query - name: from - required: true - schema: - type: string - - in: query - name: to - required: true - schema: - type: string - - description: Number of sample documents to use for generation from the current data of stream - in: query - name: sampleDocsSize - required: false - schema: - type: number - requestBody: - content: - application/json: - schema: - anyOf: - - additionalProperties: false - type: object - properties: {} - - nullable: true - - {} - responses: {} - summary: Generate significant events - tags: - - streams - x-state: Technical Preview; added in 9.2.0 - x-metaTags: - - content: Kibana - name: product_name - /api/streams/{name}/significant_events/_preview: - post: - description: |- - **Spaces method and path for this operation:** - -
post /s/{space_id}/api/streams/{name}/significant_events/_preview
- - Refer to [Spaces](https://www.elastic.co/docs/deploy-manage/manage-spaces) for more information. - - Preview significant event results based on a given query

[Required authorization] Route required privileges: read_stream. - operationId: post-streams-name-significant-events-preview - parameters: - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - type: string - - in: query - name: from - required: true - schema: - type: string - - in: query - name: to - required: true - schema: - type: string - - in: query - name: bucketSize - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - additionalProperties: false - type: object - properties: - query: - additionalProperties: false - type: object - properties: - esql: - additionalProperties: false - type: object - properties: - query: - type: string - required: - - query - required: - - esql - required: - - query - responses: {} - summary: Preview significant events - tags: - - streams - x-state: Technical Preview; added in 9.1.0 + x-state: Technical Preview; added in 9.1.0 x-metaTags: - content: Kibana name: product_name @@ -80405,1322 +79406,1064 @@ components: toId: description: New saved object reference value to replace the old value. type: string - required: - - fromId - - toId - Data_views_timefieldname: - description: The timestamp field name, which you use for time-based data views. - type: string - Data_views_title: - description: Comma-separated list of data streams, indices, and aliases that you want to search. Supports wildcards (`*`). - type: string - Data_views_type: - description: When set to `rollup`, identifies the rollup data views. - type: string - Data_views_typemeta: - description: When you use rollup indices, contains the field list for the rollup data view API endpoints. - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - required: - - aggs - - params - Data_views_typemeta_response: - description: When you use rollup indices, contains the field list for the rollup data view API endpoints. - nullable: true - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - Data_views_update_data_view_request_object: - title: Update data view request - type: object - properties: - data_view: - description: | - The data view properties you want to update. Only the specified properties are updated in the data view. Unspecified fields stay as they are persisted. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - name: - type: string - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - default: false - description: Reloads the data view fields after the data view is updated. - type: boolean - required: - - data_view - Kibana_HTTP_APIs__zod_v4_0___schema0: - anyOf: - - anyOf: - - additionalProperties: false - description: Grok processor - Extract fields from text using grok patterns - type: object - properties: - action: - enum: - - grok - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to parse with grok patterns - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - pattern_definitions: - additionalProperties: - type: string - type: object - patterns: - description: Grok patterns applied in order to extract fields - items: - description: A non-empty string. - minLength: 1 - type: string - minItems: 1 - type: array - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - patterns - - additionalProperties: false - description: Dissect processor - Extract fields from text using a lightweight, delimiter-based parser - type: object - properties: - action: - enum: - - dissect - type: string - append_separator: - description: Separator inserted when target fields are concatenated - minLength: 1 - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to parse with dissect pattern - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - pattern: - description: Dissect pattern describing field boundaries - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - pattern - - additionalProperties: false - description: Date processor - Parse dates from strings using one or more expected formats - type: object - properties: - action: - enum: - - date - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - formats: - description: Accepted input date formats, tried in order - items: - description: A non-empty string. - minLength: 1 - type: string - type: array - from: - description: Source field containing the date/time text - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - locale: - description: Optional locale for date parsing - minLength: 1 - type: string - output_format: - description: Optional output format for storing the parsed date as text - minLength: 1 - type: string - timezone: - description: Optional timezone for date parsing - minLength: 1 - type: string - to: - description: Target field for the parsed date (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - formats - - additionalProperties: false - type: object - properties: - action: - enum: - - drop_document - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - additionalProperties: false - type: object - properties: - action: - enum: - - math - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - expression: - description: A non-empty string. - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - expression - - to - - additionalProperties: false - description: Rename processor - Change a field name and optionally its location - type: object - properties: - action: - enum: - - rename - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Existing source field to rename or move - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip when source field is missing - type: boolean - override: - description: Allow overwriting the target field if it already exists - type: boolean - to: - description: New field name or destination path - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - to - - additionalProperties: false - description: Set processor - Assign a literal or copied value to a field (mutually exclusive inputs) - type: object - properties: - action: - enum: - - set - type: string - copy_from: - description: Copy value from another field instead of providing a literal - minLength: 1 - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - override: - description: Allow overwriting an existing target field - type: boolean - to: - description: Target field to set or create - minLength: 1 - type: string - value: - description: Literal value to assign to the target field - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - to - - additionalProperties: false - description: Append processor - Append one or more values to an existing or new array field - type: object - properties: - action: - enum: - - append - type: string - allow_duplicates: - description: If true, do not deduplicate appended values - type: boolean - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - to: - description: Array field to append values to - minLength: 1 - type: string - value: - description: Values to append (must be literal, no templates) - items: {} - minItems: 1 - type: array - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - to - - value - - additionalProperties: false - description: Remove by prefix processor - Remove a field and all nested fields matching the prefix - type: object - properties: - action: - enum: - - remove_by_prefix - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Field to remove along with all its nested fields - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - required: - - action - - from - - additionalProperties: false - description: Remove processor - Delete one or more fields from the document - type: object - properties: - action: - enum: - - remove - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Field to remove from the document - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false - type: object - properties: - action: - enum: - - replace - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - pattern: - minLength: 1 - type: string - replacement: - type: string - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - pattern - - replacement - - additionalProperties: false - description: Redact processor - Mask sensitive data using Grok patterns - type: object - properties: - action: - enum: - - redact - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to redact sensitive data from - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing (defaults to true) - type: boolean - pattern_definitions: - additionalProperties: - type: string - description: Custom pattern definitions to use in the patterns - type: object - patterns: - description: Grok patterns to match sensitive data (for example, "%{IP:client}", "%{EMAILADDRESS:email}") - items: - description: A non-empty string. - minLength: 1 - type: string - minItems: 1 - type: array - prefix: - description: Prefix to prepend to the redacted pattern name (defaults to "<") - type: string - suffix: - description: Suffix to append to the redacted pattern name (defaults to ">") - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - patterns - - additionalProperties: false - type: object - properties: - action: - enum: - - uppercase - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false - type: object - properties: - action: - enum: - - lowercase - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false + required: + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. + type: string + Data_views_title: + description: Comma-separated list of data streams, indices, and aliases that you want to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. + type: string + Data_views_typemeta: + description: When you use rollup indices, contains the field list for the rollup data view API endpoints. + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + required: + - aggs + - params + Data_views_typemeta_response: + description: When you use rollup indices, contains the field list for the rollup data view API endpoints. + nullable: true + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: | + The data view properties you want to update. Only the specified properties are updated in the data view. Unspecified fields stay as they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: type: object - properties: - action: - enum: - - trim - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' type: object - properties: - action: - enum: - - join - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - delimiter: - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - items: - minLength: 1 - type: string - minItems: 1 - type: array - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - delimiter - - to - - additionalProperties: false - description: Split processor - Split a field value into an array using a separator + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Kibana_HTTP_APIs__zod_v4_3___schema0: + anyOf: + - additionalProperties: false + type: object + properties: + objects: + additionalProperties: false type: object properties: - action: - enum: - - split - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to split into an array - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - preserve_trailing: - description: Preserve empty trailing fields in the split result - type: boolean - separator: - description: Regex separator used to split the field value into an array - minLength: 1 - type: string - to: - description: Target field for the split array (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs + all: + additionalProperties: false + type: object + properties: {} required: - - action - - from - - separator - - additionalProperties: false + - all + required: + - objects + - additionalProperties: false + type: object + properties: + objects: + additionalProperties: false type: object properties: - action: - enum: - - sort - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Array field to sort - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing + mappings: type: boolean - order: - description: Sort order - "asc" (ascending) or "desc" (descending). Defaults to "asc" - enum: - - asc - - desc - type: string - to: - description: Target field for the sorted array (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs + queries: + items: + type: object + properties: + id: + type: string + required: + - id + type: array + routing: + items: + allOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0' + - type: object + properties: + destination: + type: string + required: + - destination + type: array required: - - action - - from + - mappings + - queries + - routing + required: + - objects + Kibana_HTTP_APIs_ClassicFieldDefinition: + additionalProperties: + $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinitionConfig' + type: object + Kibana_HTTP_APIs_ClassicFieldDefinitionConfig: + allOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord' + - anyOf: - additionalProperties: false - description: Convert processor - Change the data type of a field value (integer, long, double, boolean, or string) type: object properties: - action: - enum: - - convert - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to convert to a different data type - minLength: 1 type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - to: - description: Target field for the converted value (defaults to source) + format: + description: A non-empty string. minLength: 1 type: string type: - description: 'Target data type: integer, long, double, boolean, or string' enum: - - integer + - keyword + - match_only_text - long - double + - date - boolean - - string + - ip + - geo_point + - integer + - short + - byte + - float + - half_float + - text + - wildcard + - version + - unsigned_long + - date_nanos type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs required: - - action - - from - - type - - additionalProperties: false + - type + - additionalProperties: false + type: object + properties: + description: + type: string + type: + enum: + - system + type: string + required: + - type + Kibana_HTTP_APIs_ClassicStreamUpsertRequest: + additionalProperties: false + type: object + properties: + dashboards: + items: + type: string + type: array + queries: + items: + type: object + properties: + description: + type: string + esql: + type: object + properties: + query: + type: string + required: + - query + evidence: + items: + type: string + type: array + id: + description: A non-empty string. + minLength: 1 + type: string + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string + required: + - id + - title + - description + - esql + type: array + rules: + items: + type: string + type: array + stream: + additionalProperties: false + type: object + properties: + description: + type: string + ingest: + additionalProperties: false + type: object + properties: + classic: + additionalProperties: false + type: object + properties: + field_overrides: + $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicFieldDefinition' + failure_store: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore' + lifecycle: + $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle' + processing: + additionalProperties: false + type: object + properties: + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + updated_at: {} + required: + - steps + settings: + additionalProperties: false + type: object + properties: + index.number_of_replicas: + additionalProperties: false + type: object + properties: + value: + type: number + required: + - value + index.number_of_shards: + additionalProperties: false + type: object + properties: + value: + type: number + required: + - value + index.refresh_interval: + additionalProperties: false + type: object + properties: + value: + anyOf: + - type: string + - enum: + - -1 + type: number + required: + - value + required: + - lifecycle + - processing + - settings + - failure_store + - classic + query_streams: + items: + type: object + properties: + name: + type: string + required: + - name + type: array + type: + enum: + - classic + type: string + required: + - description + - ingest + - type + required: + - dashboards + - rules + - queries + - stream + Kibana_HTTP_APIs_Condition: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_FilterCondition' + - additionalProperties: false + description: A logical AND that groups multiple conditions. + type: object + properties: + and: + description: An array of conditions. All sub-conditions must be true for this condition to be true. + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + type: array + required: + - and + - additionalProperties: false + description: A logical OR that groups multiple conditions. + type: object + properties: + or: + description: An array of conditions. At least one sub-condition must be true for this condition to be true. + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + type: array + required: + - or + - additionalProperties: false + description: A logical NOT that negates a condition. + type: object + properties: + not: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: A condition that negates another condition. + required: + - not + - additionalProperties: false + description: A condition that always evaluates to false. + type: object + properties: + never: + additionalProperties: false + description: An empty object. This condition never matches. + type: object + properties: {} + required: + - never + - additionalProperties: false + description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered. + type: object + properties: + always: + additionalProperties: false + description: An empty object. This condition always matches. + type: object + properties: {} + required: + - always + description: The root condition object. It can be a simple filter or a combination of other conditions. + Kibana_HTTP_APIs_ConditionWithSteps: + allOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + - additionalProperties: false + type: object + properties: + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + required: + - steps + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + title: core_status_redactedResponse + type: object + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request. + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. + type: string + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. type: object properties: - action: - enum: - - concat - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - items: - anyOf: - - type: object - properties: - type: - enum: - - field - type: string - value: - minLength: 1 - type: string - required: - - type - - value - - type: object - properties: - type: - enum: - - literal - type: string - value: - type: string - required: - - type - - value - minItems: 1 - type: array - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - to - - allOf: - - additionalProperties: false + elasticsearch: + additionalProperties: false type: object properties: - action: - enum: - - network_direction - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step + detail: + description: Human readable detail of the service status. type: string - destination_ip: - minLength: 1 + documentationUrl: + description: A URL to further documentation regarding this service. type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - source_ip: - minLength: 1 + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical type: string - target_field: - minLength: 1 + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs required: - - action - - source_ip - - destination_ip - - anyOf: - - additionalProperties: false - type: object - properties: - internal_networks: - items: - type: string - type: array - required: - - internal_networks - - additionalProperties: false - type: object - properties: - internal_networks_field: - minLength: 1 - type: string - required: - - internal_networks_field - - additionalProperties: false - description: Manual ingest pipeline wrapper around native Elasticsearch processors - type: object - properties: - action: - description: Manual ingest pipeline - executes raw Elasticsearch ingest processors - enum: - - manual_ingest_pipeline - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - on_failure: - description: Fallback processors to run when a processor fails - items: - additionalProperties: {} - type: object - type: array - processors: - description: List of raw Elasticsearch ingest processors to run - items: - additionalProperties: {} - type: object - type: array - tag: - description: Optional ingest processor tag for Elasticsearch - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - processors - - additionalProperties: false - type: object - properties: - condition: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - - additionalProperties: false + - level + - summary + - meta + http: + additionalProperties: false type: object properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema0' - type: array - required: - - steps - customIdentifier: - type: string - required: - - condition - Kibana_HTTP_APIs__zod_v4_0___schema1: - anyOf: - - anyOf: - - additionalProperties: false - description: A condition that compares a field to a value or range using an operator as the key. - type: object - properties: - contains: - anyOf: - - type: string - - type: number - - type: boolean - description: Contains comparison value. - endsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Ends-with comparison value. - eq: - anyOf: - - type: string - - type: number - - type: boolean - description: Equality comparison value. - field: - description: The document field to filter on. - minLength: 1 - type: string - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: Greater-than comparison value. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: Greater-than-or-equal comparison value. - includes: - anyOf: - - type: string - - type: number - - type: boolean - description: Checks if multivalue field includes the value. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: Less-than comparison value. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: Less-than-or-equal comparison value. - neq: - anyOf: - - type: string - - type: number - - type: boolean - description: Inequality comparison value. - range: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: additionalProperties: false - description: Range comparison values. type: object properties: - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - startsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Starts-with comparison value. + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta required: - - field - - additionalProperties: false - description: A condition that checks for the existence or non-existence of a field. + - elasticsearch + - savedObjects + overall: + additionalProperties: false type: object properties: - exists: - description: Indicates whether the field exists or not. - type: boolean - field: - description: The document field to check. - minLength: 1 + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. type: string required: - - field - description: A basic filter condition, either unary or binary. + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. + type: string + build_flavor: + description: The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the "traditional" flavour, while other flavours are reserved for Elastic-specific use cases. + enum: + - serverless + - traditional + type: string + build_hash: + description: A unique hash value representing the git commit of this Kibana build. + type: string + build_number: + description: A monotonically increasing number, each subsequent build will have a higher number. + type: number + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. + type: string + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + title: core_status_response + type: object + Kibana_HTTP_APIs_FailureStore: + anyOf: - additionalProperties: false - description: A logical AND that groups multiple conditions. type: object properties: - and: - description: An array of conditions. All sub-conditions must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - type: array + inherit: + additionalProperties: false + type: object + properties: {} required: - - and + - inherit - additionalProperties: false - description: A logical OR that groups multiple conditions. type: object properties: - or: - description: An array of conditions. At least one sub-condition must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - type: array + disabled: + additionalProperties: false + type: object + properties: {} required: - - or + - disabled - additionalProperties: false - description: A logical NOT that negates a condition. type: object properties: - not: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema1' - description: A condition that negates another condition. + lifecycle: + additionalProperties: false + type: object + properties: + enabled: + additionalProperties: false + type: object + properties: + data_retention: + description: A non-empty string. + minLength: 1 + type: string + required: + - enabled required: - - not + - lifecycle - additionalProperties: false - description: A condition that always evaluates to false. type: object properties: - never: + lifecycle: additionalProperties: false - description: An empty object. This condition never matches. type: object - properties: {} + properties: + disabled: + additionalProperties: false + type: object + properties: {} + required: + - disabled required: - - never + - lifecycle + Kibana_HTTP_APIs_FieldDefinition: + additionalProperties: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinitionConfig' + type: object + Kibana_HTTP_APIs_FieldDefinitionConfig: + allOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord' + - anyOf: + - additionalProperties: false + type: object + properties: + description: + type: string + format: + description: A non-empty string. + minLength: 1 + type: string + type: + enum: + - keyword + - match_only_text + - long + - double + - date + - boolean + - ip + - geo_point + - integer + - short + - byte + - float + - half_float + - text + - wildcard + - version + - unsigned_long + - date_nanos + type: string + required: + - type + - additionalProperties: false + type: object + properties: + description: + type: string + format: + not: {} + type: + not: {} + required: + - description + - additionalProperties: false + type: object + properties: + description: + type: string + type: + enum: + - system + type: string + required: + - type + Kibana_HTTP_APIs_FilterCondition: + anyOf: - additionalProperties: false - description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered. + description: A condition that compares a field to a value or range using an operator as the key. type: object properties: - always: - additionalProperties: false - description: An empty object. This condition always matches. - type: object - properties: {} - required: - - always - description: The root condition object. It can be a simple filter or a combination of other conditions. - Kibana_HTTP_APIs__zod_v4_0___schema2: - additionalProperties: - anyOf: - - anyOf: - - type: string - - type: number - - type: boolean - - nullable: true - - {} - - items: + contains: anyOf: - type: string - type: number - type: boolean - - nullable: true - - {} - type: array - - items: {} - type: array - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_0___schema2' - type: object - Kibana_HTTP_APIs__zod_v4_1___schema0: - anyOf: - - anyOf: - - additionalProperties: false - description: A condition that compares a field to a value or range using an operator as the key. + description: Contains comparison value. + endsWith: + anyOf: + - type: string + - type: number + - type: boolean + description: Ends-with comparison value. + eq: + anyOf: + - type: string + - type: number + - type: boolean + description: Equality comparison value. + field: + description: The document field to filter on. + minLength: 1 + type: string + gt: + anyOf: + - type: string + - type: number + - type: boolean + description: Greater-than comparison value. + gte: + anyOf: + - type: string + - type: number + - type: boolean + description: Greater-than-or-equal comparison value. + includes: + anyOf: + - type: string + - type: number + - type: boolean + description: Checks if multivalue field includes the value. + lt: + anyOf: + - type: string + - type: number + - type: boolean + description: Less-than comparison value. + lte: + anyOf: + - type: string + - type: number + - type: boolean + description: Less-than-or-equal comparison value. + neq: + anyOf: + - type: string + - type: number + - type: boolean + description: Inequality comparison value. + range: + additionalProperties: false + description: Range comparison values. type: object properties: - contains: - anyOf: - - type: string - - type: number - - type: boolean - description: Contains comparison value. - endsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Ends-with comparison value. - eq: - anyOf: - - type: string - - type: number - - type: boolean - description: Equality comparison value. - field: - description: The document field to filter on. - minLength: 1 - type: string gt: anyOf: - type: string - type: number - type: boolean - description: Greater-than comparison value. + description: A value that can be a string, number, or boolean. gte: anyOf: - type: string - type: number - type: boolean - description: Greater-than-or-equal comparison value. - includes: - anyOf: - - type: string - - type: number - - type: boolean - description: Checks if multivalue field includes the value. + description: A value that can be a string, number, or boolean. lt: anyOf: - type: string - type: number - type: boolean - description: Less-than comparison value. + description: A value that can be a string, number, or boolean. lte: anyOf: - type: string - type: