# Export detection rules

**POST /api/detection_engine/rules/_export**

Export detection rules to an `.ndjson` file. The following configuration items are also included in the `.ndjson` file:
- Actions
- Exception lists
> info
> Rule actions and connectors are included in the exported file, but sensitive information about the connector (such as authentication credentials) is not included. You must re-add missing connector details after importing detection rules.

> You can use Kibana’s [Saved Objects](https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html) UI (Stack Management → Kibana → Saved Objects) or the Saved Objects APIs (experimental) to [export](https://www.elastic.co/docs/api/doc/kibana/operation/operation-exportsavedobjectsdefault) and [import](https://www.elastic.co/docs/api/doc/kibana/operation/operation-importsavedobjectsdefault) any necessary connectors before importing detection rules.

> Similarly, any value lists used for rule exceptions are not included in rule exports or imports. Use the [Manage value lists](https://www.elastic.co/guide/en/security/current/value-lists-exceptions.html#manage-value-lists) UI (Rules → Detection rules (SIEM) → Manage value lists) to export and import value lists separately.



## Servers
- http://localhost:5601: http://localhost:5601 ()


## Authentication methods
- Basic auth


## Parameters


### Query parameters
- **exclude_export_details** (boolean)
  Determines whether a summary of the exported rules is returned.
- **file_name** (string)
  File name for saving the exported rules.
  > info
  > When using cURL to export rules to a file, use the -O and -J options to save the rules to the file name specified in the URL.

### Body: application/json (object | null)

- **objects** (array[object])
  Array of `rule_id` fields. Exports all rules when unspecified.


## Responses
### 200
Indicates a successful call.

#### Body: application/ndjson (string(binary))
string(binary)

[Powered by Bump.sh](https://bump.sh)