number - type: boolean - description: Less-than-or-equal comparison value. - neq: - anyOf: - - type: string - - type: number - - type: boolean - description: Inequality comparison value. - range: - additionalProperties: false - description: Range comparison values. - type: object - properties: - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - startsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Starts-with comparison value. - required: - - field - - additionalProperties: false - description: A condition that checks for the existence or non-existence of a field. - type: object - properties: - exists: - description: Indicates whether the field exists or not. - type: boolean - field: - description: The document field to check. - minLength: 1 - type: string - required: - - field - description: A basic filter condition, either unary or binary. + description: A value that can be a string, number, or boolean. + startsWith: + anyOf: + - type: string + - type: number + - type: boolean + description: Starts-with comparison value. + required: + - field - additionalProperties: false - description: A logical AND that groups multiple conditions. + description: A condition that checks for the existence or non-existence of a field. type: object properties: - and: - description: An array of conditions. All sub-conditions must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_1___schema0' - type: array + exists: + description: Indicates whether the field exists or not. + type: boolean + field: + description: The document field to check. + minLength: 1 + type: string required: - - and + - field + description: A basic filter condition, either unary or binary. + Kibana_HTTP_APIs_IngestStreamLifecycle: + anyOf: - additionalProperties: false - description: A logical OR that groups multiple conditions. type: object properties: - or: - description: An array of conditions. At least one sub-condition must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_1___schema0' - type: array + dsl: + additionalProperties: false + type: object + properties: + data_retention: + description: A non-empty string. + minLength: 1 + type: string + downsample: + items: + type: object + properties: + after: + description: A non-empty string. + minLength: 1 + type: string + fixed_interval: + description: A non-empty string. + minLength: 1 + type: string + required: + - after + - fixed_interval + type: array required: - - or + - dsl - additionalProperties: false - description: A logical NOT that negates a condition. type: object properties: - not: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_1___schema0' - description: A condition that negates another condition. + ilm: + additionalProperties: false + type: object + properties: + policy: + description: A non-empty string. + minLength: 1 + type: string + required: + - policy required: - - not + - ilm - additionalProperties: false - description: A condition that always evaluates to false. type: object properties: - never: + inherit: additionalProperties: false - description: An empty object. This condition never matches. type: object properties: {} required: - - never - - additionalProperties: false - description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered. + - inherit + Kibana_HTTP_APIs_QueryStreamUpsertRequest: + additionalProperties: false + type: object + properties: + dashboards: + items: + type: string + type: array + queries: + items: + type: object + properties: + description: + type: string + esql: + type: object + properties: + query: + type: string + required: + - query + evidence: + items: + type: string + type: array + id: + description: A non-empty string. + minLength: 1 + type: string + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string + required: + - id + - title + - description + - esql + type: array + rules: + items: + type: string + type: array + stream: + additionalProperties: false type: object properties: - always: + description: + type: string + query: additionalProperties: false - description: An empty object. This condition always matches. type: object - properties: {} + properties: + esql: + type: string + view: + type: string + required: + - view + - esql + query_streams: + items: + type: object + properties: + name: + type: string + required: + - name + type: array + type: + enum: + - query + type: string required: - - always - description: The root condition object. It can be a simple filter or a combination of other conditions. - Kibana_HTTP_APIs__zod_v4_2___schema0: + - description + - type + - query + required: + - dashboards + - rules + - queries + - stream + Kibana_HTTP_APIs_RecursiveRecord: + additionalProperties: + anyOf: + - anyOf: + - type: string + - type: number + - type: boolean + - nullable: true + - {} + - items: + anyOf: + - type: string + - type: number + - type: boolean + - nullable: true + - {} + type: array + - items: {} + type: array + - $ref: '#/components/schemas/Kibana_HTTP_APIs_RecursiveRecord' + type: object + Kibana_HTTP_APIs_StreamlangConditionBlock: + additionalProperties: false + type: object + properties: + condition: + $ref: '#/components/schemas/Kibana_HTTP_APIs_ConditionWithSteps' + customIdentifier: + type: string + required: + - condition + Kibana_HTTP_APIs_StreamlangStep: anyOf: - anyOf: - additionalProperties: false @@ -81761,7 +80504,7 @@ components: minItems: 1 type: array where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -81801,7 +80544,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -81853,7 +80596,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -81877,7 +80620,7 @@ components: description: Continue pipeline execution if this processor fails type: boolean where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -81908,7 +80651,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -81947,7 +80690,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -81985,7 +80728,7 @@ components: value: description: Literal value to assign to the target field where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82021,7 +80764,7 @@ components: minItems: 1 type: array where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82078,7 +80821,7 @@ components: description: Skip processing when source field is missing type: boolean where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82114,7 +80857,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82166,7 +80909,7 @@ components: description: Suffix to append to the redacted pattern name (defaults to ">") type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82198,7 +80941,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82229,7 +80972,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82260,7 +81003,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82296,7 +81039,7 @@ components: minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action @@ -82304,252 +81047,12 @@ components: - delimiter - to - additionalProperties: false - description: Split processor - Split a field value into an array using a separator - type: object - properties: - action: - enum: - - split - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to split into an array - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - preserve_trailing: - description: Preserve empty trailing fields in the split result - type: boolean - separator: - description: Regex separator used to split the field value into an array - minLength: 1 - type: string - to: - description: Target field for the split array (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - separator - - additionalProperties: false - type: object - properties: - action: - enum: - - sort - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Array field to sort - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - order: - description: Sort order - "asc" (ascending) or "desc" (descending). Defaults to "asc" - enum: - - asc - - desc - type: string - to: - description: Target field for the sorted array (defaults to source) - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - additionalProperties: false - description: Convert processor - Change the data type of a field value (integer, long, double, boolean, or string) - type: object - properties: - action: - enum: - - convert - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - description: Source field to convert to a different data type - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - description: Skip processing when source field is missing - type: boolean - to: - description: Target field for the converted value (defaults to source) - minLength: 1 - type: string - type: - description: 'Target data type: integer, long, double, boolean, or string' - enum: - - integer - - long - - double - - boolean - - string - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - type - - additionalProperties: false - type: object - properties: - action: - enum: - - concat - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - from: - items: - anyOf: - - type: object - properties: - type: - enum: - - field - type: string - value: - minLength: 1 - type: string - required: - - type - - value - - type: object - properties: - type: - enum: - - literal - type: string - value: - type: string - required: - - type - - value - minItems: 1 - type: array - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - to: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - from - - to - - allOf: - - additionalProperties: false - type: object - properties: - action: - enum: - - network_direction - type: string - customIdentifier: - description: Custom identifier to correlate this processor across outputs - minLength: 1 - type: string - description: - description: Human-readable notes about this processor step - type: string - destination_ip: - minLength: 1 - type: string - ignore_failure: - description: Continue pipeline execution if this processor fails - type: boolean - ignore_missing: - type: boolean - source_ip: - minLength: 1 - type: string - target_field: - minLength: 1 - type: string - where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: Conditional expression controlling whether this processor runs - required: - - action - - source_ip - - destination_ip - - anyOf: - - additionalProperties: false - type: object - properties: - internal_networks: - items: - type: string - type: array - required: - - internal_networks - - additionalProperties: false - type: object - properties: - internal_networks_field: - minLength: 1 - type: string - required: - - internal_networks_field - - additionalProperties: false - description: Manual ingest pipeline wrapper around native Elasticsearch processors + description: Split processor - Split a field value into an array using a separator type: object properties: action: - description: Manual ingest pipeline - executes raw Elasticsearch ingest processors enum: - - manual_ingest_pipeline + - split type: string customIdentifier: description: Custom identifier to correlate this processor across outputs @@ -82558,567 +81061,434 @@ components: description: description: Human-readable notes about this processor step type: string + from: + description: Source field to split into an array + minLength: 1 + type: string ignore_failure: description: Continue pipeline execution if this processor fails type: boolean - on_failure: - description: Fallback processors to run when a processor fails - items: - additionalProperties: {} - type: object - type: array - processors: - description: List of raw Elasticsearch ingest processors to run - items: - additionalProperties: {} - type: object - type: array - tag: - description: Optional ingest processor tag for Elasticsearch + ignore_missing: + description: Skip processing when source field is missing + type: boolean + preserve_trailing: + description: Preserve empty trailing fields in the split result + type: boolean + separator: + description: Regex separator used to split the field value into an array + minLength: 1 + type: string + to: + description: Target field for the split array (defaults to source) + minLength: 1 type: string where: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' description: Conditional expression controlling whether this processor runs required: - action - - processors - - additionalProperties: false - type: object - properties: - condition: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - - additionalProperties: false - type: object - properties: - steps: - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema0' - type: array - required: - - steps - customIdentifier: - type: string - required: - - condition - Kibana_HTTP_APIs__zod_v4_2___schema1: - anyOf: - - anyOf: + - from + - separator - additionalProperties: false - description: A condition that compares a field to a value or range using an operator as the key. type: object properties: - contains: - anyOf: - - type: string - - type: number - - type: boolean - description: Contains comparison value. - endsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Ends-with comparison value. - eq: - anyOf: - - type: string - - type: number - - type: boolean - description: Equality comparison value. - field: - description: The document field to filter on. + action: + enum: + - sort + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs minLength: 1 type: string - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: Greater-than comparison value. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: Greater-than-or-equal comparison value. - includes: - anyOf: - - type: string - - type: number - - type: boolean - description: Checks if multivalue field includes the value. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: Less-than comparison value. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: Less-than-or-equal comparison value. - neq: - anyOf: - - type: string - - type: number - - type: boolean - description: Inequality comparison value. - range: - additionalProperties: false - description: Range comparison values. - type: object - properties: - gt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - gte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lt: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - lte: - anyOf: - - type: string - - type: number - - type: boolean - description: A value that can be a string, number, or boolean. - startsWith: - anyOf: - - type: string - - type: number - - type: boolean - description: Starts-with comparison value. - required: - - field - - additionalProperties: false - description: A condition that checks for the existence or non-existence of a field. - type: object - properties: - exists: - description: Indicates whether the field exists or not. + description: + description: Human-readable notes about this processor step + type: string + from: + description: Array field to sort + minLength: 1 + type: string + ignore_failure: + description: Continue pipeline execution if this processor fails type: boolean - field: - description: The document field to check. + ignore_missing: + description: Skip processing when source field is missing + type: boolean + order: + description: Sort order - "asc" (ascending) or "desc" (descending). Defaults to "asc" + enum: + - asc + - desc + type: string + to: + description: Target field for the sorted array (defaults to source) minLength: 1 type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs required: - - field - description: A basic filter condition, either unary or binary. - - additionalProperties: false - description: A logical AND that groups multiple conditions. - type: object - properties: - and: - description: An array of conditions. All sub-conditions must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - type: array - required: - - and - - additionalProperties: false - description: A logical OR that groups multiple conditions. - type: object - properties: - or: - description: An array of conditions. At least one sub-condition must be true for this condition to be true. - items: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - type: array - required: - - or - - additionalProperties: false - description: A logical NOT that negates a condition. - type: object - properties: - not: - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema1' - description: A condition that negates another condition. - required: - - not - - additionalProperties: false - description: A condition that always evaluates to false. - type: object - properties: - never: - additionalProperties: false - description: An empty object. This condition never matches. - type: object - properties: {} - required: - - never - - additionalProperties: false - description: A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered. - type: object - properties: - always: - additionalProperties: false - description: An empty object. This condition always matches. - type: object - properties: {} - required: - - always - description: The root condition object. It can be a simple filter or a combination of other conditions. - Kibana_HTTP_APIs__zod_v4_2___schema2: - additionalProperties: - anyOf: - - anyOf: - - type: string - - type: number - - type: boolean - - nullable: true - - {} - - items: - anyOf: - - type: string - - type: number - - type: boolean - - nullable: true - - {} - type: array - - items: {} - type: array - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_2___schema2' - type: object - Kibana_HTTP_APIs__zod_v4_3___schema0: - anyOf: - - additionalProperties: false - type: object - properties: - objects: - additionalProperties: false + - action + - from + - additionalProperties: false + description: Convert processor - Change the data type of a field value (integer, long, double, boolean, or string) type: object properties: - all: - additionalProperties: false - type: object - properties: {} + action: + enum: + - convert + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs + minLength: 1 + type: string + description: + description: Human-readable notes about this processor step + type: string + from: + description: Source field to convert to a different data type + minLength: 1 + type: string + ignore_failure: + description: Continue pipeline execution if this processor fails + type: boolean + ignore_missing: + description: Skip processing when source field is missing + type: boolean + to: + description: Target field for the converted value (defaults to source) + minLength: 1 + type: string + type: + description: 'Target data type: integer, long, double, boolean, or string' + enum: + - integer + - long + - double + - boolean + - string + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs required: - - all - required: - - objects - - additionalProperties: false - type: object - properties: - objects: - additionalProperties: false + - action + - from + - type + - additionalProperties: false type: object properties: - mappings: - type: boolean - queries: - items: - type: object - properties: - id: - type: string - required: - - id - type: array - routing: + action: + enum: + - concat + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs + minLength: 1 + type: string + description: + description: Human-readable notes about this processor step + type: string + from: items: - allOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs__zod_v4_3___schema0' + anyOf: - type: object properties: - destination: + type: + enum: + - field + type: string + value: + minLength: 1 type: string required: - - destination + - type + - value + - type: object + properties: + type: + enum: + - literal + type: string + value: + type: string + required: + - type + - value + minItems: 1 type: array + ignore_failure: + description: Continue pipeline execution if this processor fails + type: boolean + ignore_missing: + type: boolean + to: + minLength: 1 + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs required: - - mappings - - queries - - routing - required: - - objects - Kibana_HTTP_APIs_core_status_redactedResponse: - additionalProperties: false - description: A minimal representation of Kibana's operational status. - properties: - status: - additionalProperties: false - type: object - properties: - overall: - additionalProperties: false + - action + - from + - to + - allOf: + - additionalProperties: false + type: object + properties: + action: + enum: + - network_direction + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs + minLength: 1 + type: string + description: + description: Human-readable notes about this processor step + type: string + destination_ip: + minLength: 1 + type: string + ignore_failure: + description: Continue pipeline execution if this processor fails + type: boolean + ignore_missing: + type: boolean + source_ip: + minLength: 1 + type: string + target_field: + minLength: 1 + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs + required: + - action + - source_ip + - destination_ip + - anyOf: + - additionalProperties: false + type: object + properties: + internal_networks: + items: + type: string + type: array + required: + - internal_networks + - additionalProperties: false + type: object + properties: + internal_networks_field: + minLength: 1 + type: string + required: + - internal_networks_field + - additionalProperties: false + description: Manual ingest pipeline wrapper around native Elasticsearch processors type: object properties: - level: - description: Service status levels as human and machine readable values. + action: + description: Manual ingest pipeline - executes raw Elasticsearch ingest processors enum: - - available - - degraded - - unavailable - - critical + - manual_ingest_pipeline + type: string + customIdentifier: + description: Custom identifier to correlate this processor across outputs + minLength: 1 + type: string + description: + description: Human-readable notes about this processor step + type: string + ignore_failure: + description: Continue pipeline execution if this processor fails + type: boolean + on_failure: + description: Fallback processors to run when a processor fails + items: + additionalProperties: {} + type: object + type: array + processors: + description: List of raw Elasticsearch ingest processors to run + items: + additionalProperties: {} + type: object + type: array + tag: + description: Optional ingest processor tag for Elasticsearch type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + description: Conditional expression controlling whether this processor runs required: - - level - required: - - overall - required: - - status - title: core_status_redactedResponse - type: object - Kibana_HTTP_APIs_core_status_response: + - action + - processors + - $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangConditionBlock' + Kibana_HTTP_APIs_StreamUpsertRequest: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_WiredStreamUpsertRequest' + - $ref: '#/components/schemas/Kibana_HTTP_APIs_ClassicStreamUpsertRequest' + - $ref: '#/components/schemas/Kibana_HTTP_APIs_QueryStreamUpsertRequest' + Kibana_HTTP_APIs_WiredStreamUpsertRequest: additionalProperties: false - description: Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request. + type: object properties: - metrics: - additionalProperties: false - description: Metric groups collected by Kibana. - type: object - properties: - collection_interval_in_millis: - description: The interval at which metrics should be collected. - type: number - elasticsearch_client: - additionalProperties: false - description: Current network metrics of Kibana's Elasticsearch client. - type: object - properties: - totalActiveSockets: - description: Count of network sockets currently in use. - type: number - totalIdleSockets: - description: Count of network sockets currently idle. - type: number - totalQueuedRequests: - description: Count of requests not yet assigned to sockets. - type: number - required: - - totalActiveSockets - - totalIdleSockets - - totalQueuedRequests - last_updated: - description: The time metrics were collected. - type: string - required: - - elasticsearch_client - - last_updated - - collection_interval_in_millis - name: - description: Kibana instance name. - type: string - status: + dashboards: + items: + type: string + type: array + queries: + items: + type: object + properties: + description: + type: string + esql: + type: object + properties: + query: + type: string + required: + - query + evidence: + items: + type: string + type: array + id: + description: A non-empty string. + minLength: 1 + type: string + severity_score: + type: number + title: + description: A non-empty string. + minLength: 1 + type: string + required: + - id + - title + - description + - esql + type: array + rules: + items: + type: string + type: array + stream: additionalProperties: false type: object properties: - core: + description: + type: string + ingest: additionalProperties: false - description: Statuses of core Kibana services. type: object properties: - elasticsearch: + failure_store: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FailureStore' + lifecycle: + $ref: '#/components/schemas/Kibana_HTTP_APIs_IngestStreamLifecycle' + processing: additionalProperties: false type: object properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string + steps: + items: + $ref: '#/components/schemas/Kibana_HTTP_APIs_StreamlangStep' + type: array + updated_at: {} required: - - level - - summary - - meta - http: + - steps + settings: additionalProperties: false type: object properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. + index.number_of_replicas: + additionalProperties: false type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - savedObjects: + properties: + value: + type: number + required: + - value + index.number_of_shards: + additionalProperties: false + type: object + properties: + value: + type: number + required: + - value + index.refresh_interval: + additionalProperties: false + type: object + properties: + value: + anyOf: + - type: string + - enum: + - -1 + type: number + required: + - value + wired: additionalProperties: false type: object properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string + fields: + $ref: '#/components/schemas/Kibana_HTTP_APIs_FieldDefinition' + routing: + items: + type: object + properties: + destination: + description: A non-empty string. + minLength: 1 + type: string + status: + enum: + - enabled + - disabled + type: string + where: + $ref: '#/components/schemas/Kibana_HTTP_APIs_Condition' + required: + - destination + - where + type: array required: - - level - - summary - - meta - required: - - elasticsearch - - savedObjects - overall: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string + - fields + - routing required: - - level - - summary - - meta - plugins: - additionalProperties: - additionalProperties: false + - lifecycle + - processing + - settings + - failure_store + - wired + query_streams: + items: type: object properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. + name: type: string required: - - level - - summary - - meta - description: A dynamic mapping of plugin ID to plugin status. - type: object - required: - - overall - - core - - plugins - uuid: - description: Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts. - type: string - version: - additionalProperties: false - type: object - properties: - build_date: - description: The date and time of this build. - type: string - build_flavor: - description: The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the "traditional" flavour, while other flavours are reserved for Elastic-specific use cases. + - name + type: array + type: enum: - - serverless - - traditional - type: string - build_hash: - description: A unique hash value representing the git commit of this Kibana build. - type: string - build_number: - description: A monotonically increasing number, each subsequent build will have a higher number. - type: number - build_snapshot: - description: Whether this build is a snapshot build. - type: boolean - number: - description: A semantic version number. + - wired type: string required: - - number - - build_hash - - build_number - - build_snapshot - - build_flavor - - build_date + - description + - ingest + - type required: - - name - - uuid - - version - - status - - metrics - title: core_status_response - type: object + - dashboards + - rules + - queries + - stream Machine_learning_APIs_mlSync200Response: properties: datafeedsAdded: diff --git a/src/platform/packages/shared/kbn-router-to-openapispec/src/oas_converter/zod/lib.ts b/src/platform/packages/shared/kbn-router-to-openapispec/src/oas_converter/zod/lib.ts index c29e3788c4d72..28179e3837a90 100644 --- a/src/platform/packages/shared/kbn-router-to-openapispec/src/oas_converter/zod/lib.ts +++ b/src/platform/packages/shared/kbn-router-to-openapispec/src/oas_converter/zod/lib.ts @@ -937,6 +937,13 @@ export const convert = (schema: z.ZodTypeAny) => { return; } + // Zod v4's toJSONSchema() writes the .meta({ id }) value as a plain + // `id` property on the JSON schema node. OAS 3.0 Schema Objects do not + // allow `id`, so we strip it unconditionally here and track the + // component name via our own COMPONENT_ID_MARKER instead. + // See https://github.com/colinhacks/zod/issues/5731 + delete (js as any).id; + // Inject stable OAS component name and optional OAS extensions for // schemas that declare .meta({ id }) / .meta({ openapi: { ... } }). // Picked up by extractDefsToShared (for $defs entries) and diff --git a/x-pack/platform/packages/shared/kbn-streamlang/src/oas_definitions.ts b/x-pack/platform/packages/shared/kbn-streamlang/src/oas_definitions.ts index 3fcdebf8389af..44f6d5b9a2c59 100644 --- a/x-pack/platform/packages/shared/kbn-streamlang/src/oas_definitions.ts +++ b/x-pack/platform/packages/shared/kbn-streamlang/src/oas_definitions.ts @@ -41,11 +41,13 @@ import { export const streamlangOasDefinitions = { // Core condition — recursive schema referenced throughout routing and processing - Condition: conditionSchema.meta({ id: 'Condition' }), + // .meta({ id: 'Condition' }) is applied at definition time in types/conditions.ts + Condition: conditionSchema, // DSL root and step types StreamlangDSL: streamlangDSLSchema.meta({ id: 'StreamlangDSL' }), - StreamlangStep: streamlangStepSchema.meta({ id: 'StreamlangStep' }), + // .meta({ id: 'StreamlangStep' }) is applied at definition time in types/streamlang.ts + StreamlangStep: streamlangStepSchema, // Union of all processors (useful for $ref in generic processing endpoints) StreamlangProcessor: streamlangProcessorSchema.meta({ id: 'StreamlangProcessor' }), diff --git a/x-pack/platform/packages/shared/kbn-streamlang/src/schema/__snapshots__/get_json_schema_from_streamlang_schema.test.ts.snap b/x-pack/platform/packages/shared/kbn-streamlang/src/schema/__snapshots__/get_json_schema_from_streamlang_schema.test.ts.snap index 7f82242ceffca..e722e5e4c4c03 100644 --- a/x-pack/platform/packages/shared/kbn-streamlang/src/schema/__snapshots__/get_json_schema_from_streamlang_schema.test.ts.snap +++ b/x-pack/platform/packages/shared/kbn-streamlang/src/schema/__snapshots__/get_json_schema_from_streamlang_schema.test.ts.snap @@ -5,7 +5,356 @@ Object { "$schema": "http://json-schema.org/draft-07/schema#", "additionalProperties": false, "definitions": Object { - "__schema0": Object { + "Condition": Object { + "anyOf": Array [ + Object { + "$ref": "#/definitions/FilterCondition", + }, + Object { + "additionalProperties": false, + "description": "A logical AND that groups multiple conditions.", + "properties": Object { + "and": Object { + "description": "An array of conditions. All sub-conditions must be true for this condition to be true.", + "items": Object { + "$ref": "#/definitions/Condition", + }, + "type": "array", + }, + }, + "required": Array [ + "and", + ], + "type": "object", + }, + Object { + "additionalProperties": false, + "description": "A logical OR that groups multiple conditions.", + "properties": Object { + "or": Object { + "description": "An array of conditions. At least one sub-condition must be true for this condition to be true.", + "items": Object { + "$ref": "#/definitions/Condition", + }, + "type": "array", + }, + }, + "required": Array [ + "or", + ], + "type": "object", + }, + Object { + "additionalProperties": false, + "description": "A logical NOT that negates a condition.", + "properties": Object { + "not": Object { + "allOf": Array [ + Object { + "$ref": "#/definitions/Condition", + }, + ], + "description": "A condition that negates another condition.", + }, + }, + "required": Array [ + "not", + ], + "type": "object", + }, + Object { + "additionalProperties": false, + "description": "A condition that always evaluates to false.", + "properties": Object { + "never": Object { + "additionalProperties": false, + "description": "An empty object. This condition never matches.", + "properties": Object {}, + "type": "object", + }, + }, + "required": Array [ + "never", + ], + "type": "object", + }, + Object { + "additionalProperties": false, + "description": "A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered.", + "properties": Object { + "always": Object { + "additionalProperties": false, + "description": "An empty object. This condition always matches.", + "properties": Object {}, + "type": "object", + }, + }, + "required": Array [ + "always", + ], + "type": "object", + }, + ], + "description": "The root condition object. It can be a simple filter or a combination of other conditions.", + "id": "Condition", + }, + "ConditionWithSteps": Object { + "allOf": Array [ + Object { + "$ref": "#/definitions/Condition", + }, + Object { + "additionalProperties": false, + "properties": Object { + "steps": Object { + "items": Object { + "$ref": "#/definitions/StreamlangStep", + }, + "type": "array", + }, + }, + "required": Array [ + "steps", + ], + "type": "object", + }, + ], + "id": "ConditionWithSteps", + }, + "FilterCondition": Object { + "anyOf": Array [ + Object { + "additionalProperties": false, + "description": "A condition that compares a field to a value or range using an operator as the key.", + "properties": Object { + "contains": Object { + "description": "Contains comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "endsWith": Object { + "description": "Ends-with comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "eq": Object { + "description": "Equality comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "field": Object { + "description": "The document field to filter on.", + "minLength": 1, + "type": "string", + }, + "gt": Object { + "description": "Greater-than comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "gte": Object { + "description": "Greater-than-or-equal comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "includes": Object { + "description": "Checks if multivalue field includes the value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "lt": Object { + "description": "Less-than comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "lte": Object { + "description": "Less-than-or-equal comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "neq": Object { + "description": "Inequality comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "range": Object { + "additionalProperties": false, + "description": "Range comparison values.", + "properties": Object { + "gt": Object { + "description": "A value that can be a string, number, or boolean.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "gte": Object { + "description": "A value that can be a string, number, or boolean.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "lt": Object { + "description": "A value that can be a string, number, or boolean.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + "lte": Object { + "description": "A value that can be a string, number, or boolean.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + }, + "type": "object", + }, + "startsWith": Object { + "description": "Starts-with comparison value.", + "type": Array [ + "string", + "number", + "boolean", + ], + }, + }, + "required": Array [ + "field", + ], + "type": "object", + }, + Object { + "additionalProperties": false, + "description": "A condition that checks for the existence or non-existence of a field.", + "properties": Object { + "exists": Object { + "description": "Indicates whether the field exists or not.", + "type": "boolean", + }, + "field": Object { + "description": "The document field to check.", + "minLength": 1, + "type": "string", + }, + }, + "required": Array [ + "field", + ], + "type": "object", + }, + ], + "description": "A basic filter condition, either unary or binary.", + "id": "FilterCondition", + }, + "StreamlangConditionBlock": Object { + "additionalProperties": false, + "defaultSnippets": Array [ + Object { + "body": Object { + "condition": Object { + "eq": "\${2:value}", + "field": "\${1:field.name}", + "steps": Array [ + "\${3}", + ], + }, + }, + "description": "Conditional step execution with field equals condition", + "label": "Condition block", + }, + Object { + "body": Object { + "condition": Object { + "and": Array [ + Object { + "eq": "\${2:value1}", + "field": "\${1:field1.name}", + }, + Object { + "eq": "\${4:value2}", + "field": "\${3:field2.name}", + }, + ], + "steps": Array [ + "\${5}", + ], + }, + }, + "description": "Execute steps if all conditions are true", + "label": "Condition block (AND)", + }, + Object { + "body": Object { + "condition": Object { + "or": Array [ + Object { + "eq": "\${2:value1}", + "field": "\${1:field1.name}", + }, + Object { + "eq": "\${4:value2}", + "field": "\${3:field2.name}", + }, + ], + "steps": Array [ + "\${5}", + ], + }, + }, + "description": "Execute steps if any condition is true", + "label": "Condition block (OR)", + }, + ], + "id": "StreamlangConditionBlock", + "properties": Object { + "condition": Object { + "$ref": "#/definitions/ConditionWithSteps", + }, + "customIdentifier": Object { + "type": "string", + }, + }, + "required": Array [ + "condition", + ], + "title": "Condition block", + "type": "object", + }, + "StreamlangStep": Object { "anyOf": Array [ Object { "anyOf": Array [ @@ -61,7 +410,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -118,7 +467,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -190,7 +539,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -228,7 +577,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -276,7 +625,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -332,7 +681,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -387,7 +736,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -439,7 +788,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -520,7 +869,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -575,7 +924,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -651,7 +1000,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -700,7 +1049,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -748,7 +1097,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -796,7 +1145,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -851,7 +1200,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -913,7 +1262,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -973,7 +1322,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -1035,7 +1384,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -1123,7 +1472,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -1177,7 +1526,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -1269,7 +1618,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -1303,885 +1652,26 @@ Object { "lowercase", "trim", "join", - "split", - "sort", - "convert", - "concat", - "manual_ingest_pipeline", - ], - "type": "string", - }, - }, - "required": Array [ - "action", - ], - "title": "Action step", - "type": "object", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "condition": Object { - "eq": "\${2:value}", - "field": "\${1:field.name}", - "steps": Array [ - "\${3}", - ], - }, - }, - "description": "Conditional step execution with field equals condition", - "label": "Condition block", - }, - Object { - "body": Object { - "condition": Object { - "and": Array [ - Object { - "eq": "\${2:value1}", - "field": "\${1:field1.name}", - }, - Object { - "eq": "\${4:value2}", - "field": "\${3:field2.name}", - }, - ], - "steps": Array [ - "\${5}", - ], - }, - }, - "description": "Execute steps if all conditions are true", - "label": "Condition block (AND)", - }, - Object { - "body": Object { - "condition": Object { - "or": Array [ - Object { - "eq": "\${2:value1}", - "field": "\${1:field1.name}", - }, - Object { - "eq": "\${4:value2}", - "field": "\${3:field2.name}", - }, - ], - "steps": Array [ - "\${5}", - ], - }, - }, - "description": "Execute steps if any condition is true", - "label": "Condition block (OR)", - }, - ], - "properties": Object { - "condition": Object { - "anyOf": Array [ - Object { - "anyOf": Array [ - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "eq": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field equals a value", - "label": "Field equals", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "neq": "\${2:value}", - }, - "description": "Check if field does not equal a value", - "label": "Field not equals", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "lt": "\${2:value}", - }, - "description": "Check if field is less than a value", - "label": "Field less than", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "lte": "\${2:value}", - }, - "description": "Check if field is less than or equal to a value", - "label": "Field less than or equal", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "gt": "\${2:value}", - }, - "description": "Check if field is greater than a value", - "label": "Field greater than", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "gte": "\${2:value}", - }, - "description": "Check if field is greater than or equal to a value", - "label": "Field greater than or equal", - }, - Object { - "body": Object { - "contains": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field contains a value", - "label": "Field contains", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "startsWith": "\${2:value}", - }, - "description": "Check if field starts with a value", - "label": "Field starts with", - }, - Object { - "body": Object { - "endsWith": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field ends with a value", - "label": "Field ends with", - }, - Object { - "body": Object { - "exists": true, - "field": "\${1:field.name}", - }, - "description": "Check if field exists", - "label": "Field exists", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "range": Object { - "gte": "\${2:minValue}", - "lte": "\${3:maxValue}", - }, - }, - "description": "Check if field is within a range", - "label": "Field range", - }, - ], - "description": "Compare a field value using operators like eq, neq, lt, gt, contains", - "properties": Object { - "contains": Object { - "description": "Contains comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "endsWith": Object { - "description": "Ends-with comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "eq": Object { - "description": "Equality comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "field": Object { - "description": "The document field to filter on.", - "minLength": 1, - "type": "string", - }, - "gt": Object { - "description": "Greater-than comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "gte": Object { - "description": "Greater-than-or-equal comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "includes": Object { - "description": "Checks if multivalue field includes the value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lt": Object { - "description": "Less-than comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lte": Object { - "description": "Less-than-or-equal comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "neq": Object { - "description": "Inequality comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "range": Object { - "additionalProperties": false, - "description": "Range comparison values.", - "properties": Object { - "gt": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "gte": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lt": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lte": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - }, - "type": "object", - }, - "startsWith": Object { - "description": "Starts-with comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "field", - "steps", - ], - "title": "Filter condition", - "type": "object", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "eq": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field equals a value", - "label": "Field equals", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "neq": "\${2:value}", - }, - "description": "Check if field does not equal a value", - "label": "Field not equals", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "lt": "\${2:value}", - }, - "description": "Check if field is less than a value", - "label": "Field less than", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "lte": "\${2:value}", - }, - "description": "Check if field is less than or equal to a value", - "label": "Field less than or equal", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "gt": "\${2:value}", - }, - "description": "Check if field is greater than a value", - "label": "Field greater than", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "gte": "\${2:value}", - }, - "description": "Check if field is greater than or equal to a value", - "label": "Field greater than or equal", - }, - Object { - "body": Object { - "contains": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field contains a value", - "label": "Field contains", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "startsWith": "\${2:value}", - }, - "description": "Check if field starts with a value", - "label": "Field starts with", - }, - Object { - "body": Object { - "endsWith": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field ends with a value", - "label": "Field ends with", - }, - Object { - "body": Object { - "exists": true, - "field": "\${1:field.name}", - }, - "description": "Check if field exists", - "label": "Field exists", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "range": Object { - "gte": "\${2:minValue}", - "lte": "\${3:maxValue}", - }, - }, - "description": "Check if field is within a range", - "label": "Field range", - }, - ], - "description": "Compare a field value using operators like eq, neq, lt, gt, contains", - "properties": Object { - "exists": Object { - "description": "Indicates whether the field exists or not.", - "type": "boolean", - }, - "field": Object { - "description": "The document field to check.", - "minLength": 1, - "type": "string", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "field", - "steps", - ], - "title": "Filter condition", - "type": "object", - }, - ], - "description": "A basic filter condition, either unary or binary.", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "and": Array [ - Object { - "eq": "\${2:value1}", - "field": "\${1:field1.name}", - }, - Object { - "eq": "\${4:value2}", - "field": "\${3:field2.name}", - }, - ], - }, - "description": "Combine conditions with AND logic", - "label": "AND condition", - }, - ], - "description": "All conditions must be true", - "properties": Object { - "and": Object { - "description": "An array of conditions. All sub-conditions must be true for this condition to be true.", - "items": Object { - "$ref": "#/definitions/__schema1", - }, - "type": "array", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "and", - "steps", - ], - "title": "AND condition", - "type": "object", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "or": Array [ - Object { - "eq": "\${2:value1}", - "field": "\${1:field1.name}", - }, - Object { - "eq": "\${4:value2}", - "field": "\${3:field2.name}", - }, - ], - }, - "description": "Combine conditions with OR logic", - "label": "OR condition", - }, - ], - "description": "At least one condition must be true", - "properties": Object { - "or": Object { - "description": "An array of conditions. At least one sub-condition must be true for this condition to be true.", - "items": Object { - "$ref": "#/definitions/__schema1", - }, - "type": "array", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "or", - "steps", - ], - "title": "OR condition", - "type": "object", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "not": Object { - "eq": "\${2:value}", - "field": "\${1:field.name}", - }, - }, - "description": "Negate a condition", - "label": "NOT condition", - }, - ], - "description": "Negate a condition", - "properties": Object { - "not": Object { - "allOf": Array [ - Object { - "$ref": "#/definitions/__schema1", - }, - ], - "description": "A condition that negates another condition.", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "not", - "steps", - ], - "title": "NOT condition", - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A condition that always evaluates to false.", - "properties": Object { - "never": Object { - "additionalProperties": false, - "description": "An empty object. This condition never matches.", - "properties": Object {}, - "type": "object", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "never", - "steps", - ], - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered.", - "properties": Object { - "always": Object { - "additionalProperties": false, - "description": "An empty object. This condition always matches.", - "properties": Object {}, - "type": "object", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "always", - "steps", - ], - "type": "object", - }, - ], - "properties": Object { - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "steps", - ], - "type": "object", - }, - "customIdentifier": Object { - "type": "string", - }, - }, - "required": Array [ - "condition", - ], - "title": "Condition block", - "type": "object", - }, - ], - }, - "__schema1": Object { - "anyOf": Array [ - Object { - "anyOf": Array [ - Object { - "additionalProperties": false, - "description": "A condition that compares a field to a value or range using an operator as the key.", - "properties": Object { - "contains": Object { - "description": "Contains comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "endsWith": Object { - "description": "Ends-with comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "eq": Object { - "description": "Equality comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "field": Object { - "description": "The document field to filter on.", - "minLength": 1, - "type": "string", - }, - "gt": Object { - "description": "Greater-than comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "gte": Object { - "description": "Greater-than-or-equal comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "includes": Object { - "description": "Checks if multivalue field includes the value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lt": Object { - "description": "Less-than comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lte": Object { - "description": "Less-than-or-equal comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "neq": Object { - "description": "Inequality comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "range": Object { - "additionalProperties": false, - "description": "Range comparison values.", - "properties": Object { - "gt": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "gte": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lt": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lte": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - }, - "type": "object", - }, - "startsWith": Object { - "description": "Starts-with comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - }, - "required": Array [ - "field", - ], - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A condition that checks for the existence or non-existence of a field.", - "properties": Object { - "exists": Object { - "description": "Indicates whether the field exists or not.", - "type": "boolean", - }, - "field": Object { - "description": "The document field to check.", - "minLength": 1, - "type": "string", - }, - }, - "required": Array [ - "field", - ], - "type": "object", - }, - ], - "description": "A basic filter condition, either unary or binary.", - }, - Object { - "additionalProperties": false, - "description": "A logical AND that groups multiple conditions.", - "properties": Object { - "and": Object { - "description": "An array of conditions. All sub-conditions must be true for this condition to be true.", - "items": Object { - "$ref": "#/definitions/__schema1", - }, - "type": "array", - }, - }, - "required": Array [ - "and", - ], - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A logical OR that groups multiple conditions.", - "properties": Object { - "or": Object { - "description": "An array of conditions. At least one sub-condition must be true for this condition to be true.", - "items": Object { - "$ref": "#/definitions/__schema1", - }, - "type": "array", - }, - }, - "required": Array [ - "or", - ], - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A logical NOT that negates a condition.", - "properties": Object { - "not": Object { - "allOf": Array [ - Object { - "$ref": "#/definitions/__schema1", - }, - ], - "description": "A condition that negates another condition.", - }, - }, - "required": Array [ - "not", - ], - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A condition that always evaluates to false.", - "properties": Object { - "never": Object { - "additionalProperties": false, - "description": "An empty object. This condition never matches.", - "properties": Object {}, - "type": "object", - }, - }, - "required": Array [ - "never", - ], - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered.", - "properties": Object { - "always": Object { - "additionalProperties": false, - "description": "An empty object. This condition always matches.", - "properties": Object {}, - "type": "object", + "split", + "sort", + "convert", + "concat", + "manual_ingest_pipeline", + ], + "type": "string", }, }, "required": Array [ - "always", + "action", ], + "title": "Action step", "type": "object", }, + Object { + "$ref": "#/definitions/StreamlangConditionBlock", + }, ], - "description": "The root condition object. It can be a simple filter or a combination of other conditions.", + "id": "StreamlangStep", }, }, "properties": Object { @@ -2242,7 +1732,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2299,7 +1789,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2371,7 +1861,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2409,7 +1899,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2457,7 +1947,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2513,7 +2003,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2568,7 +2058,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2620,7 +2110,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2701,7 +2191,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2756,7 +2246,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2832,7 +2322,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2881,7 +2371,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2929,7 +2419,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -2977,7 +2467,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -3032,7 +2522,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -3094,7 +2584,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -3154,7 +2644,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -3216,7 +2706,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -3304,7 +2794,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -3358,7 +2848,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -3450,7 +2940,7 @@ Object { "where": Object { "allOf": Array [ Object { - "$ref": "#/definitions/__schema1", + "$ref": "#/definitions/Condition", }, ], "description": "Conditional expression controlling whether this processor runs", @@ -3500,622 +2990,10 @@ Object { "type": "object", }, Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "condition": Object { - "eq": "\${2:value}", - "field": "\${1:field.name}", - "steps": Array [ - "\${3}", - ], - }, - }, - "description": "Conditional step execution with field equals condition", - "label": "Condition block", - }, - Object { - "body": Object { - "condition": Object { - "and": Array [ - Object { - "eq": "\${2:value1}", - "field": "\${1:field1.name}", - }, - Object { - "eq": "\${4:value2}", - "field": "\${3:field2.name}", - }, - ], - "steps": Array [ - "\${5}", - ], - }, - }, - "description": "Execute steps if all conditions are true", - "label": "Condition block (AND)", - }, - Object { - "body": Object { - "condition": Object { - "or": Array [ - Object { - "eq": "\${2:value1}", - "field": "\${1:field1.name}", - }, - Object { - "eq": "\${4:value2}", - "field": "\${3:field2.name}", - }, - ], - "steps": Array [ - "\${5}", - ], - }, - }, - "description": "Execute steps if any condition is true", - "label": "Condition block (OR)", - }, - ], - "properties": Object { - "condition": Object { - "anyOf": Array [ - Object { - "anyOf": Array [ - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "eq": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field equals a value", - "label": "Field equals", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "neq": "\${2:value}", - }, - "description": "Check if field does not equal a value", - "label": "Field not equals", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "lt": "\${2:value}", - }, - "description": "Check if field is less than a value", - "label": "Field less than", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "lte": "\${2:value}", - }, - "description": "Check if field is less than or equal to a value", - "label": "Field less than or equal", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "gt": "\${2:value}", - }, - "description": "Check if field is greater than a value", - "label": "Field greater than", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "gte": "\${2:value}", - }, - "description": "Check if field is greater than or equal to a value", - "label": "Field greater than or equal", - }, - Object { - "body": Object { - "contains": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field contains a value", - "label": "Field contains", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "startsWith": "\${2:value}", - }, - "description": "Check if field starts with a value", - "label": "Field starts with", - }, - Object { - "body": Object { - "endsWith": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field ends with a value", - "label": "Field ends with", - }, - Object { - "body": Object { - "exists": true, - "field": "\${1:field.name}", - }, - "description": "Check if field exists", - "label": "Field exists", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "range": Object { - "gte": "\${2:minValue}", - "lte": "\${3:maxValue}", - }, - }, - "description": "Check if field is within a range", - "label": "Field range", - }, - ], - "description": "Compare a field value using operators like eq, neq, lt, gt, contains", - "properties": Object { - "contains": Object { - "description": "Contains comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "endsWith": Object { - "description": "Ends-with comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "eq": Object { - "description": "Equality comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "field": Object { - "description": "The document field to filter on.", - "minLength": 1, - "type": "string", - }, - "gt": Object { - "description": "Greater-than comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "gte": Object { - "description": "Greater-than-or-equal comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "includes": Object { - "description": "Checks if multivalue field includes the value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lt": Object { - "description": "Less-than comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lte": Object { - "description": "Less-than-or-equal comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "neq": Object { - "description": "Inequality comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "range": Object { - "additionalProperties": false, - "description": "Range comparison values.", - "properties": Object { - "gt": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "gte": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lt": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "lte": Object { - "description": "A value that can be a string, number, or boolean.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - }, - "type": "object", - }, - "startsWith": Object { - "description": "Starts-with comparison value.", - "type": Array [ - "string", - "number", - "boolean", - ], - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "field", - "steps", - ], - "title": "Filter condition", - "type": "object", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "eq": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field equals a value", - "label": "Field equals", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "neq": "\${2:value}", - }, - "description": "Check if field does not equal a value", - "label": "Field not equals", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "lt": "\${2:value}", - }, - "description": "Check if field is less than a value", - "label": "Field less than", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "lte": "\${2:value}", - }, - "description": "Check if field is less than or equal to a value", - "label": "Field less than or equal", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "gt": "\${2:value}", - }, - "description": "Check if field is greater than a value", - "label": "Field greater than", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "gte": "\${2:value}", - }, - "description": "Check if field is greater than or equal to a value", - "label": "Field greater than or equal", - }, - Object { - "body": Object { - "contains": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field contains a value", - "label": "Field contains", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "startsWith": "\${2:value}", - }, - "description": "Check if field starts with a value", - "label": "Field starts with", - }, - Object { - "body": Object { - "endsWith": "\${2:value}", - "field": "\${1:field.name}", - }, - "description": "Check if field ends with a value", - "label": "Field ends with", - }, - Object { - "body": Object { - "exists": true, - "field": "\${1:field.name}", - }, - "description": "Check if field exists", - "label": "Field exists", - }, - Object { - "body": Object { - "field": "\${1:field.name}", - "range": Object { - "gte": "\${2:minValue}", - "lte": "\${3:maxValue}", - }, - }, - "description": "Check if field is within a range", - "label": "Field range", - }, - ], - "description": "Compare a field value using operators like eq, neq, lt, gt, contains", - "properties": Object { - "exists": Object { - "description": "Indicates whether the field exists or not.", - "type": "boolean", - }, - "field": Object { - "description": "The document field to check.", - "minLength": 1, - "type": "string", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "field", - "steps", - ], - "title": "Filter condition", - "type": "object", - }, - ], - "description": "A basic filter condition, either unary or binary.", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "and": Array [ - Object { - "eq": "\${2:value1}", - "field": "\${1:field1.name}", - }, - Object { - "eq": "\${4:value2}", - "field": "\${3:field2.name}", - }, - ], - }, - "description": "Combine conditions with AND logic", - "label": "AND condition", - }, - ], - "description": "All conditions must be true", - "properties": Object { - "and": Object { - "description": "An array of conditions. All sub-conditions must be true for this condition to be true.", - "items": Object { - "$ref": "#/definitions/__schema1", - }, - "type": "array", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "and", - "steps", - ], - "title": "AND condition", - "type": "object", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "or": Array [ - Object { - "eq": "\${2:value1}", - "field": "\${1:field1.name}", - }, - Object { - "eq": "\${4:value2}", - "field": "\${3:field2.name}", - }, - ], - }, - "description": "Combine conditions with OR logic", - "label": "OR condition", - }, - ], - "description": "At least one condition must be true", - "properties": Object { - "or": Object { - "description": "An array of conditions. At least one sub-condition must be true for this condition to be true.", - "items": Object { - "$ref": "#/definitions/__schema1", - }, - "type": "array", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "or", - "steps", - ], - "title": "OR condition", - "type": "object", - }, - Object { - "additionalProperties": false, - "defaultSnippets": Array [ - Object { - "body": Object { - "not": Object { - "eq": "\${2:value}", - "field": "\${1:field.name}", - }, - }, - "description": "Negate a condition", - "label": "NOT condition", - }, - ], - "description": "Negate a condition", - "properties": Object { - "not": Object { - "allOf": Array [ - Object { - "$ref": "#/definitions/__schema1", - }, - ], - "description": "A condition that negates another condition.", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "not", - "steps", - ], - "title": "NOT condition", - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A condition that always evaluates to false.", - "properties": Object { - "never": Object { - "additionalProperties": false, - "description": "An empty object. This condition never matches.", - "properties": Object {}, - "type": "object", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "never", - "steps", - ], - "type": "object", - }, - Object { - "additionalProperties": false, - "description": "A condition that always evaluates to true. Useful for catch-all scenarios, but use with caution as partitions are ordered.", - "properties": Object { - "always": Object { - "additionalProperties": false, - "description": "An empty object. This condition always matches.", - "properties": Object {}, - "type": "object", - }, - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "always", - "steps", - ], - "type": "object", - }, - ], - "properties": Object { - "steps": Object { - "items": Object { - "$ref": "#/definitions/__schema0", - }, - "type": "array", - }, - }, - "required": Array [ - "steps", - ], - "type": "object", - }, - "customIdentifier": Object { - "type": "string", - }, - }, - "required": Array [ - "condition", - ], - "title": "Condition block", - "type": "object", + "$ref": "#/definitions/StreamlangConditionBlock", }, ], + "id": "StreamlangStep", }, "type": "array", }, diff --git a/x-pack/platform/packages/shared/kbn-streamlang/src/schema/get_json_schema_from_streamlang_schema.ts b/x-pack/platform/packages/shared/kbn-streamlang/src/schema/get_json_schema_from_streamlang_schema.ts index ed704e6077df0..f16ba395c4059 100644 --- a/x-pack/platform/packages/shared/kbn-streamlang/src/schema/get_json_schema_from_streamlang_schema.ts +++ b/x-pack/platform/packages/shared/kbn-streamlang/src/schema/get_json_schema_from_streamlang_schema.ts @@ -252,21 +252,45 @@ function enhanceStreamlangSchemaForEditor( return opt && typeof opt === 'object' && Array.isArray(opt.anyOf) && !props?.condition; }) as Record | undefined; - const conditionBlockSchema = stepOptions.find((option: unknown) => { - const opt = option as Record; - const props = opt?.properties as Record | undefined; - return opt && typeof opt === 'object' && props?.condition; - }) as Record | undefined; - - if (!actionUnionSchema || !conditionBlockSchema) { + if (!actionUnionSchema) { return; } - // Enhance action steps with metadata and aggregated action enum + // Enhance action steps with metadata and aggregated action enum. + // This also applies the stream-type filter (e.g. removing manual_ingest_pipeline + // for wired streams). Must run before the conditionBlockSchema check so that the + // filter always takes effect, even when the condition block is a $ref rather than + // an inline object (e.g. when streamlangStepSchema has .meta({ id }) and Zod v4 + // emits a $ref instead of inlining the schema). if (Array.isArray(actionUnionSchema.anyOf)) { enhanceActionSchema(actionUnionSchema, streamType); } + // Find the condition block — it may be an inline object (properties.condition) or a + // $ref that resolves to one (when streamlangConditionBlockSchema is a named component). + const conditionBlockRef = stepOptions.find((option: unknown) => { + const opt = option as Record; + const props = opt?.properties as Record | undefined; + if (props?.condition) { + return true; + } + if (typeof opt?.$ref === 'string') { + const resolved = resolveJsonPointer(schema, opt.$ref) as Record | undefined; + return !!(resolved?.properties as Record | undefined)?.condition; + } + return false; + }) as Record | undefined; + + // Resolve $ref to get the actual condition block schema object for mutation + const conditionBlockSchema = + conditionBlockRef && typeof conditionBlockRef.$ref === 'string' + ? (resolveJsonPointer(schema, conditionBlockRef.$ref) as Record | undefined) + : conditionBlockRef; + + if (!conditionBlockSchema) { + return; + } + // Enhance condition blocks with metadata and flattened condition property enhanceConditionBlockSchema(schema, conditionBlockSchema); } diff --git a/x-pack/platform/packages/shared/kbn-streamlang/types/conditions.ts b/x-pack/platform/packages/shared/kbn-streamlang/types/conditions.ts index 579e7c47e9558..fcf539f602d15 100644 --- a/x-pack/platform/packages/shared/kbn-streamlang/types/conditions.ts +++ b/x-pack/platform/packages/shared/kbn-streamlang/types/conditions.ts @@ -128,7 +128,8 @@ export type FilterCondition = ShorthandBinaryFilterCondition | ShorthandUnaryFil export const filterConditionSchema = z .union([shorthandBinaryFilterConditionSchema, shorthandUnaryFilterConditionSchema]) - .describe('A basic filter condition, either unary or binary.'); + .describe('A basic filter condition, either unary or binary.') + .meta({ id: 'FilterCondition' }); export interface AndCondition { and: Condition[]; @@ -171,7 +172,8 @@ export const conditionSchema: z.Schema = z ) .describe( 'The root condition object. It can be a simple filter or a combination of other conditions.' - ); + ) + .meta({ id: 'Condition' }); export const andConditionSchema = z .object({ diff --git a/x-pack/platform/packages/shared/kbn-streamlang/types/streamlang.ts b/x-pack/platform/packages/shared/kbn-streamlang/types/streamlang.ts index e2593745b851a..a097a61c25fb7 100644 --- a/x-pack/platform/packages/shared/kbn-streamlang/types/streamlang.ts +++ b/x-pack/platform/packages/shared/kbn-streamlang/types/streamlang.ts @@ -21,14 +21,16 @@ import type { StreamlangStepWithUIAttributes } from './ui'; export type StreamType = 'wired' | 'classic'; // Recursive schema for ConditionWithSteps -export const conditionWithStepsSchema: z.ZodType = z.lazy(() => - z.intersection( - conditionSchema, - z.object({ - steps: z.array(streamlangStepSchema), - }) +export const conditionWithStepsSchema: z.ZodType = z + .lazy(() => + z.intersection( + conditionSchema, + z.object({ + steps: z.array(streamlangStepSchema), + }) + ) ) -); + .meta({ id: 'ConditionWithSteps' }); export type ConditionWithSteps = Condition & { steps: StreamlangStep[] }; @@ -43,10 +45,12 @@ export interface StreamlangConditionBlock { /** * Zod schema for a condition block */ -export const streamlangConditionBlockSchema: z.ZodType = z.object({ - customIdentifier: z.string().optional(), - condition: conditionWithStepsSchema, -}); +export const streamlangConditionBlockSchema: z.ZodType = z + .object({ + customIdentifier: z.string().optional(), + condition: conditionWithStepsSchema, + }) + .meta({ id: 'StreamlangConditionBlock' }); export const isConditionBlockSchema = (obj: unknown): obj is StreamlangConditionBlock => { return isSchema(streamlangConditionBlockSchema, obj); @@ -67,9 +71,9 @@ export const isConditionBlock = (obj: unknown): obj is StreamlangConditionBlock * A step can be either a processor or a condition block (optionally recursive) */ export type StreamlangStep = StreamlangProcessorDefinition | StreamlangConditionBlock; -export const streamlangStepSchema: z.ZodType = z.lazy(() => - z.union([streamlangProcessorSchema, streamlangConditionBlockSchema]) -); +export const streamlangStepSchema: z.ZodType = z + .lazy(() => z.union([streamlangProcessorSchema, streamlangConditionBlockSchema])) + .meta({ id: 'StreamlangStep' }); export const isActionBlockSchema = (obj: unknown): obj is StreamlangProcessorDefinition => { return isSchema(streamlangProcessorSchema, obj); diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/fields/index.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/fields/index.ts index 01ad6ddb6546d..8af7c2573c955 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/fields/index.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/fields/index.ts @@ -85,26 +85,28 @@ export type FieldDefinitionConfigAdvancedParameters = Omit< 'type' | 'format' | 'description' >; -export const fieldDefinitionConfigSchema = z.intersection( - recursiveRecord, - z.union([ - z.object({ - type: z.enum(FIELD_DEFINITION_TYPES), - format: z.optional(NonEmptyString), - description: z.optional(z.string()), - }), - z.object({ - // Documentation-only override: require description and forbid type entirely - description: z.string(), - type: z.never().optional(), - format: z.never().optional(), - }), - z.object({ - type: z.literal('system'), - description: z.optional(z.string()), - }), - ]) -) as z.ZodType; +export const fieldDefinitionConfigSchema = ( + z.intersection( + recursiveRecord, + z.union([ + z.object({ + type: z.enum(FIELD_DEFINITION_TYPES), + format: z.optional(NonEmptyString), + description: z.optional(z.string()), + }), + z.object({ + // Documentation-only override: require description and forbid type entirely + description: z.string(), + type: z.never().optional(), + format: z.never().optional(), + }), + z.object({ + type: z.literal('system'), + description: z.optional(z.string()), + }), + ]) + ) as z.ZodType +).meta({ id: 'FieldDefinitionConfig' }); export interface FieldDefinition { [x: string]: FieldDefinitionConfig; @@ -136,10 +138,9 @@ export function isMappingProperties(value: FieldDefinition): value is StreamsMap return Object.values(value).every((prop) => Boolean(prop.type) && prop.type !== 'system'); } -export const fieldDefinitionSchema: z.Schema = z.record( - z.string(), - fieldDefinitionConfigSchema -); +export const fieldDefinitionSchema: z.Schema = z + .record(z.string(), fieldDefinitionConfigSchema) + .meta({ id: 'FieldDefinition' }); /** * Schema for classic stream field overrides. @@ -157,29 +158,30 @@ export type ClassicFieldDefinitionConfig = description?: string; }; -export const classicFieldDefinitionConfigSchema = z.intersection( - recursiveRecord, - z.union([ - z.object({ - type: z.enum(FIELD_DEFINITION_TYPES), - format: z.optional(NonEmptyString), - description: z.optional(z.string()), - }), - z.object({ - type: z.literal('system'), - description: z.optional(z.string()), - }), - ]) -) as z.ZodType; +export const classicFieldDefinitionConfigSchema = ( + z.intersection( + recursiveRecord, + z.union([ + z.object({ + type: z.enum(FIELD_DEFINITION_TYPES), + format: z.optional(NonEmptyString), + description: z.optional(z.string()), + }), + z.object({ + type: z.literal('system'), + description: z.optional(z.string()), + }), + ]) + ) as z.ZodType +).meta({ id: 'ClassicFieldDefinitionConfig' }); export interface ClassicFieldDefinition { [x: string]: ClassicFieldDefinitionConfig; } -export const classicFieldDefinitionSchema: z.Schema = z.record( - z.string(), - classicFieldDefinitionConfigSchema -); +export const classicFieldDefinitionSchema: z.Schema = z + .record(z.string(), classicFieldDefinitionConfigSchema) + .meta({ id: 'ClassicFieldDefinition' }); export type InheritedFieldDefinitionConfig = FieldDefinitionConfig & { from: string; @@ -190,16 +192,18 @@ export interface InheritedFieldDefinition { [x: string]: InheritedFieldDefinitionConfig; } -export const inheritedFieldDefinitionSchema: z.Schema = z.record( - z.string(), - z.intersection( - fieldDefinitionConfigSchema, - z.object({ - from: NonEmptyString, - alias_for: z.optional(NonEmptyString), - }) +export const inheritedFieldDefinitionSchema: z.Schema = z + .record( + z.string(), + z.intersection( + fieldDefinitionConfigSchema, + z.object({ + from: NonEmptyString, + alias_for: z.optional(NonEmptyString), + }) + ) ) -); + .meta({ id: 'InheritedFieldDefinition' }); export type NamedFieldDefinitionConfig = FieldDefinitionConfig & { name: string; diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/classic.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/classic.ts index 71138d707eaff..d0d6722bd6f62 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/classic.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/classic.ts @@ -115,21 +115,25 @@ const classicStreamDefinitionSchema = ingestBaseStreamDefinitionSchema }) .meta({ id: 'ClassicStreamDefinition' }); -const classicStreamGetResponseSchema = ingestBaseStreamGetResponseSchema.extend({ - stream: classicStreamDefinitionSchema, - elasticsearch_assets: z.optional(elasticsearchAssetsSchema), - data_stream_exists: z.boolean(), - effective_lifecycle: classicIngestStreamEffectiveLifecycleSchema, - effective_settings: ingestStreamSettingsSchema, - effective_failure_store: effectiveFailureStoreSchema, -}); +const classicStreamGetResponseSchema = ingestBaseStreamGetResponseSchema + .extend({ + stream: classicStreamDefinitionSchema, + elasticsearch_assets: z.optional(elasticsearchAssetsSchema), + data_stream_exists: z.boolean(), + effective_lifecycle: classicIngestStreamEffectiveLifecycleSchema, + effective_settings: ingestStreamSettingsSchema, + effective_failure_store: effectiveFailureStoreSchema, + }) + .meta({ id: 'ClassicStreamGetResponse' }); -const classicStreamUpsertRequestSchema = ingestBaseStreamUpsertRequestSchema.extend({ - stream: ingestBaseStreamUpsertDefinitionSchema.extend({ - type: z.literal('classic'), - ingest: classicIngestUpsertSchemaObject, - }), -}); +const classicStreamUpsertRequestSchema = ingestBaseStreamUpsertRequestSchema + .extend({ + stream: ingestBaseStreamUpsertDefinitionSchema.extend({ + type: z.literal('classic'), + ingest: classicIngestUpsertSchemaObject, + }), + }) + .meta({ id: 'ClassicStreamUpsertRequest' }); export const ClassicStream: { Definition: Validation; diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/failure_store/index.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/failure_store/index.ts index c8d63e93a0bc0..ef8f8310da801 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/failure_store/index.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/failure_store/index.ts @@ -80,26 +80,27 @@ const effectiveWithLifecycleFailureStoreSchema: z.Schema = z.union([ - effectiveWithLifecycleFailureStoreSchema, - enabledWithoutLifecycleFailureStoreSchema, -]); - -export const effectiveFailureStoreSchema: z.Schema = z.union([ - effectiveEnabledFailureStoreSchema, - disabledFailureStoreSchema, -]); +export const effectiveFailureStoreSchema: z.Schema = z + .union([ + effectiveWithLifecycleFailureStoreSchema, + enabledWithoutLifecycleFailureStoreSchema, + disabledFailureStoreSchema, + ]) + .meta({ id: 'EffectiveFailureStore' }); export const enabledFailureStoreSchema: z.Schema = z.union([ enabledWithLifecycleFailureStoreSchema, enabledWithoutLifecycleFailureStoreSchema, ]); -export const failureStoreSchema: z.Schema = z.union([ - inheritFailureStoreSchema, - disabledFailureStoreSchema, - enabledFailureStoreSchema, -]); +export const failureStoreSchema: z.Schema = z + .union([ + inheritFailureStoreSchema, + disabledFailureStoreSchema, + enabledWithLifecycleFailureStoreSchema, + enabledWithoutLifecycleFailureStoreSchema, + ]) + .meta({ id: 'FailureStore' }); export const failureStoreStatsSchema: z.Schema = z.object({ size: z.number().min(0).optional(), @@ -134,7 +135,8 @@ export const isEnabledFailureStore = ( ): input is FailureStoreEnabled | EffectiveFailureStoreEnabled => { return ( isSchema(enabledFailureStoreSchema, input) || - isSchema(effectiveEnabledFailureStoreSchema, input) + isSchema(effectiveWithLifecycleFailureStoreSchema, input) || + isSchema(enabledWithoutLifecycleFailureStoreSchema, input) ); }; diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/lifecycle/index.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/lifecycle/index.ts index 677a3b27a6c92..3dd3aeed6d2e6 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/lifecycle/index.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/lifecycle/index.ts @@ -84,20 +84,28 @@ const errorLifecycleSchema = z.object({ }), }); -export const ingestStreamLifecycleSchema: z.Schema = z.union([ - dslLifecycleSchema, - ilmLifecycleSchema, - inheritLifecycleSchema, -]); +export const ingestStreamLifecycleSchema: z.Schema = z + .union([dslLifecycleSchema, ilmLifecycleSchema, inheritLifecycleSchema]) + .meta({ id: 'IngestStreamLifecycle' }); export const classicIngestStreamEffectiveLifecycleSchema: z.Schema = - z.union([ingestStreamLifecycleSchema, disabledLifecycleSchema, errorLifecycleSchema]); + z + .union([ + dslLifecycleSchema, + ilmLifecycleSchema, + inheritLifecycleSchema, + disabledLifecycleSchema, + errorLifecycleSchema, + ]) + .meta({ id: 'ClassicIngestStreamEffectiveLifecycle' }); export const wiredIngestStreamEffectiveLifecycleSchema: z.Schema = - z.union([ - dslLifecycleSchema.extend({ from: NonEmptyString }), - ilmLifecycleSchema.extend({ from: NonEmptyString }), - ]); + z + .union([ + dslLifecycleSchema.extend({ from: NonEmptyString }), + ilmLifecycleSchema.extend({ from: NonEmptyString }), + ]) + .meta({ id: 'WiredIngestStreamEffectiveLifecycle' }); export const ingestStreamEffectiveLifecycleSchema: z.Schema = z.union([classicIngestStreamEffectiveLifecycleSchema, wiredIngestStreamEffectiveLifecycleSchema]); diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/wired.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/wired.ts index cfba934a74993..9c40f0194d701 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/wired.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/ingest/wired.ts @@ -123,21 +123,25 @@ const wiredStreamDefinitionSchema = ingestBaseStreamDefinitionSchema }) .meta({ id: 'WiredStreamDefinition' }); -const wiredStreamGetResponseSchema = ingestBaseStreamGetResponseSchema.extend({ - stream: wiredStreamDefinitionSchema, - data_stream_exists: z.boolean(), - inherited_fields: inheritedFieldDefinitionSchema, - effective_lifecycle: wiredIngestStreamEffectiveLifecycleSchema, - effective_settings: wiredIngestStreamEffectiveSettingsSchema, - effective_failure_store: wiredIngestStreamEffectiveFailureStoreSchema, -}); +const wiredStreamGetResponseSchema = ingestBaseStreamGetResponseSchema + .extend({ + stream: wiredStreamDefinitionSchema, + data_stream_exists: z.boolean(), + inherited_fields: inheritedFieldDefinitionSchema, + effective_lifecycle: wiredIngestStreamEffectiveLifecycleSchema, + effective_settings: wiredIngestStreamEffectiveSettingsSchema, + effective_failure_store: wiredIngestStreamEffectiveFailureStoreSchema, + }) + .meta({ id: 'WiredStreamGetResponse' }); -const wiredStreamUpsertRequestSchema = ingestBaseStreamUpsertRequestSchema.extend({ - stream: ingestBaseStreamUpsertDefinitionSchema.extend({ - type: z.literal('wired'), - ingest: wiredIngestUpsertSchemaObject, - }), -}); +const wiredStreamUpsertRequestSchema = ingestBaseStreamUpsertRequestSchema + .extend({ + stream: ingestBaseStreamUpsertDefinitionSchema.extend({ + type: z.literal('wired'), + ingest: wiredIngestUpsertSchemaObject, + }), + }) + .meta({ id: 'WiredStreamUpsertRequest' }); export const WiredStream: { Definition: Validation; diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/query/index.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/query/index.ts index d1e3d4f366d2d..b9536d64fe13b 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/query/index.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/query/index.ts @@ -79,17 +79,21 @@ const queryStreamDefinitionSchema = baseStreamDefinitionSchema }) .meta({ id: 'QueryStreamDefinition' }); -const queryStreamGetResponseSchema = baseStreamGetResponseSchema.extend({ - stream: queryStreamDefinitionSchema, - inherited_fields: inheritedFieldDefinitionSchema, -}); +const queryStreamGetResponseSchema = baseStreamGetResponseSchema + .extend({ + stream: queryStreamDefinitionSchema, + inherited_fields: inheritedFieldDefinitionSchema, + }) + .meta({ id: 'QueryStreamGetResponse' }); -const queryStreamUpsertRequestSchema = baseStreamUpsertRequestSchema.extend({ - stream: baseStreamUpsertDefinitionSchema.extend({ - type: z.literal('query'), - query: QueryWithEsql.right, - }), -}); +const queryStreamUpsertRequestSchema = baseStreamUpsertRequestSchema + .extend({ + stream: baseStreamUpsertDefinitionSchema.extend({ + type: z.literal('query'), + query: QueryWithEsql.right, + }), + }) + .meta({ id: 'QueryStreamUpsertRequest' }); export const QueryStream: { Definition: Validation; diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/streams.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/streams.ts index ff83d1c5afadf..8cdc562853a51 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/models/streams.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/models/streams.ts @@ -41,16 +41,20 @@ export namespace Streams { nClassicStream.Source.right, nQueryStream.Source.right, ]); - const allGetResponseSchema = z.union([ - nWiredStream.GetResponse.right, - nClassicStream.GetResponse.right, - nQueryStream.GetResponse.right, - ]); - const allUpsertRequestSchema = z.union([ - nWiredStream.UpsertRequest.right, - nClassicStream.UpsertRequest.right, - nQueryStream.UpsertRequest.right, - ]); + const allGetResponseSchema = z + .union([ + nWiredStream.GetResponse.right, + nClassicStream.GetResponse.right, + nQueryStream.GetResponse.right, + ]) + .meta({ id: 'StreamGetResponse' }); + const allUpsertRequestSchema = z + .union([ + nWiredStream.UpsertRequest.right, + nClassicStream.UpsertRequest.right, + nQueryStream.UpsertRequest.right, + ]) + .meta({ id: 'StreamUpsertRequest' }); export const all: { Definition: Validation; @@ -83,9 +87,9 @@ Streams.ClassicStream = nClassicStream; Streams.QueryStream = nQueryStream; /** - * Flat Zod union of all three stream definition schemas, discriminated by the - * `type` literal field. Registered as a named OAS component (`StreamDefinition`) - * with a `discriminator` extension so code generators can produce properly typed + * Union of all three stream definition schemas, discriminated by the `type` + * literal field. Registered as a named OAS component (`StreamDefinition`) with + * a `discriminator` extension so code generators can produce properly typed * sealed-class / tagged-union structs. */ export const streamDefinitionSchema = z diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/oas_definitions.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/oas_definitions.ts index bf7c5edff3ed7..163aab4f46392 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/oas_definitions.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/oas_definitions.ts @@ -16,34 +16,72 @@ import { WiredStream } from './models/ingest/wired'; import { ClassicStream, ClassicIngest } from './models/ingest/classic'; import { WiredIngest } from './models/ingest/wired'; import { QueryStream } from './models/query'; -import { streamDefinitionSchema } from './models/streams'; -import { fieldDefinitionSchema } from './fields'; +import { streamDefinitionSchema, Streams } from './models/streams'; +import { + fieldDefinitionSchema, + fieldDefinitionConfigSchema, + classicFieldDefinitionSchema, + classicFieldDefinitionConfigSchema, + inheritedFieldDefinitionSchema, +} from './fields'; import { routingDefinitionSchema } from './models/ingest/routing'; -import { ingestStreamLifecycleSchema } from './models/ingest/lifecycle'; +import { + ingestStreamLifecycleSchema, + classicIngestStreamEffectiveLifecycleSchema, + wiredIngestStreamEffectiveLifecycleSchema, +} from './models/ingest/lifecycle'; +import { effectiveFailureStoreSchema, failureStoreSchema } from './models/ingest/failure_store'; export const streamsOasDefinitions = { /** - * Top-level discriminated union of all stream definition variants. - * Registered with a `discriminator` extension so OAS code generators can - * produce typed structs without inspecting nested properties. + * Top-level union of all stream definition variants, with an explicit OAS + * discriminator on `type`. .meta({ id: 'StreamDefinition', openapi: { discriminator } }) + * is applied at definition time in models/streams.ts. */ StreamDefinition: streamDefinitionSchema, // Individual stream definition variants + // .meta({ id }) applied at definition time in their respective files WiredStreamDefinition: WiredStream.Definition.right, ClassicStreamDefinition: ClassicStream.Definition.right, QueryStreamDefinition: QueryStream.Definition.right, + // Get response union and variants + // .meta({ id }) applied at definition time in their respective files + StreamGetResponse: Streams.all.GetResponse.right, + WiredStreamGetResponse: WiredStream.GetResponse.right, + ClassicStreamGetResponse: ClassicStream.GetResponse.right, + QueryStreamGetResponse: QueryStream.GetResponse.right, + + // Upsert request union and variants + // .meta({ id }) applied at definition time in their respective files + StreamUpsertRequest: Streams.all.UpsertRequest.right, + WiredStreamUpsertRequest: WiredStream.UpsertRequest.right, + ClassicStreamUpsertRequest: ClassicStream.UpsertRequest.right, + QueryStreamUpsertRequest: QueryStream.UpsertRequest.right, + // Ingest configs WiredIngest: WiredIngest.right, ClassicIngest: ClassicIngest.right, // Fields & routing FieldDefinition: fieldDefinitionSchema, + FieldDefinitionConfig: fieldDefinitionConfigSchema, + ClassicFieldDefinition: classicFieldDefinitionSchema, + ClassicFieldDefinitionConfig: classicFieldDefinitionConfigSchema, + InheritedFieldDefinition: inheritedFieldDefinitionSchema, RoutingDefinition: routingDefinitionSchema, // Lifecycle + // .meta({ id }) applied at definition time in lifecycle/index.ts IngestStreamLifecycle: ingestStreamLifecycleSchema, + ClassicIngestStreamEffectiveLifecycle: classicIngestStreamEffectiveLifecycleSchema, + WiredIngestStreamEffectiveLifecycle: wiredIngestStreamEffectiveLifecycleSchema, + + // Failure store + // .meta({ id }) applied at definition time in failure_store/index.ts + FailureStore: failureStoreSchema, + EffectiveFailureStore: effectiveFailureStoreSchema, } as const; export type StreamsOasDefinitions = typeof streamsOasDefinitions; diff --git a/x-pack/platform/packages/shared/kbn-streams-schema/src/shared/record_types.ts b/x-pack/platform/packages/shared/kbn-streams-schema/src/shared/record_types.ts index 135a07bc14adf..737be4d2e8df8 100644 --- a/x-pack/platform/packages/shared/kbn-streams-schema/src/shared/record_types.ts +++ b/x-pack/platform/packages/shared/kbn-streams-schema/src/shared/record_types.ts @@ -21,12 +21,14 @@ export interface RecursiveRecord { [key: PropertyKey]: Primitive | Primitive[] | unknown[] | RecursiveRecord; } -export const recursiveRecord: z.ZodType = z.lazy(() => - z.record( - z.string(), - z.union([primitive, z.array(primitive), z.array(z.unknown()), recursiveRecord]) +export const recursiveRecord: z.ZodType = z + .lazy(() => + z.record( + z.string(), + z.union([primitive, z.array(primitive), z.array(z.unknown()), recursiveRecord]) + ) ) -); + .meta({ id: 'RecursiveRecord' }); export type FlattenRecord = Record;